AVP II, Technology Risk and Controls – IT Regulatory

Posted:
8/11/2024, 5:00:00 PM

Location(s):
Houston, Texas, United States ⋅ Texas, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Workplace Type:
On-site

Who we are

Corebridge Financial helps people make some of the most meaningful decisions they’re ever going to make. We help them plan and take action to protect the future they envision, and respond to some of life’s most difficult moments through the solutions and services we provide. We do this through our broad portfolio of life insurance, retirement, and institutional products, offered through an extensive, multichannel distribution network. We provide solutions for a brighter future through our client centered service, breadth of product expertise, deep distribution relationships, and outstanding team of hardworking and passionate employees.

About the role

As an Assistant Vice President II,  you will provide the knowledge and subject matter expertise required to help drive the strategic growth of the Technology Risk & Controls team. A successful candidate will be expected to provide oversight to regulatory and independent assessment related activities to ensure a proper and effective management on the Regulatory and Independent Assessment processes. In collaboration with the team leaders, facilitate and support the periodical on-site examination and assessment exercise conducted by the regulators and independent assessors. Perform cyber security / privacy related assessments to determine compliance to specific laws and regulations.  Demonstrate and articulates strong technology governance and oversight on outsourcing vendors. Lead the remediation plans of specific gaps identified by First, Second and Third Line of Defense through the control assessment and sample testing. Maintain action tracker to ensure that all identified technology actions are tracked through to closure, risks are being adequately managed and escalating actions that constitute risk.

  • Develops strong relationships and interacts with IT Teams, Business Functions, Operational Risk Management, Internal Audit, and Legal, Compliance, Privacy teams to coordinate and execute required compliance assessment activities.
  • Provide subject matter expertise in technology, Cyber and Data Privacy Regulation and risk management to all stakeholders (IT and Non-IT partners).
  • Analyzes and identifies technology scope coverage, executes current-state assessments and control testing against technology compliance requirements.
  • Evaluates and documents effectiveness of assessment results, outlines mitigation controls and action plans for timely remediation of identified risk areas.
  • Prepare reports and present to relevant parties to keep them informed.
  • Develops executive-level risk presentations to describe program approach and status, and consults on key technology risks.
  • Responds to questions from internal stakeholders regarding implementation of Technology Risk measures and assists with accurate control implementation.

Please note: The job can only be performed in the State location listed: Houston, TX,

Basic Qualification

  • Bachelor’s degree in Information Technology, Business Administration, or related fields.
  • 6+ years of relevant industry experience in regulatory compliance, information security, risk assessments and management, cybersecurity, data privacy, audit, or related client services or consulting experience.
  • Technical knowledge and familiarity with information security standards and control processes across various industry frameworks, such as NIST, ISO, FFIEC, COBIT, CIS, SOX, SOC 1 & 2 etc.

Job Requirements

Understanding of information technology and governance, regulatory compliance, and best practices across the industry as well as project management principles.

  • Organized self-starter with the ability to think critically, highly detail-orientated, works independently and executes simultaneously on multiple technology compliance deliverables across the organization.
  • Establishes credibility and maintains strong working relationships with stakeholders involved to resolve technology compliance matters (IT, Business, Legal, Internal Audit etc.).
  • Coordinates collection and review of deliverables for internal regulatory assessments and external regulatory exams, reviews, and audits.
  • Performs internal technology compliance reviews including coordination efforts, facilitation of documentation requests and gathering, and analysis of policies, standards, and procedures.
  • Reviews information security controls that are technical in nature, such as application security, access controls, data encryption in transit and at rest, logging, and monitoring etc.
  • Delivers recommendations and risk interpretations in a clear, concise, and audience-specific manner.
  • Partners with management to develop action plans and remediate identified control deficiencies across a wide variety of functions, systems, and applications.
  • Maintains regular communication with the responsible owners to track on-going remediation efforts for existing control gaps, helping to drive remediation efforts to completion.
  • Builds enhanced reporting capabilities and understands metrics development.
  • Strong problem solving and program execution skills. Ability to prioritize and drive difficult decisions among stakeholders.
  • Ability to solve risk issues that span legal, compliance and regulatory obligations across various lines of business and shared service areas of the organization.
  • Strong interpersonal and oral/written communication skills, able to build relationships with people at all levels. Experience developing and delivering management presentations. 
  • Ability to train less experienced staff and offshore personnel, providing supervision and review of completed work product. 
  • Supports data automation and ad-hoc data analysis requests.

Preferred Skills

  • Understands requirement set forth in the New York Department of Financial Services (NYDFS) Cybersecurity Regulation, Insurance Data Security Act, California Consumer Privacy Act (CCPA) etc.
  • Advanced MS Excel formulas and strong PowerPoint presentation skills.
  • Advanced automation and data analytics tool experience utilizing Power Automate, Power Apps/MS Power BI, MS Forms, Tableau, Qlik Sense etc.
  • Experience with Archer GRC.
  • Project Management and Agile experience/certifications a plus.

What our employees like most about working for Corebridge Financial

  • We care about your professional development. Our career progression program will provide you with the opportunity to develop your skills, strengthen your productivity and be eligible to progressively advance to positions with an increased responsibility and increased compensation. 
  • Our “Giving Back” policy is at the core of our daily operations and guides our future progress. Don’t believe us?  We put our money where our mouth is! Corebridge Financial will give you up to 16 hours a year paid time off to volunteer in the community.
  • Our people are our most important asset therefore we provide a generous benefits plan and competitive pay. Benefit package includes:
  • Paid Time Off (Corebridge Financial recognizes the importance of work life balance). We offer 24 PTO days to start. YES, 24! 17 paid holidays per calendar year. 
  • A 401(k) Retirement Plan which will be HARD TO BEAT. Our 401K - $1 for $1 match up to 6% with immediate vesting, plus Corebridge Financial automatically contributes an additional 3% into your 401K regardless of if you enroll or not.

#LI-SAFG  #LI-CW1

#LI-Hybrid

We are an Equal Opportunity Employer

Corebridge Financial, Inc., its subsidiaries and affiliates are committed to be an Equal Opportunity Employer and its policies and procedures reflect this commitment. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories such as sexual orientation. At Corebridge Financial, we believe that diversity and inclusion are critical to our future and our mission – creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives.

To learn more please visit: www.corebridgefinancial.com

Corebridge Financial is committed to working with and providing reasonable accommodations to job applicants and employees with physical or mental disabilities.  If you believe you need a reasonable accommodation in order to search for a job opening or to complete any part of the application or hiring process, please send an email to [email protected].   Reasonable accommodations will be determined on a case-by-case basis.

Functional Area:

IT - Information Technology

Estimated Travel Percentage (%): No Travel

Relocation Provided: No

American General Life Insurance Company

CoreBridge Financial Services

Website: https://corebridgefinancial.com/

Headquarter Location: Houston, Texas, United States

Employee Count: 10001+

Year Founded: 1957

IPO Status: Public

Last Funding Type: Post-IPO Secondary

Industries: Financial Services ⋅ Insurance ⋅ Life Insurance