Responsibilities:
• Enhance, embed, and mature ERM’s technology risk and controls framework.
• Assist in development and implementation of ERM strategy, tools, policies and procedures for identifying, capturing and assessing technology related risks and controls.
• Assist in verifying and documenting the technology risk and control inventory
• Work with Divisional and Business Unit Technology to drive risk frameworks and assessments related to the products and the surrounding infrastructure.
• Support the production of annual risk and control self-assessments of the technology risk environment.
• Assist in the identification of quantitative and qualitative technology risk metrics. Create technology risk reporting and dashboards. Support BU Risk Officers in risk reporting to senior management.
• Support BCM/Operational Resilience enhancements.
Skills, Requirements, and Competencies
• 8+ years experience in technology risk management, technology audit and/or compliance in the financial services industry within capital markets.
• Strong understanding of (technology) risk management principles and internal control framework. Experience in implementing and supporting a technology risk management framework and/or technology internal controls framework in a complex organization.
• Ability to evaluate operational or technological measures to assess risks and effectiveness of controls.
• Experience in creating, implementing and maintaining (technology related) policies, procedures, guidelines, standards, and best practices.
• Good understanding of (technology) risk management frameworks, including COSO, COBIT, NIST and ISO 27001.
• Understanding of operational resilience concepts and experience working on operational resilience related (regulatory) programs (e.g. PRA/FCA/BoE Operational Resilience, DORA)
• Innovative, strategic thinker.
• Inquisitive nature with high attention to detail and ability to seek out information.
• Action and results-oriented with ability to drive results and effect change.
• Strong communication, facilitation and influencing skills; ability to articulate and communicate complex ideas and concepts in a clear, concise, and structured manner.
• Strong organizational skills and ability to successfully multi-task and prioritize work.
• Ability to pro-actively cultivate relationships and collaborate with multiple stakeholders, including business leaders, legal, internal audit, and technology across regional locations.
• Advanced Microsoft Office skills
