As part of AIG’s Technology Risks and Controls function, this candidate will help the Head of IT Regulatory risk to build, improve, and maintain solid processes to management regulatory risk for the organization The Associate Director will be responsible for managing the International regulatory environment through its lifecycle. This position is primarily responsible for the understanding new and existing regulations that have cybersecurity, privacy, or other technology implications across the globe; assessing these regulations against IT’s capabilities to identify gaps; and establishing and monitoring remediation plans to address any gaps. This role will collaborate with other risk management functions with the organization such as Legal, Business regulatory risk, Technology risk, and Operational risk management. This leader will prepare materials and interface with the regulators across key geographies during examinations or ad-hoc requests.
This candidate will lead the assessment, monitoring, implementation, and reporting on regulatory risks specific to technology. The job scope includes, but is not limited to:
- Advise on effective risk mitigation strategies and ensures implementation of controls/processes to comply with the regulations.
- Contribute to functional goals and objectives.
- Ensure teams are equipped to operationalize and attain global objectives. Ability to effectively manage resources to achieve project commitments.
- Lead scoping assessments for upcoming regulations and inspection of relative technologies and oversee implementation by driving timely completion of risk related deliverables and issue resolution.
- Keep abreast of current technology trends, regulatory risks, vulnerabilities, and emerging technologies.
- Leads efforts to develop a strong risk culture, further develop the function's effectiveness to influence and ensure organization’s adherence with the regulatory requirements.
- Effectively engage with technology teams to gain full understanding of technology and control environment.
- Independently assess technology risk management relative to regulatory landscape.
- Understand third party risks as related to specific technology area/regulatory scope.
- Lead and coordinate participation in the development of the evolving risk position based on the regulations.
- Work with appropriate technology areas to identify high risk areas and perform assessments of the corresponding inherent risks and recommend mitigating controls that meet organizational policies, regulatory requirements, and industry best practices.
- Lead discussions with second and third lines of defense through the lifecycle of the project.
- Identify inter-dependencies and engage with required stakeholders.
- Build a culture of continuous learning by effectively leading, coaching, and training team members on relevant skills.
- Bachelor’s degree required
- 8+ years of total work experience required
- 3+ years of experience leading teams required
- Solid understanding of technology risk frameworks required
- Cybersecurity and data privacy experience a plus
- Experience with a focus on risk management or regulatory compliance experience preferred
- Insurance/Financial services experience preferred