Sr. Specialist - Third Party Cyber Risk

General information

Ref # 18726

Remote? No

Ally and Your Career

*

Ally Financial only succeeds when its people do - and that's more than some cliché people put on job postings. We live this stuff! We see our people as, well, people - with interests, families, friends, dreams, and causes that are all important to them. Our focus is on the health and safety of our teammates as well as work-life balance and diversity and inclusion. From generous benefits to a variety of employee resource groups, we strive to build paths that encourage employees to stretch themselves professionally. We want to help you grow, develop, and learn new things. You're constantly evolving, so shouldn't your opportunities be, too?

The Opportunity

Ally's Business Line Risk Governance team is expanding to provide oversight of Ally third Parties in alignment with the All Third Party Risk Management requirements.

This role will work closely with Ally Sourcing and Third Party Risk Management teams to ensure oversight and governance of 3rd parties is done. The role will also work with Relationship Owners make sure proper supplier oversight, documentation, and risks are addressed and with the Cyber Monitoring team to support our Third Party Risk Monitoring.

The Senior Specialist, position at Ally is a member of the Business Line Risk Governance (BLRG) team in Information Protection and Risk Management (IPRM).

This Senior Specialist role will be the front line for oversight, monitoring and escalating compliance and IT risks with Ally Third Party Relationship Owners. This role will manage numerous processes to ensure compliance and risk items are completed accurately, timely and escalate when needed. The Senior Specialist will review risks, help create processes to respond to these risks and create metrics to allow Ally to understand their supplier compliance posture and identify risk trends and themes.

To read more about what our tech team does, be sure to visit our tech blog at ally.tech

The Work Itself

• Review and approve Inherent Product and Service Risk Assessment for completeness and accuracy to ensure Ally captures all risks associated with a particular supplier.
• Oversee the Supplier Performance Evaluation process. Work with Relationship Owners to perform evaluations on time, review results and follow up on questions or non-compliance items.
• Assist with monitoring and analysis of external supplier security performance using dedicated monitoring tools. Work with Relationship Owners and suppliers to review, document and follow up when vendor security performance does not meet expectations.
• Create and maintain metrics for reporting / dashboards.
• Identify emerging risks or trends across reported supplier base.

The Skills You Bring

• Working knowledge of common information security and technology concepts, risks and best practices related to:
• Information Technology
• Risk and Compliance

• Web and Infrastructure Security

• Bachelor's Degree in Computer Science, Business Administration or relative years of experience.

• 3+ years of Third Party Compliance and Risk or related experience including:
• 2+ years of Information Security, Compliance, Risk or Audit experience.
• 1+ year of general Information Technology experience.
• Consultative skills with the ability to build collaborative relationships within all levels of an organization.
• Strong written and oral communication skills including the ability to create organized and articulate reports and presentations from underlying data that are easily understood by teammates and Business Partners.
• Ability to take ownership of an initiative/issue thru completion.
• Ability to identify opportunities for process improvement to drive efficiencies.
• Experience in the finance / banking industry is a plus.
• Security, technology or audit/compliance related certifications are a plus.

#LI-Hybrid

How We'll Have Your Back

*

Ally's compensation program offers market-competitive base pay and pay-for-performance incentives (bonuses) based on achieving personal and company goals. But Ally's total compensation - or total rewards - extends beyond your paycheck and is designed to support and enrich your personal and professional life, including: * Time Away: competitive holiday and flexible paid-time-off, including time off for volunteering and voting. * Planning for the Future: plan for the near and long term with an industry-leading 401K retirement savings plan with matching and company contributions, student loan and 529 educational assistance programs, tuition reimbursement, and other financial well-being programs. * Supporting your Health & Well-being: flexible health and insurance options including dental and vision, pre-tax Health Savings Account with employer contributions and a total well-being program that helps you and your family stay on track physically, socially, emotionally, and financially. * Building a Family: adoption, surrogacy, and fertility support as well as parental and caregiver leave, back-up child and adult/elder day care program and childcare discounts. * Work-Life Integration: other benefits including LifeMatters® Employee Assistance Program, subsidized and discounted Weight Watchers® program and other employee discount programs.

Who We Are

Ally Financial is a customer-centric, leading digital financial services company with passionate customer service and innovative financial solutions. We are relentlessly focused on "Doing it Right" and being a trusted financial-services provider to our consumer, commercial, and corporate customers. For more information, visit ~~~.

Ally is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity or expression, pregnancy status, marital status, military or veteran status, genetic disposition or any other reason protected by law.

Where permitted by applicable law, must have received or be willing to receive the COVID-19 vaccine by date of hire to be considered, if not currently employed by Ally.

We are committed to working with and providing reasonable accommodation to applicants with physical or mental disabilities. For accommodation requests, email us at ~~~. Ally will not discriminate against any qualified individual who is capable of performing the essential functions of the job with or without reasonable accommodation.

Base Pay Range:

Emerging: 85000

Experienced: 117500

Expert: 150000

Incentive Compensation: This position is eligible to participate in our annual incentive plan