BMO Financial Group Jobs

Mobile bmo Logo

Job Information

BMO Financial Group Managing Director, Financial Crimes and Cyber Risk in Berekely Heights, New Jersey


200 Connell Drive

Job Family Group:

Audit, Risk & Compliance

Reporting to the VP & Head of Enterprise Information & Technology Risk Management (EITRM), the Managing Director of Financial Crimes & Cyber Risk is responsible for the identification, assessment, remediation and reporting of all cybersecurity, fraud & physical security risks and is accountable for ensuring these risks are managed within the Risk appetite of the Bank.

The role is expected to deliver expert advice, credible challenge, and effective oversight of cyber security, fraud and physical security activities to identify, assess, control, and manage cybersecurity, fraud and physical security risk throughout the company. The role will provide strategic future forward vision of the required maturity of these risk domains leveraging more predictive analytics. The role is critical in helping to ensure that the company’s risk taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate, or avoid risks altogether. The role requires a highly skilled cyber security, cloud, technology, and digital risk management professional who has a wealth of experience and a demonstrated ability to provide value-added recommendations and deliver high-impact results.

The Managing Director of Financial Crimes & Cyber Risk is a leadership role in the EITRM function of the Bank, and will work closely with Risk Management, Cyber Security and the Technology business.

Key Accountabilities:

  • Serve as a leader in the Enterprise Information & Technology Risk Management risk oversight team and will have a solid understanding of internal and external cyber risks that can impact the organization’s overall business and value chain.

  • Will play a key role in assessing and enhancing the organization’s cybersecurity and technology capability maturity and by maintaining and updating risk models, identifying and developing innovative risk assessment techniques, and incorporate data driven risk assessment that are end to end vs point in time.

  • Providing independent expertise during capability maturity reviews, preparing independent assessments of maturity levels, and developing reports for senior management. Will be able to identify and assess alternative approaches to risk mitigation and advise the business and Technology leadership with respect to trade-offs.

  • You will be able to speak authoritatively with regulatory officials with respect to existing controls, the risk management framework overall, and emerging threats and challenges

  • As part of the second line of defense, you will collaborate closely with associates in Cyber, Technology, the Lines of Business, and other risk management offices to perform and support evaluations of the firm’s cyber capability maturity levels and offer independent advice and recommendations regarding ways to further mature the firm’s cyber and risk management capabilities. In addition, you will contribute to the identification and analysis of new or emerging cybersecurity and technology risks to the enterprise, and aid in integrating capabilities maturity assessment activities with other risk management programs across the enterprise.

  • As a member of an evolving organization, you will have the opportunity to bring clarity of roles and accountabilities within the cyber organization structure and refine your team and portfolio. The demands and high-visibility nature of this position require an expert with a proven ability to manage a team and work independently in a fast-paced environment and who can begin contributing immediately.

Essential Functions (Responsibilities):

  • Manage the conduct of independent evaluations of the firm’s cybersecurity and technology capabilities, and provide expertise and advice on accelerating maturity of the firm’s cyber capabilities

  • Lead and provide technical assessments of cybersecurity and technology capabilities

  • Identify and develop more quantitative assessment of vulnerabilities, risks and remediation strategies

  • Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed

  • Risk management focus taking a customer / resilience lens that promotes banks digital strategy while maintaining soundness of the bank

  • Stay current on emerging cyber threats and potential implications to the firm and mentor/coach more junior members of the team.

  • Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives

  • Lead program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups

  • Ensure that initiatives are compliant with regulatory standards and corporate policies, as well as with understanding and quantifying potential impact on profitability and firm reputation of these projects.

  • Understand, review and help manage and mitigate key cyber risks that impact the operational and business functions of the organization.

  • Collaborate with business partners and Enterprise Fraud functions to design target state and interim fraud tool architecture.

  • Continue the evolution and development of the Cyber Risk function and “appetite” view and the key risk reporting requirements.

  • Lead the development and implementation of key risk indicators (KRI’s), key performance indicators (KPI’s) that are risk-sensitive and adapting as new threats emerge.

  • Promote a strong risk management culture

  • Establish appropriate mitigating controls and assess the effectiveness of these controls

  • Establish and maintain adherence to regulatory requirements and mitigation of Corporate Audit finding

  • Establish appropriate mitigating controls and assess the effectiveness of these controls within the risk appetite

Experience in the following is required:

  • 15+ years of cyber security experience with expertise on emerging threats and reporting that describe the implications of threat(s) and opportunities to executives or senior decision-makers

  • Min of 5 years of people leadership roles and experience with managing a team and influencing management and key stakeholders.

  • Proven leadership experience in inspiring, engaging and leading a diverse team to deliver high performance services, productivity and service optimization

  • Candidates must have had exposure to technology in a large, complex, regulated financial services enterprise.

  • Experience in 3rd party Security prioritization and program development

  • Experience in Identity & Access Management, Privilege Management

  • Experience in Infrastructure Security and Security Architecture including Database Security, Platform Security, Endpoint Security, Network Security & Security Architecture

  • Experience in Security Assessments and Testing: Red Team Penetration Testing, Security Risk Assessments, Vulnerability & Configuration Management, Application Security

  • Security Intelligence and Operations: Responsive Detection, CSOC, Technical Investigations / Insider Threat, Continuous Defense

  • Strong experience in Cloud Security Controls & Microservices Security including AWS/Microsoft Azure/ Office 365,

  • An undergraduate degree is required; Professional certifications (CISSP, CCSP, AWS CCP, etc.) beneficial.

  • Excellent verbal and written communication skills

  • Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate

  • Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions

  • Ability to manage multiple projects while maintaining superior results

  • Ability to work cross-functionally, individually, and to lead work among a team

  • Execution oriented and a self-motivator

We’re here to help

At BMO Harris Bank we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.

As a member of the BMO Harris Bank team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.

To find out more visit us at

BMO Harris Bank is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. BMO Harris Bank N.A. is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.

BMO Financial Group Serving customers for 200 years and counting, BMO is a highly diversified financial services provider – the 8th largest bank, by assets, in North America. With total assets of $728 billion as of October 31, 2018, and a team of diverse and highly engaged employees, BMO provides a broad range of personal and commercial banking, wealth management and investment banking products and services to more than 12 million customers and conducts business through three operating groups: Personal and Commercial Banking, BMO Wealth Management and BMO Capital Markets.We serve Canadian clients through BMO Bank of Montreal®, our personal and commercial banking business, BMO Nesbitt Burns®*, one of Canada's leading wealth management firms, and BMO Capital Markets™, our North American investment and corporate banking division.In the United States, clients are served through BMO Harris Bank, a major U.S. Midwest personal and commercial bank, and BMO Private Bank, with wealth management offices across the United States, as well as BMO Capital Markets™, our North American investment and corporate banking division.We help our customers make money make sense by delivering the broadest range of financial services through a single point of contact. Our financial service professionals provide access to any services our customers require across the entire enterprise.