As one of the world’s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world.
If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day!
Job Description
The Team
Invesco Enterprise Risk Management (ERM) is evolving its capabilities and is looking for new Team members. Enterprise Risk is a global Second Line of Defense function that engages with Invesco Business teams to facilitate delivery and oversight of the risk management framework and provide a consistent, aligned approach to risk management across the firm.
The Enterprise Risk Management team, comprised of dynamic, diverse, and highly collaborative members, drives value to Invesco by delivering a comprehensive and standardized view of risk, integrated and underpinned by data and metrics. At the heart of the Invesco Enterprise Risk framework is the foundation for strong analytics, capable of responding to emerging threats and opportunities and adapting to evolving market trends and conditions.
What you would be responsible for:
- Leading Risk Identification and Mitigation: Spearhead the identification, assessment, and mitigation of technology risks, including those tied to infrastructure, cloud, and AI/ML technologies, and emerging information security risk, ensuring a robust risk posture amidst evolving trends.
- Framework Development: Develop and implement a robust information risk and control framework to enhance the firm’s second line of defense capabilities in overseeing information security and technology risks.
- Risk Analysis and Monitoring: Analyze current and emerging information security and technology risks, developing Key Risk Indicators (KRIs) to monitor the adequacy, quality, and efficacy of controls. Apply specialized knowledge and broad acumen across facets of all domains, including cybersecurity, technology, cloud, data, privacy, and to support third-party risks.
- Collaboration and Oversight: Partner with the first line of defense and collaborate with Internal Audit, Global Compliance, and Risk teams to review and strengthen the control environment, improve processes related to information risk management, and provide independent checks and challenges.
- Policy and Governance Leadership: Lead the development and implementation of risk management policies, procedures, and a governance structure, ensuring appropriate risk oversight, reporting, and compliance with regional regulatory requirements.
- Industry Engagement: Engage with industry networks and associations to stay updated on developments in technology, operational, and security risk management, sharing insights with relevant business functions.
- Internal Collaboration: Foster collaboration with the broader internal risk community and key global business stakeholders to ensure a cohesive approach to risk management across the organization. Conduct research and analysis, leveraging data to derive valuable insights and actionable recommendations for stakeholders.
- Risk Awareness: Drive risk awareness among employees through training and education, promoting a culture of risk consciousness.
- Team Leadership: Provide strategic leadership to the Information Risk Management team, fostering a culture of continuous improvement and excellence, and engaging with senior stakeholders to deliver insightful reports and recommendations on the risk landscape.
Experience you bring:
- An undergraduate degree is required; an MBA or master’s degree in a relevant field is preferred.
- 7-10 years of risk and control experience, with at least 5 years driving risk management across various lines of defense in a global banking/financial services environment or international risk consulting with financial services experience.
- Strong understanding of complex technology and cybersecurity concepts, including core technology and security principles.
- Hands-on experience defining and implementing information risk management and control frameworks, emphasizing integration of data governance.
- Experience with the major cybersecurity, technology, and operational risk frameworks and standards such as NIST CSF, CRI Cybersecurity Profile, CSA Cloud Controls, ISO 27000 series, COBIT, and Basel Operational Risk Principles. Experience delivering and assessing security solutions across major cloud service provider (AWS, Azure, GCP) platforms
- Asset management or financial services industry experience preferred.
- Working knowledge of current and emerging technologies, including cloud computing, AI/ML, and automation tools.
- Certifications: Certification in at least one of the following: CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CIPP (Certified Information Privacy Professional) etc.
Full Time / Part Time
Full time
Worker Type
Employee
Job Exempt (Yes / No)
Yes
Workplace Model
At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office.
What’s in it for you?
Our people are at the very core of our success. Invesco employees get more out of life through our comprehensive compensation and benefit offerings including:
- Flexible paid time off
- Hybrid work schedule
- 401(K) matching of 100% up to the first 6% with a discretionary supplemental contribution
- Health & wellbeing benefits
- Parental Leave benefits
- Employee stock purchase plan
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job. The job holder may be required to perform other duties as deemed appropriate by their manager from time to time.
Invesco's culture of inclusivity and its commitment to diversity in the workplace are demonstrated through our people practices. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender, gender identity, sexual orientation, marital status, national origin, citizenship status, disability, age, or veteran status. Our equal opportunity employment efforts comply with all applicable U.S. state and federal laws governing non-discrimination in employment.
