BE PART OF A BANK LIKE NO OTHER.

When you work with the world's most innovative companies, you know you're making a difference.

Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.

They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.

Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.

Job Description

Director, 1st LOD Technology Risk Management

The Directorof 1st LOD Technology Risk will be responsible for driving consistent implementation of 1st LOD technology risk management across various technology functions; drive awareness, risk accountability and risk culture throughout the company and provide deep risk management and subject matter expertise/specialist knowledge to advise 1st LOD accountable leaders.

As this position will support multiple technology leaders and teams, versatility is key. TheDirectorof 1st LOD Technology Risk will require knowledge of application development practices as well as applicable laws, regulations, and industry frameworks. An understanding of how technology enables the bank to be successful is critical. The successful candidate will play an important role in the support, consultation, facilitation, and review of technology risk management-related topics. Being able to "connect the dots" between related teams and workflows will be paramount to achieving success in this role.

The essential functions and key responsibilities of the Directorof 1st LOD Technology Risk includes the following areas:

• Enable technology risk management across the 1st LOD while supporting Second Line of Defense and Third Line of Defense functions (ERM, Internal Audit and SOX)


• Lead various risk management activities for the IT Systems and Processes that support multiple Technology Functions at SVB. Primary responsibilities will be to identify, manage and report on risks related to IT systems/processes aligned to various Technology Functions.


• Horizontal Relationships: Build effective relationships with various Business Lines within Technology, IT management and staff, as well as external stakeholders in Security, Compliance, Enterprise Risk Management, and Internal Audit. Broaden and deepen knowledge of the business and environment of IT with respect to the delivery of projects, strategic initiatives and systems portfolio to effectively assist IT managers and staff with risk and compliance management.


• Audit Coordination & Action Plan Development: Oversee Management Action Plans for various Technology Functions. Ensure overall IT compliance with regulatory requirements including SOX, GLBA and PCI through proactive planning and communication, ownership and relationships.


• SOX Coordination: Oversee various SOX activities across Technology Functions. Sox activities include quarterly SOX walkthroughs, SOX control testing, IPE Co-ordination with the business.


• IT Risk Self-Assessments: Conduct information technology risk self-assessments to identify gaps and make sound recommendations for improvement. Identify acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk mitigation. Tracking and reporting the status of management action plans for the deficiencies identified through IT risk self-assessments, control self-testing, security assessments, and internal / external audits. Interpreting regulatory requirements into actionable internal IT controls and validating compliance with these requirements.


• Active Action Plan Monitoring: Track mitigation steps (from self-assessments, exams, audits etc.) and ensure that risks are remediated appropriately and in a timely manner. Ensure all risks are logged in the appropriate GRC tool and actively tracked and managed.


• Assist with the identification and tracking of issues pertaining to specific technology processes


• Assist in providing 1st LOD business stakeholders with advisory support, consultation, facilitation, and review on risk management related topics including:
  
  
  • Risk identification and scoring
  
  
  • Control design, identification, and assessment
  
  
  • Gap/issue identification, monitoring, mitigation planning and closure
  
  
  
  


• Advise 1st LOD stakeholder by considering internal and/or external factors (e.g., control testing results, compliance testing results, risk program reports, operational risk events, customer complaints , external events, Internal audit finding, and supervisory reports)


• Advise 1st LOD business stakeholders on how to incorporate risk management processes into policies, operating procedures, and standards


• Work with the 1st LOD business stakeholders, the CISO, technology leaders and other stakeholders to support inclusion, dialogue and decision making on key risks


• Collaborate with 1st LOD and 2nd LOD leaders on overall risk identification and control environment health results


• Provide technology specific inputs to coordinate the Global Services Steering Committee


• Provide coordination and reporting on project status to technology committees


• Support alignment of the TRM strategy with the CCO, ERM, and CIO to factor technology and cybersecurity risk into strategic decision making


• Manages a team of 2-4 direct resources

• 10+ years of related technology risk management experiencein either IT or Audit with focus on IT. Previous line management experience. Specialization in one or more of the following areas: IT Governance, IT Strategic Planning, Metrics and Performance Measurement, IT Risk, IT Compliance, IT Policies, IT Project Management a plus. Ability to communicate verbally and in written form with all levels up to and including Senior Executives.


• Leads and coordinates across Technology organization. Interfaces with enterprise-level stakeholders including C-level executives such as: Corporate Compliance, Regulatory Relations, SOX Office, Enterprise-wide Risk Management, Internal and External Auditors, Security Office. External interfaces include auditors and regulatory agencies.


• Strong communications and interpersonal skills; demonstrated ability to quickly build trust and relationships, manage matrixed teams, bridge communication gaps, resolve conflicts, and influence stakeholders at all levels (including executives)


• Team Leadership - Experienced in people management, assessing team performance and morale, and driving necessary actions to improve both; Able to develop and foster collaborative teamwork and facilitate team dynamics


• Strong technical aptitude and ability to quickly learn new products, lines of business, processes, software, systems, and client needs


• Effective risk management skills and ability to predict and mitigate risks and issues, as well as anticipating and proactively preparing for changes and impacts to clients and SVB's business


• Polished diplomacy, active listening, persuasiveness, and presentation skills to evangelize new products or changes and gain buy-in, consensus, and cooperation in the face of conflicting viewpoints, resistance to change, constraints, etc.


• Skilled in people management, building relationships and navigating through organizations; Able to build a sense of trust and rapport that creates a comfortable & effective workplace


• Critical-thinking, business analysis, and process engineering skills to manage, contribute to, and foresee pitfalls in process-related deliverables


• Excellent project management skills and the ability to motivate teams and drive performance


• Strong interpersonal skills, with evidence of working in collaboration across large, complex organizations, including effective influencing skills, a proactive and 'no surprises' approach in communicating issues/requests

BA in related field; Masters in Business (MBA) or related field preferred. CGEIT, CRISC, CISA certifications strongly preferred.

© 2021 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license. Silicon Valley Bank is a member of the FDIC and the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group (Nasdaq: SIVB).

Equal Employment Opportunity

Silicon Valley Bank is an equal opportunity employer and is dedicated to expanding its commitments and investments to create a more diverse, equitable and inclusive company culture and innovation ecosystem. We are strongly committed to the values and policy of equal employment opportunity across our employment practices.

Silicon Valley Bank is registered in England and Wales at Alphabeta, 14-18 Finsbury Square, London EC2A 1BR, UK under No. FC029579. Silicon Valley Bank is authorised and regulated by the California Department of Business Oversight and the United States Federal Reserve Bank; authorised by the Prudential Regulation Authority with number 577295; and subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of our regulation by the Prudential Regulation Authority are available from us on request.