Title:  Business Controls Manager II 
Requisition #:  153356 
Employment Type:  Regular 
Full or Part Time:  Full-time 
FLSA Status:  Exempt 
Division  IT 
Grade:  87 
Affiliate:  FIFTH THIRD BANK, CINCINNATI 
 
https://cvg53.ngahrhosting.com/Main/careerportal/Job_Profile.cfm?szOrderID=153356&szReturnToSearch=1&szWordsToHighlight
 
Requirements

GENERAL FUNCTION: As first line of defense, provides business leadership related to identifying, assessing, mitigating and managing risk and ensures the existence of appropriate product and platform supervisory controls. This position isprimarilyfocused on one complex line of business or functional area or multiple lines of smaller or medium scope. This highly visible position will work as part of a team that works across the line of business or function to ensure transparency andunderstandingof operating issues, risk, and opportunities, including the sound governance, administration and oversight of business activities. Evaluates the industry, market and regulatory environment to anticipate changes and help ensure appropriatealignment withpotential business scenarios.
 
ESSENTIAL DUTIES AND RESPONSIBILITIES:
All duties and responsibilities outlined below are for the assigned line of business or functional areas.
. Directs and manages governance and risk related processes for one or more complex business groups.
. With oversight from the Director, Business Controls, helps define the strategies and implements controls, policies and procedures to increase effectiveness and efficiency related to their respective business or functional area
. Exercises judgment and influences senior business managers and peers to ensure enforcement of strong risk and governance management while balancing business strategy
. Works with senior leadership to develop, implement and communicate the organization's mission, goals and strategies regarding business controls within the Enterprise Risk Management (ERM) framework
. Proactively manages the relationships with other internal business control groups and the second and third lines of defense (such as compliance, legal, enterprise risk and audit)
. Highlights control breakdowns, inadequate processes, and unexpected events and implements corrective actions to address process and control deficiencies
. Leverages strong regulatory knowledge to ensure compliance with all applicable laws, regulations, standards and requirements
. Manages and provides comprehensive reporting that captures and prioritizes key issues resulting from the business, control functions, audit or other internal and external sources
. Quickly and efficiently resolves issues raised by the second and third lines of defense and external auditors.
 
Strategic
. Collaborates with the Director, Business Controls and LOB/function to develop key business control strategies
. Establishes a set of processes that include first line of defense risk limits, with policies ensuring that risks are effectively identified, measured, monitored and controlled, consistent with the Bank's risk appetite statement, concentrationrisklimits and the Bank's policies within the Enterprise Risk Management Framework
. Effectively executes organization design and effectiveness to establish a structure that maximizes governance and productivity with the appropriate talent
 
Identification
. Maintains a complete and current inventory of all the material processes, product lines, services and functions, with the associated key risks and their thresholds
. Establishes and maintains a comprehensive list of all governing regulations within the business or function, and is responsible for a continual, forward-looking scan of industry, regulatory and legal trends and changes
. Evaluates risks associated with new product and strategic initiatives prior to formal project review (‘is this within appetite') and determines mitigating controls
 
Assessment
. Executes periodic Risk & Control Self-Assessments (RCSA); owns all content of RCSA and tests
. Designs processes and tests to control quality and consistency of expected outcomes
 
Management and Mitigation
. Develops and executes on-going metrics tracking, monitoring and review processes (e.g., Key Risk Indicators (KRIs), Operational Losses)
. Establishes appropriate measurement framework including dashboards and reporting to measure the effectiveness of the established standards and practices
. Provides guidance and training on effective implementation and monitoring of the enterprise risk management frameworks
. Promotes open and effective communication between Legal, Compliance, ERM and the business leadership on risk issues and risk management methodologies
. Assists in developing and maintaining risk management procedures and defining of Key Risk Indicators in accordance with ERM standards
. Manages the risk review process; ensures adequate and timely reviews including appropriate communications and progress updates
. Represents the LOB or function on appropriate Bancorp Risk governing committees
. Maintains knowledge of the organization, policies and objectives
. Coordinates the development of risk dashboards, combining information tracked at the Enterprise level such as Key Risk Indicators, with information on top and emerging risks obtained through discussion with the functional managers
. Notifies management of changes to applicable enterprise-level policies and risk limits
. Reviews policies for completeness and adherence to the Bancorp's risk appetite, and ensure that policies are maintained centrally in the Policy Center
. Provides guidance to line managers in identifying and monitoring Key Risk Indicators that represent early indicators of key drivers of risk for the division
 
SUPERVISORY RESPONSIBILITIES: Responsible for providing employees timely, candid and constructive performance feedback; developing employees to their fullest potential and providing challenging opportunities that enhance employee career growth;developingthe appropriate talent pool to ensure adequate bench strength and succession planning; recognizing and rewarding employees for accomplishments. Typically supervises several individual contributors and may supervise some managers.
 
Experience
MINIMUM KNOWLEDGE AND SKILLS REQUIRED:
. Bachelor's Degree in management, finance, economics, related field or equivalent experience; Masters Degree preferred
. 5-10 years of financial services industry, risk, business controls or compliance management experience preferred
. Strong leadership, critical thinking and collaboration skills required
. Ability to influence peers, colleagues and managers across business and divisional lines to take action on complex, technical or sensitive topics with companywide impact
. Must be analytical and possess ability to interpret and apply policies and regulations across a large, complex business
. In-depth business or functional expertise as well as knowledge of applicable policies and procedures required
. Broad working knowledge of banking products and operations required
. Excellent presentation and interpersonal skills required
. Working knowledge of Microsoft products required

Title:  Senior IT Risk Analyst 
Requisition #:  159264
Employment Type:  Regular
Full or Part Time:
FLSA Status:  Exempt
Division  IT
Posted Date:  11/5/2015
Grade:  13
Affiliate:  FIFTH THIRD BANK, CINCINNATI 
 
https://cvg53.ngahrhosting.com/Main/careerportal/Job_Profile.cfm?szOrderID=159264&szReturnToSearch=1&szWordsToHighlight
 
 
Requirements
GENERAL FUNCTION: This position is responsible for implementing information technology risk management strategies identified by the IT Risk Manager. In this role, the Senior IT Risk Analyst will be assigned overall responsibility for key areas and will have accountability for proper planning, prioritization and execution of supporting IT risk responsibilities. This position is responsible for hands-on execution of control/risk assessments and the development of control enhancement recommendations.
 
DUTIES & RESPONSIBILITIES:
Support the IT Risk Manager in the execution of responsibilities to conduct risk assessments, implement self-assessment programs, perform technical research on risk topics, and other activities that support risk management goals for the IT Division. Some of the primary responsibilities include:
* Support the IT Risk Manager on the implementation of information technology risk management strategy and operating priorities.
* Support the integration of the IT Risk Management practices into key Information Technology and business areas.
* Build effective relationships with key individuals who own and support processes you are responsible for evaluating, including the appropriate line-of-business risk managers.
* Perform ongoing planning and prioritization of key projects and activities to ensure that resources are applied to the most critical areas. Communicate with the IT Risk Manager, as needed, to ensure proper prioritization and management of workload.
* Participate on projects and ensure that key IT risks are being adequately addressed. Coordinate with project managers to ensure that issues are identified, action plans are in place and that PLC requirements are being met.
* Perform risk assessments on key IT processes or assets, identify vulnerabilities and propose solutions to mitigate risk. Perform due diligence and risk assessments on IT service providers.
* Work with IT areas in developing an effective self-assessment process for proactively identifying risks associated with processes, applications and technical infrastructure components.
* Support compliance with applicable regulations, which include, but is not limited to the following: the FDIC Improvement Act, the Sarbanes-Oxley Act of 2002 and the Gramm-Leach-Bliley Act of 1999.
* Support the resolution of Internal Audit, regulatory, or Risk Management related issues that could impact the confidentially, availability or integrity of data or processes.
* Create effective risk assessment documentation supporting work performed, including formal communication on risk assessment results. Be able to deliver effective presentations to management on summary of work performed and findings.
 
SUPERVISORY RESPONSIBILITIES: The Senior IT Risk Analyst will have responsibility for supervising IT Risk Analyst(s) on projects that require support. Basic supervisory responsibilities include defining scope of work to be performed, providing guidance and other resources to the IT Risk Analysts as needed, ensuring timely completion of assignments, and reviewing quality of work performed to ensure adherence with IT Risk Management standards. 
 
Experience 
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED: Four to six years of information technology experience required. Desired experience should include a foundation in IT security and controls. While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial. At least one relevant technical or professional certification, such as CISA or CISSP, is required. Bachelor's degree required, preferably in computer science or information systems. Must possess excellent written and verbal communication skills, with a proven track record of interacting effectively with end-users and technology professionals. Able to work on multiple projects concurrently, manage time effectively and require minimal supervision in the execution of IT Risk Analyst responsibilities. Must possess strong analytical capabilities and have a desire to learn new things. Less than 10% travel required. 

Title:  Lead IT Risk Advisor 
Requisition #:  154924
Employment Type:  Regular
Full or Part Time:  Full-time
FLSA Status:  Exempt
Division  IT
Posted Date:  9/30/2015
Grade:  14
Affiliate:  FIFTH THIRD BANK, CINCINNATI 
 
https://cvg53.ngahrhosting.com/Main/careerportal/Job_Profile.cfm?szOrderID=154924&szReturnToSearch=1&szWordsToHighlight
 
Requirements
 
GENERAL FUNCTION: This position is responsible for assisting with the development and implementation of information technology risk strategies identified by the IT Risk Manager and taking on additional leadership roles as defined. The Lead IT Risk Advisor will work closely with IT Risk Analysts in the prioritization of work and review of projects completed. This position also is responsible for hands-on execution of control/risk assessments and the development of control enhancement recommendations.
 
DUTIES & RESPONSIBILITIES:
Support the IT Risk Manager in the execution of responsibilities to conduct risk assessments, assist with self-assessment programs, perform technical research on risk topics, and other activities that support risk management goals for the IT Division. Some of the primary responsibilities include:
* Support the IT Risk Manager on the development and implementation of information technology risk management strategy and operating priorities.
* Support the integration of the IT Risk Management practices into key Information Technology and business areas.
* Build effective relationships with key individuals who own and support processes you are responsible for evaluating, including the appropriate line-of-business risk managers.
* Provide mentoring, as needed, to Senior IT Risk Analysts to assist in the development of their careers and performance of their job responsibilities.
* Manage the resource requests submitted by the Senior IT Risk Analysts for project assistance. Assist IT Risk Analysts with prioritization of workload and perform reviews over project documentation completed.
* Play a leadership role on key projects and ensure that key IT risks are being adequately addressed.
* Support the resolution of Internal Audit, Compliance, or Risk Management related issues that could impact the confidentially, availability or integrity of data or processes.
* Support compliance with applicable regulations, which include, but is not limited to the following: FDICIA, the Sarbanes-Oxley Act of 2002 and the Gramm-Leach-Bliley Act of 1999.
* Assist in the development and refinement of key IT Risk Management metrics and reporting.
* Represent IT Risk Management on information technology governance groups, committees or other projects, as needed.
 
SUPERVISORY RESPONSIBILITIES: Responsible for supervising and managing IT Risk Analysts. This includes, but is not limited to, conducting performance reviews, assisting with development plans, providing career coaching and other administrative responsibilities.
 
Experience 
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
Eight to twelve years of information technology experience required. Desired experience should include a foundation in IT controls and include a specialization in one or more of following: information security architecture, systems integration, e-business technologies, application architecture or IT management consulting. Technical or professional certifications in field of specialization highly recommended. CISA and CISSP are required.

Bachelor's degree required, preferably in computer science or information systems. Must possess excellent written and verbal communication skills, with a proven track record of interacting effectively with end-users, technology professionals and different levels of management. Should have project management experience and supervisory experience. Less than 10% travel required.