Responsible for supporting the day to day risk engagement with all Technology functions, having an in-depth understanding of the Technology function and managing the execution of risk and control management processes to strengthen decision making.
Key accountabilities and decision ownership:
• Support the management of the risk profile for the Technology function and help improve our risk management capability.
• Supporting stakeholders within the function to identify, assess, respond to, and report on applicable risk. Creation of appropriate risk reporting, to facilitate risk and control discussions.
• Support the function with internal/external audits, ensuring all audit issues are appropriate and addressed in a timely manner
• Foster a risk aware culture within the Technology function ensuring adequate training and risk expertise is provided across their operations
• Deliver regular deep dive control testing and scenario risk reviews within Technology
• Assist with the achievement of external accreditation such as SoX, ND1643, TickIT and ISO27001
Core competencies, knowledge and experience :
• Stakeholder Management - Building effective working relationships across management and technical layers in Technology and the Three Lines of Defence
• Technology Risk Management - Facilitation of risk workshops to educate risk champions, and risk owners on their accountabilities and support them in risk identification & assessment
• Delivery of assurance activities based on the current and future risk profile of the function
• Sharing and implementing best practice from the three lines of defence and other OpCo’s
• Deputising for the Technology Risk Manager where necessary
• Developing overall risk management and control capability and knowledge
Must have technical / professional qualifications:
• CISM, CISSP, CISA, CGEIT, CRISC or equivalent is expected.