Director, IT Risk - Issue Management

Director, IT Risk - Issue Management Summary of This Role

Oversees the Global Payments IT Risk issue management function. Supports and assists with the management of the overall IT Risk program which also includes risk analysis, issue intake management, and risk assessments. Plans, directs, and administers all issue management functions related to technology risks. Develops processes for effective and efficient reporting and data analysis to address areas of risk exposure. Consults with stakeholders and all levels of leadership on an ongoing basis.

• Leads, mentors and develops team members in their personal and professional development of IT risk management practices, with an emphasis on overseeing the IT Risk issue management function.
• Utilizes technical skills or aptitude to collaborate with technology partners to address issues (in various technology stacks, features, and/or components) through the creation of formal risk remediation and/or risk acceptance plans.
• Oversees an extensive amount of issues within Archer, which serves as Global Payments’ Governance Risk and Compliance (GRC) tool for issue management.
• Serves as a subject matter expert on Archer workflows and data governance.
• Monitors issues to ensure IT Risk resources are actively engaged to manage, report, and support stakeholders on addressing areas of opportunity.
• Utilizes data points within the Archer Issue Management repository to conduct analysis on trends and gaps to identify and address areas of improvement, whether with data governance or with identifying areas of high risk exposure.
• Utilizes data to present findings and reporting to management, along with recommendations on addressing areas of focus and needed improvements.
• Utilizes tools such as Microsoft Excel (i.e. pivot tables, charts/graphs) and Microsoft PowerPoint to conduct analysis and present recommendations in a comprehensive manner.
• Utilizes strong verbal communication skills to facilitate discussions with technology partners on developing next steps to address issues requiring remediation and/or acceptance.
• Utilizes strong networking skills to build partnerships with technology and business partners across the organization.
• Presents effective and efficient reporting updates on IT risk priorities and procedures.
• Exudes professionalism and confidence in risk / issue management subject matter when working with stakeholders and all levels of leadership including Executive Management.
• Utilizes strong documentation skills to respond to stakeholder inquiries with succinct recommendations on next steps and areas of improvement.
• Utilizes strong documentation skills in the creation of workflow visuals and formal presentations on various risk topics including formal presentations provided to Executive Management.
• Creates and implements enterprise risk education and training on various risk topics and functions.
• Collaborates with and supports the leader of the IT Risk assessment and issue intake function, which includes the identification, examination and analysis of IT applications, processes, and systems, and their overall mitigation control effectiveness.
• Collaborates with and supports the leader of the IT Risk Engineering function to develop business unit, executive, and Board of Director IT Risk/Issue Management reporting that meets regulatory requirements and assists internal risk-based decision making via governance presentations.
• Designs, develops, implements and continuously improves IT Risk procedures, practices, processes and methodologies to maintain a proactive, risk-based compliance oversight program.
• Anticipates how the organization must adapt to changes in the industry to sustain competitive advantage.
• Not an exhaustive list; other duties as assigned; additional working hours when necessary; some travel.

• Bachelor's Degree
• Relevant Experience or Degree in: related field of study from an accredited university is required; however, relevant experience in lieu of a degree may be considered.
• Typically a minimum of 10 years
• Related professional experience including a minimum of 5-6 years experience in a managerial position.
• Strong technical skill set or strong technical aptitude
• Assertive work ethic; demonstrates a passion for both the work and people - leading/developing others; exudes confidence; strong multi-tasking skills; strong analytical skills; strong networking skills; strong communication skills, verbal and written; strong presentation skills for executive management and audit related engagements

• Master's Degree
• Related field of study from an accredited university.
• Prior Global Payments, payment or technology industry experience is preferred.
• Any preferred: PCI Professional (PCIP), Systems Security Certified Practitioner (SSCP), CISSP (Certified Information Systems Security Professional), AWS Cloud Practitioner, Certified in Risk and Information Systems Control (CRISC), Certified…