Assistant Vice President, Risk Governance and Reporting (Patch Vulnerability & Technology Risk)

The Assistant Vice President for ETS Risk Governance and Reporting is a direct report to the Vice President of Risk for Navy Federal’s Information Technology Department. The position supports the broader Enterprise Technology Services (ETS) Risk mission to effectively manage risks, compliance and facilitate informed decision making by building an agile capability responsible for risk reporting, strategy and planning, and risk culture development.

Risk Reporting and Intelligence

• Coordinate through ETS Enterprise Technology Business Services and Enterprise Risk Management (ERM) to define and develop risk reporting and metrics to include Key Risk Indicators (KRIs) for Information Technology department.
• Coordinate through ETS Enterprise Technology Business Services and to define and develop division-level performance metrics such as Objectives and Key Results (OKRs) and Key Performance Indicators (KPIs).
• Manage scheduled and ad-hoc risk reporting and presentations for executive and technology leaders to include Board, Committees, Sub-Committees, and monthly risk forums.
• Maintain a catalog of technology risk data, reports and dashboards that can be tailored for varying audiences (board, executives, technology leaders) to support scheduled and ad-hoc requests.
• Define and execute risk data aggregation methodology to support reporting requirements and identify top technology risks to the organization and analyze risk data to identify trends and insights.
• Drive the risk analytics and reporting program to higher levels of maturity with a focus on automation of data collection and dashboard creation.
• Define risk data management (in include data quality) and reporting requirements as well as develop risk reporting procedures.

Planning and Strategy

• Collaborate to establish goals, standards, and strategies for ETS Risk in alignment with enterprise and departmental objectives to include annual goals and a multi-year roadmap.
• Management of the division backlog of work projects and initiatives to include prioritization.
• Management of the division mission, vision, and value statements.
• Oversee the preparation and execution of Annual Financial Planning for the division.
• Development and management of Department-level calendar of audit, risk assessment and controls testing activity.
• Coordinate through ETS's Talent Development & Communications group to develop, manage, and execute on a talent development strategy.

Risk Culture

• Coordinate through ETS’s Talent Development & Communications group to develop, manage, and orchestrate risk management-related training and communication campaigns.

Administrative

• Monitoring and tracking of second line-of-defense obligations to include Risk & Control Self-Assessments (RCSAs), Business Impact Assessments (BIAs), controls testing, issues reporting and reporting of compliance issues and risks.
• Management of the ETS Risk Service Catalog and Operating Model to include tracking and management of interaction models for the various ETS functional areas.
• Management of ETS updates to the ERM Technology PRC (Process, Risk, Control) Taxonomy.
• Oversee knowledge management for the division.
• Perform supervisory/managerial responsibilities.
• Perform other duties as assigned.

• Bachelor's degree in a relevant field, or the equivalent combination of education, training and/or experience.
• Significant, proven experience defining key measurements that will drive visibility, accountability, quality and overall IT/Security effectiveness.
• Significant, proven experience with developing Key Risk Indicators (KRIs), Key Performance Indictors (KPIs), and Objectives & Key Results (OKRs)
• Experience in risk management, reporting and analytics, strategic planning, and management of personnel.
• Ability to own, maintain interactions with diverse sources of data to include databases, connectors, feeds, APIs and other systems that can provide data towards reporting and metrics.
• Working knowledge of at least one industry-leading risk management framework(e.g. OCTAVE, COBIT etc.)
• Advanced knowledge of information technology and information security concepts, principles, capabilities, and methods, and translating best practices to operations in a risk management framework.
• Advanced knowledge of information technology process, risks, and controls
• Strong proficiency in Microsoft Office applications.
• Proficiency with Splunk, ServiceNow and Azure DevOps.
• Strong presentation skills and the ability to adjust message and filter details based on audience(e.g. technical, business, management).
• Ability to work individually, and as part of a team.
• Strong written and oral communication skills.
• Advanced organizational, planning and time management skills.
• Advanced research, analytical, and problem-solving skills.
• Advanced skill developing and implementing programs in a leadership role.
• Advanced skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy, and tact.
• Significant experience collaborating across organizational boundaries and building partnerships across functions.
• Advanced skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes.
• Advanced skill exercising initiative and using good judgment to make sound decisions.
• Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management.
• Experience working with internal audit and external examiners.
• Working knowledge of NCUA and FFIEC regulations, GLBA, PCI, and other information systems requirements and frameworks.

Hours: Monday - Friday, 8:00AM - 4:30PM 

Location: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Dr. Pensacola, FL 32526 

Working Conditions:  Minimum three days-a-week in the office at Vienna, VA or Pensacola, FL (occasional travel between these locations is required)

Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

• Best Companies for Latinos to Work for 2024
• Computerworld® Best Places to Work in IT
• Forbes® 2024 America’s Best Large Employers
• Forbes® 2023 The Best Employers for New Grads
• Fortune Best Workplaces for Millennials™ 2023   
• Fortune Best Workplaces for Women ™ 2023       
• Fortune 100 Best Companies to Work For® 2024
• Military Times 2023 Best for Vets Employers
• Newsweek Most Loved Workplaces 
• Ripplematch Campus Forward Award - Excellence in Early Career Hiring
• Yello and WayUp Top 100 Internship Programs

Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/Disability

Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.