Technology Risk & Controls Manager

JOB SUMMARY

The Technology Risk & Controls Manager is an integral part of the Technology Risk and Controls (TRC) team. The Japan TRC team is responsible for risk management that includes internal and external audits and regulatory examinations IT Regulatory assessments IT internal controls governance for IT security system development computer operation and management reporting.

Key responsibilities will include but are not limited to: managing IT regulatory compliance; overseeing Internal Audit reviews issues and action plans; enhancing and reporting on Key Risk Indicators; and policy adoption and implementation. This position will work closely with other TRC members as well as management across IT Risk and Internal Audit.

JOB DESCRIPTION

The Technology Risk & Controls Manager will be responsible for numerous critical initiatives including the following:

• Manage Risk Associated with the Transformation Program
  • Monitor progress of Japans Transformation Program identifying risks early and working with the Japan CIO to address them
  • Communicate delays for transparency
  • Work with the CIO to confirm appropriate governance is in place for IT spending IT changes etc.

• Manage IT Regulatory Compliance:
  • When a new or updated regulation is identified conduct a regulatory assessment to assess compliance with the regulation and identify gaps
  • Draft action plans to address the gaps and work with key stakeholders to establish ownership of the gaps
  • Obtain approval of the plans by senior leadership and the owners of the action plans
  • Monitor action plans understanding where there are significant issues and what can be done to address these issues escalating as appropriate
  • Collaborate with Risk to understand emerging risks stemming from these regulations
  • Manage technology regulatory inquiries and requests for information for technology and cyber (coordination data collection status reporting)

• Oversee ITs Internal Audit issues:
  • Partner with Internal Audit and IT functions to identify and understand all issues
  • Support and drive the drafting of the Action Plans confirming that they address the root cause of the issues
  • Monitor Action Plans understanding where there are significant issues and what can be done to address these issues escalating as appropriate

• Key Risk Indicators:
  • Extract key data points monthly
  • Use these data to create and track Key Risk Indicators each month
  • Report on these KRIs at the IT Risk Committee meeting
  • When issues arise work with IT teams to investigate to identify the root cause and resolve them

• Adopt and Implement ITs policies and standards
  • Provide feedback to policy and standard owners to review and refresh the existing policy suite
  • Identify gaps and drive strategic change/improvement
  • Once the policies and standards are updated and published provide training in Japan
  • Implement the policies and standards in Japan

JOB REQUIREMENTS

Experience

• 10 years of experience within technology risk control and governance IT Internal Audit or SOX disciplines in financial industry
• Candidate must be Bilingual (Japanese and English)
• Bachelors degree required
• Strong expertise in SOX framework nice to have
• Experience analyzing risk throughout the development life cycle of business applications.
• Demonstrated knowledge of internal and external controls required in a regulated insurance company environment including Japanese Personal Information Protection Act.
• Ability to oversee multiple processes action plans and key stakeholders simultaneously
• Experience raising awareness of issues to key stakeholders across technology

Core Skills

• Demonstrate robust analytical skills
  • Proven track record of drawing conclusions making decisions and using data to solve problems
  • Ability to define solutions from ambiguous scenarios
• Maintain excellent interpersonal and oral/written communication skills
  • Active listener
  • Ability to drive change through influence
• Excellent negotiation collaboration facilitation and coordination
  • Negotiate prioritization and treatment of risk issues based on level of risk

JOB SUMMARY

テクノロジーリスクコントロールマネージャーはテクノロジーリスクコントロールTRCチームの重要なメンバーです日本のTRCチームは内部および外部監査規制当局による審査IT規制評価IT内部統制ITセキュリティのガバナンスシステム開発システム運用管理報告などを含むリスク管理を担当しています

主な職務内容はIT規制遵守のためのガバナンス管理内部監査レビュー課題アクションプランのモニタリング主要リスク指標KRIの強化と報告会社のITポリシーの適用と実施など多岐にわたります本ポジションは他のTRCメンバーやITリスク内部監査部門のマネジメントと密接に連携して業務を遂行します

JOB DESCRIPTION

テクノロジーリスクコントロールマネージャーは以下を含む多数の重要なイニシアチブを担当します

• トランスフォーメーションプログラムに関連するリスク管理
  • 日本のトランスフォーメーションプログラムの進捗を監視しリスクを早期に特定し日本CIOと連携して対応
  • 透明性確保のため遅延を報告
  • CIOと協力しIT支出やIT変更等に関する適切なガバナンス体制の確認

• IT規制遵守の管理
  • 新規または更新された規制が特定された際規制評価を実施し遵守状況とギャップを特定
  • ギャップ解消のためのアクションプランを策定し主要関係者と協力してオーナーシップを特定
  • シニアリーダーシップおよびアクションプランオーナの承認を取得
  • アクションプランの進捗を監視し重大な課題や対応策を把握し必要に応じてエスカレーション
  • リスク部門と連携し規制に起因する新たなリスクを把握
  • テクノロジーおよびサイバー関連の規制当局からの照会情報要求への対応調整データ収集進捗報告

• IT監査における課題の管理
  • 内部監査およびIT部門と連携し全ての課題を特定
  • アクションプランの策定を支援推進し根本原因への対応を確認
  • アクションプランの進捗を監視し重大な課題や対応策を把握し必要に応じてエスカレーションを実施

• 主要リスク指標KRIの管理
  • 毎月ITリスクに関する主要なデータをトラッキング抽出しKRIレポートを作成
  • ITリスク委員会等でKRIを報告
  • 課題発生時はITチームと連携し根本原因の調査解決

• ITポリシーおよびスタンダードの適用実施
  • ITポリシースタンダードのオーナーにフィードバックを提供し既存ポリシーの見直し刷新を推進
  • ギャップを特定し戦略的な改善を推進
  • ITポリシースタンダードの更新公開後必要に応じてトレーニングを実施
  • 日本国内でのポリシースタンダードの適用を実施

JOB REQUIREMENTS

経験

• 金融業界におけるテクノロジーリスクコントロールガバナンスIT監査またはSOX分野で10年以上の経験
• 日本語英語必須
• 学士号
• SOXフレームワークの高度な知識があれば尚可
• 業務アプリケーションの開発ライフサイクル全体にわたるリスク分析経験
• 保険会社で求められる内部外部統制日本の個人情報保護法を含むに関する知識
• 複数のプロセスアクションプラン主要関係者を同時に管理する能力
• テクノロジー部門全体の主要関係者に課題認識を促す経験

コアスキル

• 高度な分析力
  • 結論を導き意思決定を行いデータを活用して課題を解決した実績
  • 不明確な状況から解決策を定義する能力
• 優れた対人口頭書面コミュニケーション能力
  • 傾聴力
  • 影響力を活用したトランスフォーメーション等の推進力
• 優れた交渉力協働力ファシリテーション力調整力
  • リスクレベルに応じた課題の優先順位付け対応方法の交渉

At AIG we value in-person collaboration as a vital part of our culture which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive connected environment for our team and clients alike.

Enjoy benefits that take care of what matters

At AIG our people are our greatest asset. We know how important it is to protect and invest in whats most important to you. That is why we created our Total Rewards Program a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health wellbeing and financial securityas well as your professional developmentto bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the worlds most far-reaching property casualty networks. It is an exciting time to join us across our operations we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG you can go further to support individuals businesses and communities helping them to manage risk respond to times of uncertainty and discover new potential. We invest in our largest asset our people through continuous learning and development in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of inclusion

Were committed to creating a culture that truly respects and celebrates each others talents backgrounds cultures opinions and goals. We foster a culture of inclusion and belonging through learning cultural awareness activities and Employee Resource Groups (ERGs). With global chapters ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIGs greatest assets and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race color religion age gender gender expression national origin veteran status disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation please send an email to .

Functional Area: