IT Risk AVP

About the IT Risk AVP Role

To be an integral member of the ITRC team with a primary focus on planning and executing key control testing, reporting and enhancing key risk indicators, and monthly governance and reporting, which will involve liaising with all Technology departments and some business functions and other teams as necessary.

KEY RESPONSIBILITIES

• Perform control testing to assess the design and operating effectiveness of key cybersecurity and technology controls, and report conclusions to risk and control owners.
• Support efforts to sustain and enhance our risk and control framework to ensure material regulatory requirements are being assessed, tested and reported on.
• Manage and enhance key risk indicators that support risk appetite and residual risk measurement and reporting to the firm's executive leadership and risk committees.
• Support the execution of cybersecurity and technology risk management and its strategic roadmap, including management and development of new key risk indicators to enable our stakeholders to understand risk posture.
• Play an active role in monthly governance and reporting activities, in particular managing materials and actions relating to the monthly ITRMC meeting.
• Support complex, firm-wide initiatives towards successful completion and develop reports to communicate progress to senior management, risk committees, and Board of Directors.
• Work closely with cybersecurity and technology teams, in particular risk and control owners to enhance control effectiveness, drive remediation and closure of open issues.
• Understand current cybersecurity and technology strategy and help to mature it on a continuous basis through targeted initiatives.
• Collaborate with stakeholders to understand gaps and process improvements to enhance business operations.
• Analyse and measure the effectiveness of existing business processes and develop sustainable, repeatable, and quantifiable improvement recommendations (business requirements definition, gap analysis, cost-benefit analysis).
• Recommend solutions (in terms of both technology and business outcomes) based on root cause analysis, cost / benefits, feasibility analysis, and research of sound industry practices.
• Leverage industry frameworks, best practices, and changes in financial services sector that may impact reporting for cybersecurity and technology program and project developments.
• Stay abreast on current state understanding of information security program developments, industry frameworks, and changes in the company that may impact reporting.

WORK EXPERIENCE

• Experience in IT security and risk management, preferably in financial services sector
• Experience in IT controls assurance and testing
• Experience in IT controls governance and reporting
• Experience in developing and providing executive level reporting

PERSONAL REQUIREMENTS

• Identifies multiple paths to success using analytical and critical thinking as well as decision-making skills
• Exercises sound judgement, prioritises effectively, and strives for continuous improvement
• Effectively collaborates with colleagues
• Leverages available technology to drive efficiency and results
• Understands and applies industry trends and best practices
• Exhibits optimism, resilience, flexibility, and openness to others' ideas
• Values learning as a lifelong professional objective
• Engages inclusively and with intent
• Always acts with integrity
• Iterative problem-solving
• Acts as a trusted advisor
• Strong interpersonal skills
• Strong organisational, critical thinking and problem solving skills
• Ability to articulate key messages to a range of audiences

If the above role is of interest please apply or email me your CV on or call me on .

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates