Interested in engaging with thought leaders in Technology Risk driving innovation and transformation at a large financial services organization? The Technology Risk Management team engages with global IT programs to assess risk at the outset and drive the integration of risk reduction throughout the program lifecycle leveraging best practices to drive automation, consistency and quality. Our focus is Regulatory Compliance, Risk and Control for all Technology Risks as part of the corporate First Line of Defence. Our mission is to ensure that Technology Risk is well understood, adequately prioritised, and effectively managed.
The responsibilities of this role include:
- Lead and execute formal risk reviews, assessments and risk quantification against core control capabilities within the global Technology organisation
- Assess coverage and design of technology solutions in support of quantification of measured risk reduction with effective plans and correct priority of scope
- Review and challenge of exceptions against technology control objectives, and governance of IT control deviations and gaps to quantify risks are in line with risk appetite
- Govern and validate audit and residual risk issues end to end, from remediation planning to control design validation to implementation validation to sustainability assurance
- Understand and manage Technology Risk challenges and opportunities in a global Financial Services enterprise; Identify measurement improvement opportunities in support of the Technology risk strategy’s implementation
- Drive a culture of control architecture, design, operational and continuous monitoring in support of risk quantification best practice and awareness
- Collaborate with functional risk managers and control assurance experts to ensure deliverables adequately represent all stakeholders
- Participate in global and regional governance committees
This role requires the following qualifications:
- Bachelor’s degree in Computer Science / Information Technology, IT Security, Risk Management, or a related field; Master’s degree a plus
- A minimum of 10 years Technology Risk, IT Audit, or IT Assurance experience; Financial services experience a plus
- Proven operational experience in control and issue assurance, and risk remediation governance; Recent control auditing/testing experience a plus
- Proven experience in the identification, construction and analysis of large volume datasets pursuant with risk measurement objectives
- Proven experience in the assessment and measurement of inherent, transformational, read-across, and residual risks
- Knowledge and practical application of risk analysis and measurement methodologies, standards, and best practices such as FAIR, COBIT and NIST; Knowledge of Cloud regulation and cloud security frameworks a plus
- Ability to deal with uncertainty and organisational flux in an effective manner
- Ability to drive change through collaboration and influence
- Ability to multitask and effectively prioritise
- Ability to comfortably interact & communicate with senior stakeholders
- Ability to interpret and solve complex problems and manage stakeholder needs and expectations while providing consistent and regular communications with support from management
- Fluent in English
- Excellent written and spoken communication skills
- Self-learning and training to ensure skills and knowledge are in line with responsibilities
- Aptitude for learning new and complex environments, processes, and technologies
- Professional designation a plus (e.g. CQRM, OpenFAIR, CISA, CISM, CISSP, CRISC)
- Project management experience and designation a plus (i.e. PMP)
- Proficient in Microsoft Office suite