Nous recherchons un

IT Controls & Governance Program Manager

Postuler REF: 059300

At Bank of the West, our people are having a positive impact on the world. We’re investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy. From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people’s lives, and strengthen communities. We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs). Yes, we’re a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.

Job Summary

The Controls & Governance Program Manager will be responsible for the development, implementation and oversight of risk and compliance management programs in the first line of defense using BNPP’s Risk Framework. Ensures the overall effectiveness and adherence to the governance of the established risk framework and ongoing evaluation of business controls. A member of a high performing team responsible for risk and control self-assessments, identifying control failures, facilitating risk and compliance remediation, and monitoring the first line of defense in an effort to minimize risk exposures and strengthen the overall control environment.

Essential Job Functions

  • Ensures the Information Technology complies with the Bank's Integrated Operational and Technology Risk Framework and/or industry best practices as it relates to: IT Governance, policies and procedures, risk management frameworks, and risk and controls methodologies.
  • Acts as the Information Technology subject matter expert on Level 1 Governance framework. Is knowledgeable about industry best practices and systems, specifically within third party risk management area.
  • Acts as an adviser to Information Technology organization ensuring third party risks are properly identified and covered with enough granularity and details to make informed decisions.
  • Maintains current knowledge of operational risk management and regulatory compliance requirements for the Bank.
  • Performs assessment of the IT infrastructure, hardware, software, IT processes, data containment IT Architecture, Server Environments, SDLC, Coding Practices, DevOps, Agile Development Practices and Data Privacy. 
  • Assumes a leadership role coordinating engagements and providing instruction to team members.
  • Advises senior management and influences process change.
  • Educates risk owners on risk management best practices and work with other risk functions in the development and implementation of risk controls.
  • Assesses the organization’s cyber risk strategy and posture, as it relates to data risk, cyber risk management, cyber risk frameworks and policies, and/or cyber risk measures, methods, and reporting.
  • Delivers key messages with clarity, confidence, and poise to instill confidence process owners.

Other Job Duties

  • 1LOD is perceived as a consultant to the IT community proactively developing strategies to mitigate risk and add value to the enterprise.  The Candidate is expected to develop relationships and grow into a subject matter expert role supporting IT processes.
  • Keep abreast of IT industry advancement and changes in the regulatory environment to bring best practices and suggestion to the Bank.
  • Providing mentor and provide guidance to team members assisting them take the next professional steps.  



  • 10+ years’ experience in risk management, general computer risks, audit and controls knowledge of banking IT environments and regulations.
  • Working knowledge of the FFIEC Framework, NIST Cyber Framework, ISO 27000 Series, COBIT, ITIL, SOX etc. employed to enhance the IT Control environment at the Bank.
  • Leadership or managerial experience.
  • Ability to collaborate with 2LOD and 3LOD.
  • Obtained or in pursuit of certifications (i.e. CISA, CISSP, CISM, CRISC, CIA, CPA).
  • Preferred Internal, External or Regulatory audit experience.
  • Familiarity with Governance Risk and Compliance (GRC) software to manage risk and control documentation.

Required Experience

  • Experience in financial services or banking industry with understanding of financial services regulatory environment.
  • Experience in third party risk management practices and techniques.
  • Experience in IT operations and/or application support.
  • Proven experience working in an ambiguous environment with proven ability to explain complex concepts and support points of view.


  • Excellent analytical skills with strong attention to detail and quality control of work product. Excellent interpersonal skills - ability to foster relationships and create informal networks.
  • Ability to think outside the box, respectfully challenging process and providing unique solutions.   
  • Ability to work on multiple projects and meet deadlines.
  • Excellent writing and presentation skills.
  • Tactful and diplomatic when engaging with all level of management always maintaining a professional demeanor.


  • Bachelor’s degree

Equal Employment Opportunity Policy

Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer - Minority / Female / Disabled / Veteran.

Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.
Primary Location: United States-Arizona-TempeJob Type: Full-timeJob: Risk Management Reference: 059300