Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Technology Risk Specialist

Employer: Communications
Posted: 01/09/2014
Location: South East, England
Deadline: 26/09/2014

Responsible for supporting the day to day risk engagement with all Technology functions, having an in-depth understanding of the Technology function and managing the execution of risk and control management processes to strengthen decision making.

Key accountabilities and decision ownership:

• Support the management of the risk profile for the Technology function and help improve our risk management capability.
• Supporting stakeholders within the function to identify, assess, respond to, and report on applicable risk. Creation of appropriate risk reporting, to facilitate risk and control discussions.
• Support the function with internal/external audits, ensuring all audit issues are appropriate and addressed in a timely manner
• Foster a risk aware culture within the Technology function ensuring adequate training and risk expertise is provided across their operations
• Deliver regular deep dive control testing and scenario risk reviews within Technology
• Assist with the achievement of external accreditation such as SoX, ND1643, TickIT and ISO27001

Core competencies, knowledge and experience :

• Stakeholder Management - Building effective working relationships across management and technical layers in Technology and the Three Lines of Defence
• Technology Risk Management - Facilitation of risk workshops to educate risk champions, and risk owners on their accountabilities and support them in risk identification & assessment
• Delivery of assurance activities based on the current and future risk profile of the function
• Sharing and implementing best practice from the three lines of defence and other OpCo’s
• Deputising for the Technology Risk Manager where necessary
• Developing overall risk management and control capability and knowledge

Must have technical / professional qualifications:

• CISM, CISSP, CISA, CGEIT, CRISC or equivalent is expected.

The application deadline for this job has passed. Please click here to return to the jobs list.