Description

Summary:

The Infrastructure Risk Director will report to the SVP, Technology Segment Risk Officer. This role will be the senior leader responsible for first line of defense risk management and oversight activity for the Infrastructure organization and serve as the primary risk partner for the Chief Technology Officer’s leadership team. This role will be responsible for leading the risk culture of the segment. Risk oversight activities will include risk identification, control design and evaluation, and completion of risk and control self-assessments. This leader will work closely with the CTO’s organization to identify, assess, and mitigate risk.

Serve as “voice of risk”; provide both credible challenge and transparent counsel Familiar with network security, vulnerability and patch management, identity management, database and server infrastructure, asset management, incident and problem management, change management, configuration management, container administration, and other key areasDemonstrated ability to stay current with an evolving risk landscapeLead and develop a dedicated team of risk managers and specialists for a consistent and effective support modelUpdate risk register when issues/findings identify new risks, significant changes to existing risksMonitor changes to rules and regulations for potential impact to risk registerComplete risk and control self-assessment including analysis of inherent risk, control environment, residual risks, segment risk appetite metrics, top and emerging risks, control effectiveness, metrics, findings, risk acceptances, and changes since last period according to guidance and timelinesConsult on the development and review of key risk metrics, controls, and control testsProvide leadership voice in key risk committees Independently validate management’s actions to resolve identified risks are effectiveImplement policies and standards to ensure conformance with Risk Governance and Risk Appetite FrameworkPartner with peers supporting Cloud, Cybersecurity, Data and Application teams, as well as 2nd and 3rd line oversight bodiesInteract with regulatory oversight teams and supporting external exams as required; leverage knowledge of regulatory guidance to evaluate alignment

Basic Qualifications:

Bachelor's Degree10+ years of experience in Risk Management activities and Control Frameworks to address Cybersecurity and Technology Risk Management; experience in confidentiality, integrity, and availability principles and industry standard practices

Preferred Qualifications:

Executive communication and presentation skillsStrong leadership abilities and experience building and developing teamsAbility to lead new initiatives and transformations through influenceCISA, CISSP, or similar professional certificationsAgile and/or Kanban project executionBanking experience

#LI-Hybrid

#LI-SG1

Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position