Federal Home Loan Bank of San Francisco · 4 months ago
Information Technology (IT) Risk Management, Dir.
333 Bush St. Suite 2700
Full-time
Onsite
Director/Executive
$175K/yr - $210K/yr
7+ years expThe Federal Home Loan Bank of San Francisco is a cooperative, wholesale bank that provides liquidity to its members and helps meet community credit needs. The Director, IT Risk Management role focuses on maturing and executing IT Risk Management practices, providing an enterprise-wide risk framework, and driving transparency in risk-based decision-making across the Bank.
BankingBuilding MaterialFinancial ServicesReal EstateVenture Capital
Responsibilities
Help mature and execute an IT and IS risk management framework using industry leading practices (e.g., NIST CSF, COBIT, and Cloud Security Alliance) and take into consideration regulatory expectations
Review processes and controls against leading practices, industry frameworks, and regulations, identify gaps in design and execution, communicate issues and recommendations, and monitor remediation efforts
Drive common Process, Risk, and Control taxonomies for the Bank, including IT and IS, to improve operational efficiency
Leverage the Bank’s ERM, ORM/ITRM frameworks and partner with IT and IS teams to execute IT and IS risk assessments – including Inherent Risk Assessments (IRA), Operational Risk Assessments (ORA), FedLine Advantage Assessment, AWS assessment, and other in-depth technology and process assessments – identify gaps, document action plans, and perform validation as appropriate
Assist in Operational integrated risk assessments by leading the technology aspects of the IRAs and ORAs for the in-scope BUs
Partner with the ERM/ORM teams and lead the effort to review and refresh ORM/ITRM Policy and Procedures, at a minimum, on an annual basis
Assist ERM leadership to update Risk Appetite Framework annually or as needed. Help define and enhance Key Risk Indicators (KRI) and their tolerances, generate or review metrics and Key Takeaways in the Enterprise Risk Report (ERR)
Lead the investigation and documentation of IT and IS related Operational Events. Validate remediation actions when completed
Prepare and present IT Risk Management updates to Committees as appropriate
Assist with communication and escalation of significant IT/IS risks and issues to the appropriate management, and monitor corrective actions to address issues, where needed
Assist the Enterprise Risk Officer and the Senior Director, IT and EUC Risk Management, in ERM strategy-implementation and improvement opportunities
Assist in regulatory and internal audit engagements, including collection of relevant documentation requested in internal and external exams
Work with the Risk Analytics team to help embed data-driven metrics and decisions within ERM
Work with the IT and IS teams on technology initiatives as appropriate, e.g., Artificial Intelligence tools adoption and Cloud transformation
Help assess enterprise and emerging risk issues, including assignment of risk ratings consistent with established policy standards
Other tasks under the direction of ERM/ORM/ITRM leadership
Qualification
Required
Knowledge and working experience with ORM and ITRM Frameworks based on industry best practices and the three lines of defense model
A minimum of 7 years of experience in performing IT/IS/ORM risk assessments and control testing leveraging IT/IS Frameworks and Standards (e.g., FFIEC, NIST CSF, ISO, COBIT, ITIL)
Knowledge of IT and IS risks associated with the System Development Lifecycle, Development. Operations, Agile Development Processes, Infrastructure, Security Operations/Engineering, etc
Knowledge of and experience with IT and IS tools, e.g., SailPoint, Splunk, Tenable, and CyberArk
A team player who can comfortably work in a dynamic and fast-paced environment, ability to respond to changing circumstances, and ability to meet the hybrid working model requirements
Ability to interact with senior management while balancing multiple projects and other responsibilities
Strong attention to detail with a proactive approach to solving and preventing problems
Excellent organization, project management, and prioritization skills
Excellent interpersonal skills to work in a team environment and to influence and interface with a broad range of stakeholders at all levels, internal and external
Certified Information Systems Auditor (CISA), Certification in Control Self-Assessment (CCSA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), or other risk management discipline certification
Ability to take ownership of projects and deliver high-quality results
Preferred
Regulatory experience with the Federal Housing Finance Agency is a plus
Benefits
Annual incentive award opportunities
Retirement benefits
Health and welfare or other ancillary benefits
Company
Federal Home Loan Bank of San Francisco
Federal Home Loan Bank of San Francisco is a banking firm providing credit products, services, and housing finance services.
201-500 employees
H1B Sponsorship
Federal Home Loan Bank of San Francisco has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (4)
2022 (9)
2021 (3)
2020 (7)
Funding
Current Stage
Growth StageLeadership Team
Joseph Amato
President and Chief Executive Officer (Interim)
Recent News
2025-12-30
2025-12-08
Company data provided by crunchbase