About the Role
The candidate will join the entity management team to build and evolve Information Security, IT Risk and Fraud governance program across BBVA US subsidiaries. The candidate will work within the Information Security & Engineering Risk area reporting to the Director of Entity Management. The candidate should have extensive knowledge of information security and demonstrated working experience on risk maturity assessments along with strong communication and interpersonal skills to partner with stakeholders across multiple entities.
What you will do:
Assessing Entities Risk Exposure
- Assess across entities inherent risk , evaluate level of maturity, as is status and work with the entities to establish a roadmap to achieve desired levels of maturity.
Create and run a Governance program
- Define a governance model to follow-up entities performance. Create dashboards and KPIs to be provided by the companies in regular basis. - Prepare periodic reporting to Leadership and organize and coordinate the committees and follow-ups that will be supporting the entity Management governance. - Define and design key metrics and relevant info to be provided by the companies in a regular basis - Identify information sources and create data feeds and generate reports and dashboard at entity level and BBVA US level.
Entities Demand Management - The candidate will build partnership with the key stakeholders across entities managing new initiatives coming from them that require : - Risk evaluation in regard to Infosec, Fraud , IT Risk and Business continuity - Evaluate operational impact in bank process to allocate a provide services to the entity. - Evaluate technological impact. - Serve as a liaison between bank and subject matter experts to Provide strategic consultancy. Support and Monitor Entities Operations
- Provide daily support for Troubleshooting on Entities Operations relying on the bank Information Security and Engineering Risk processes. - Build model to track how IS&ER services are being provided to entities.
- Develop a community of knowledge across entities in regard to IS&ER - Leverage existing procedures, policies and standards and spread its usage across entities. - Share Best practices and strategy
What you will bring: