The successful candidate will be part of the Technology Product Management team. This is an individual contributor role within the Risk and Regulation group. This team governs and controls the execution of mitigating action plans as well as manages and supports the processes to monitor and mitigate risk across our portfolio of assets and infrastructure security.
The scope of this position includes all technology processes and resources leveraged by the Ratings Technology Department.
The Impact :
The individual is responsible for managing and implementing technology programs that mitigate risk across our infrastructure, consistent with our information security policies and following the Agile methodology. This will include managing stakeholders across divisions and the communication processes and metrics for greater transparency and alignment. This position will need to closely collaborate with the Business Information Security Officer (BISO), Cloud Engineering group and other strategic product leads across S&P Global locations to ensure consistent and successful project delivery and mitigation action plans.
What's in it for you :
The Security, Risk & Regulatory Project Manager will be responsible for working with various Scrum Masters, Engineers and Product owners in ensuring successful execution of projects aligned with Ratings' Information security, infrastructure and risk mitigation business priorities. This position will also be responsible for:
Fulfill requests for information related to audits performed by both internal and external parties (e.g. auditors, regulators).
Participate in Risk and Assurance engagements and assist in developing audit programs and maintain up-to-date knowledge about audit tools and techniques.
Track, manage and update required compliance / regulatory related activity, issues and action plans in tracking system to ensure milestones are met
Monitor and ensure the effective remediation of action plans provided by both internal and external audit groups
Perform control testing and process audit, including SOX audits, operational process reviews and review of system implementations and applications.
Proactively collaborate with appropriate IT teams to remediate processes, configurations and data where non-compliance exists.
Champion process re-engineering by challenging the status quo of current processes and suggesting improvements or alternatives.
Identifying best practices to leverage across project teams and train for continuous improvement
Development of KPIs, standards, communication and escalation processes
Develop, manage and follow operational policies and procedures including documentation and training
Facilitate collaboration among project teams to problem solve and remove roadblocks to delivery
Act as an escalation point across teams for project issues, and drive follow thru to resolution
Own the successful execution and communication of project deliverables, status and dependencies across all stakeholder groups and project teams
What We're Looking For :
A degree and or equivalent qualifications in Computer Science, Business Administration, Information Security
Overall 12+ years' experience with 5+ years' experience in a program manager role.
Demonstrated experience in risk assessment and regulatory management
Experience with automating audit activity to achieve efficiency preferred (RPA, Ansible. Scripting)
Experience with audit frameworks (e.g. NIST, COBIT).
Strong technical skills, and knowledge in Agile based projects
Strong verbal and written communication skills and strong interpersonal skills
Strong experience in KPI-based project execution backed by strong process discipline
Innovative and effective problem-solving skills
Demonstrated ability to manage and influence people in a matrixed environment
Demonstrated leadership, communication and team building skills.
Proven ability to manage complex projects with cross functional teams
Ability to work with team members in different location and work in a fast-paced environment
Ability to facilitate client discussions across a wide variety of program issues and considerations and Disaster Recovery Planning
About S&P Global Ratings
S&P Global Ratings is the world's leading provider of independent credit ratings. Our ratings are essential to driving growth, providing transparency and helping educate market participants so they can make decisions with confidence. We have more than 1 million credit ratings outstanding on government, corporate, financial sector and structured finance entities and securities. We offer an independent view of the market built on a unique combination of broad perspective and local insight. We provide our opinions and research about relative credit risk; market participants gain independent information to help support the growth of transparent, liquid debt markets worldwide.
S&P Global Ratings is a division of S&P Global (NYSE: SPGI), which provides essential intelligence for individuals, companies and governments to make decisions with confidence. For more information, visit www.spglobal.com/ratings .
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.
20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.2 - Middle Professional Tier II (EEO Job Group), SWP Priority - Ratings - (Strategic Workforce Planning)