The GCOR Specialist is accountable for assisting the GCOR Team in the proactive identification, escalation and timely mitigation of compliance and operational risks through the execution of some or all of the following activities:
Assists in the development of independent risk management reporting for respective area(s) of coverage as input into governance and management routines
Assists with the development and maintenance of GCOR owned policies and standards and/or the oversight of FLU/CF-owned policies, standards and procedures to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintains a comprehensive regulatory inventory; may support communication of regulatory changes
FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements
Assists in identifying, aggregating, reporting, escalating, inspecting and challenging remediation plans, and performing thematic analysis on FLU/CF-owned issues and control enhancements
Assists in remediating GCOR “owned” issues and control enhancements
Contributes to risk coverage plan development, executes independent risk monitoring, testing, and risk assessments, communicates results
Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
Supports the review and challenge of internal and external operational loss events, including development of remediation plans to strengthen controls
Assists with the development of risk metrics, monitors related performance and remediation/mitigation efforts
Required Skills:
Minimum Years Business & Functional Experience: 5 Years Functional Experience
Vulnerability Management Processes and Controls
Cyber Risk Management Process and Controls
Third Party Cyber Risk Management and Supply Chain Security Processes and Controls
Cyber Security Industry Frameworks (e.g., NIST CSF, ISO, etc.)