Technology Risk & Resilience Manager

The Assurant Global Risk Management team is seeking a Technology Risk & Resilience Manager.  Your primary responsibilities include providing expert advice, credible challenge, and effective oversight of technology, information & cyber security, operations, data, and systems to identify, assess, control, and manage technology risk throughout the company on a global scale. The role will develop and execute appropriate systems of risk management & controls in relation to Technology Risk & Technology Resilience.

You will help ensure that the company’s risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate, and monitor technology & cyber security risks. This is a remote opportunity.

 What will be my duties and responsibilities in this job?

Leads and Drives Delivery of Technology Risk Programs: 

• Establishing the technology risk framework, corresponding standards, and risk assessment protocols for the second line of defense risk team.

• Lead independent assurance activities to assess & monitor programs across the Assurant technology environment, ensuring that risks remain within tolerance levels.

• Periodically conduct Technology Risk Assessments to identify risks, potential threats, and vulnerabilities and incorporate them into the enterprise-wide integrated risk management approach.

• Identify, propose, and drive risk reduction opportunities.

• Assess and enhance the enterprise cybersecurity and technology capability maturity through the identification, development, and innovation of risk assessment techniques.

• Provide independent expertise during capability maturity reviews, preparing independent assessments of maturity levels, and develop enterprise-level risk reports and intelligence for senior management.

• Assesses technology and/or cyber risks associated with new initiatives (including programs, engagements, and vendors) being proposed for implementation.

• Manage Technology Risk Events, ensuring that remediation activities mitigate the risk exposure, and technology issues are appropriately actioned.

• Document process and key controls, highlighting risks and issues in addition to identifying improvements to technology processes and rules.

• Create, manage, and monitor technology controls within the GRC system.

Technology Control Oversight & Monitoring:

• Advise the first line of defense technology teams in the design and implementation of IT general controls (ITGCs) and cybersecurity controls.

• Monitor and report on control design and operating effectiveness through the Assurant GRC tool, Service Now

• Track the status of internal and external technology audit findings.

• Establish, monitor, and report on technology KRIs.

• Provides subject matter expertise and consulting to internal and external customers to help them achieve business objectives.

Technology Resilience: 

• Assist in the development and maintenance …