BNY Mellon Data and Analytics Solutions is a public- and private-cloud-based software and content offering that builds client-centric data, technology, and content capabilities.

 

Operating with the skill and agility of a fintech, Data and Analytics Solutions combines the expertise and resources of the Eagle product suite, Intermediary Analytics, and other BNY Mellon technology and data assets. Moreover, the division further extends BNY Mellon’s Asset Servicing capabilities in securities and cash into the world’s most important asset class, data.

 

Data and Analytics Solutions helps firms to analyze their data from different vantage points and transform it into actions that can achieve higher alpha and cheaper beta, with lower costs and less risk. Offering an ecosystem of proprietary and third-party business applications, Data and Analytics Solutions helps firms manage their core investment processes and beyond.

 

The Risk and Privacy Analyst is a member of the Data & Analytics Solutions (“D&A”) Risk & Privacy team. The team is responsible for 1^st line risk oversight of the D&A line of business. The team’s mission is to enhance the overall governance, risk and compliance (“GRC”) program, ensuring that a risk framework is properly implemented, maintained and communicated, that appropriate controls are adequately designed and deployed, and effectively operated, and that the D&A risk profile is monitored and reported to risk stakeholders. The role holder also supports the local data privacy network and acts as a subject matter expert on privacy in the context of the D&A business.

 

The position requires a solid understanding of the principles of risk management, controls design, implementation, monitoring and testing, with a preferred emphasis on SOC1 and SOC2, and industry standards such as those provided by NIST and the Cloud Security Alliance. The candidate should also possess excellent collaborative and problem-solving skills and an ability to explain risk concepts clearly and concisely to teams and individuals across various business and technology functions.

 

Key Activities/Responsibilities

• Assist in the ongoing implementation and continuous improvement of a risk assessment program
• Drive the review and assessment of all relevant enterprise policies, standards, and procedures, identifying those relevant to the line of business and extracting and translating discrete requirements
• Contribute to the design and delivery of the risk management communications, training and awareness program
• Support the transition to continuous control monitoring, testing and measurement
• Manage and maintain documentation library for all risk-related processes and procedures
• Maintain regular, manual risk reporting for stakeholders; support the transition to self-service reporting
• Assist with internal and external audits, client assessments and responding to RFPs

Supports Risk Framework practices and Uses in-depth knowledge of information technology, risk and control frameworks, risk and control theory and practice, and controls implementation and assessment to determine potential risks to the organization. Supports analysis and draws conclusions in order to recommend and direct any resulting change needed to mitigate risk.

Qualifications

Must have:

• A solid understanding of Public Cloud fundamentals, certifications are a plus
• Basic understanding and awareness of Cloud DevOps environments, a.k.a. Continuous Integration (CI)/Continuous Deployment (CD) pipeline

Desirable:

• Experience working in and using Public Cloud environments
• Competence in the use of Atlassian Confluence and JIRA platforms
• Previous experience working in control monitoring and testing automation
• Familiarity with industry standard DevOps tools and techniques

 

Core Capabilities

• Strong analytical, organizational, and project management skills
• Strong oral and written communication skills and problem-solving skills
• Ability to communicate compliance requirements to personnel at all levels of experience and responsibility
• A results-oriented self-starter that has the ability to work in a fast paced, dynamic environment, often with minimal direction
• Attention to detail and priority/time management

BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.
Our ambition is to build the best global team – one that is representative and inclusive of the diverse talent, clients and communities we work with and serve – and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.

Primary Location: United States-Massachusetts-Wellesley
Internal Jobcode: 96427
Job: Information Technology
Organization: Technology Services Group-HR06725
Requisition Number: 2100408