associate director risk management
Detail de l'annonce :
Imagine what we can DEVELOP with you
True leaders are always learning. Moody’s is home to information
architects, thinkers, builders, and passionate problem solvers, a
collection of diverse viewpoints working together to bring out our
best. Join us. Forward Together.
Moody’s (NYSE: MCO) is a global integrated risk assessment firm
that empowers organizations to make better decisions. Our data,
analytical solutions and insights help decision-makers identify
opportunities and manage the risks of doing business with others. We
believe that greater transparency, more informed decisions, and fair
access to information open the door to shared progress. With over
11,000 employees in more than 40 countries, Moody’s combines
international presence with local expertise and over a century of
experience in financial markets. Learn more at moodys.com.
At Moody’s, we’re taking action. We’re hiring diverse talent and
providing underrepresented groups with equitable opportunities in
their careers. We’re educating, empowering and elevating our people,
and creating a workplace where each person can be their true selves,
reach their full potential and thrive on every level. Learn more about
our DE&I initiatives, employee development programs and view our
annual DE&I Report at moodys.com/diversity
Moody’s Analytics provides financial intelligence and analytical
tools supporting our clients’ growth, efficiency and risk management
objectives. The combination of our unparalleled expertise in risk,
expansive information resources, and innovative application of
technology, helps today’s business leaders confidently navigate an
evolving marketplace.
Department
Moody’s Analytics provides Risk, Finance and Lending solutions to
the Banking Industry. We deploy globally these solutions as SaaS to
Financial Institutions.
Role/Responsibilities
As an expert in our Risk Management team, you will be contributing to
a global team in charge of sales enablement on Cloud Security topics
and guiding our product teams in the certifications of our SaaS
solutions.
The position is based in Europe, and the focus will be primarily on
the European, Middle East, African, and APAC regions where our
customer base is expanding. Furthermore, you will interact directly
with our product teams based in France. You will be the link between
our EMEA & APAC operations and the rest of the team located in
America.
In general, you will be expected to assist in performing project tasks
such as:
SALES ENABLEMENT AND CONTROLS ASSURANCE
* Be a trusted partner for Moody’s sales teams. Plan, coordinate,
and develop materials for, and deliver risk and controls training
related to MA products to enable Sales to address customer product
inquiries(security, data protection, certifications, and compliance)
and concerns faster and more accurately.
* Support the SOC compliance program for Moody’s Analytics
products by providing subject matter expertise, documenting controls
and control gaps, and identifying and acting on process improvement
opportunities to improve program efficiency.
* Assessing our customers security requirements in comparison to our
standard Service Level Agreements and adapt the sales pitch and
contractual commitment consequently. Those discussions will be done
jointly with Sales, Product Management and Legal departments. Work
with customers to complete their annual vendor third-party risk
reviews of Moody’s products and services.
* Assisting customers with their audit and security requirements
through various Requests for Information and participating in customer
meetings to manage audit expectations.
ENTERPRISE RISK MANAGEMENT
* Work with the enterprise risk management team to support ERM
reporting to senior business management and Moody’s Board of
Directors. Partner with risk owners to assess risk impact, and develop
and track mitigation plans.
CYBER AND DATA RISK PROGRAM MANAGEMENT AND COORDINATION
* Work with the Moody’s Information Risk and Security to ensure
cross-organizational participation and communication across program
work streams. Collaborate with Information Risk to drive working group
for on-going communications and awareness activities related to cyber
risk.
* Provide subject matter expertise on personal data risk, data
privacy, and data protection.
* Manage risk identification and drive remediation project
activities. A key focus area is the continued maturation of controls
and processes around sensitive data, including personal data. Support
firm-wide GDPR and CCPA compliance efforts.
* Coordinate with privacy legal teams (Americas and EMEA) to
identify and address risks associated with key privacy and regulatory
requirements, including GDPR records of processing activities and
development of OneTrust repository and GDPR audits.
To achieve these tasks, a strong background in Audit and cloud
deployment is required and specifically:
* Strong knowledge of global cloud Outsourcing regulations and those
for EMEA & APAC (e.g. EBA Guidelines on outsourcing arrangements)
* Strong background in Audit related activities, specifically SOC 1
and SOC 2 compliance
* Strong background on data sensitivity: PII, GDPR, Encryption…
* Experience on Cloud Platform (AWS, Azure, Google, others). AWS,
Google Cloud, or Microsoft Azure Certification is a plus
Qualifications
Minimum education and work experience required for this position
include:
* 7+ years’ experience in risk management, information security,
data privacy, project management, and/or audit, preferably in a
financial services or consulting organization.
* Strong knowledge of global cloud outsourcing regulations and those
for EMEA & APAC (e.g. EBA Guidelines on outsourcing arrangements)
* BS or BA degree, preferably in technology, business or equivalent.
* Relevant certifications such as CISSP, CISM, CRISC, CISA, or PMP
are a plus.
* Experience on Cloud Platform (AWS, Azure, Google, others). AWS,
Google Cloud, or Microsoft Azure Certification is a plus
KEY COMPETENCIES
* Track record of successful delivery of projects and initiatives
within schedule and budget.
* Able to effectively lead cross-functional project teams that
consist of indirect reports; have a proven ability to marshal
resources, delegate tasks, provide guidance, set expectations for
quality, manage and resolve issues or conflicts, and provide timely
and transparent project information to senior management.
* Ability to develop a full and deep understanding of the business
operations, and how they create value and risk for organizations.
* Ability to think with a control and process mindset. Experience
managing risk, security, or control programs, preferably aligned with
ISO or NIST standards. Familiarity with data privacy regulations and
compliance requirements is a plus.
* Ability to effectively analyze risk within the context of the
business problems.
* Adaptability and flexibility to work on a variety of assignments
as defined by current priorities.
* Strong presentation skills to audiences at all levels; ability to
adjust message and filter details based on audience.
* Demonstrated ability to interact effectively, internally and
externally, with senior representatives of the organization.
Moody’s is an equal opportunity employer. All qualified applicants
will receive consideration for employment without regard to race,
color, religion, sex, national origin, disability, protected veteran
status, sexual orientation, gender expression, gender identity or any
other characteristic protected by law.
Candidates for Moody’s Corporation may be asked to disclose
securities holdings pursuant to Moody’s Policy for Securities
Trading and the requirements of the position. Employment is contingent
upon compliance with the Policy, including remediation of positions in
those holdings as necessary.