Previous Job
Previous
IT Risk Lead
Ref No.: 18-00024
Provide analytical support in executing internal control discipline and operational excellence within a LOB/ECF. Gather and organize data in order to monitor and test the effectiveness of key controls and status of mitigation and action plans. Prepare documentation for the tracking, monitoring, and escalation of risk related issues to management. Acts as an ambassador of the risk culture. Incumbents typically have over 5+ years of risk management and/or LOB/ECF experience. May manage staff.
  • Partner with key Technology Managers to monitor and manage various risk programs across the firm
  • Proactively manage risk metrics – focus on "at risk” or "exceeding threshold risks” – work with technology management to address root causes and remediate as required
  • Support technology teams in supporting firm-wide risk programs (e.g. delivering requested artifacts, verify completeness / accuracy)
  • Partner with technology teams in the execution of Risk Control Self Assessments (RCSA)
  • Identify root causes of reported risks and partner to design remediation plans
    Coordination with Technology Management in monitoring the execution, collection and completion of SOX control activities Partner with Technology Management and internal audit to identify and report self-identified audit issues
  • Provide support to Technology Management on all phases of audit activities and ensure active engagement with technology management to meet audit objectives. In addition, assist management in the validation of preliminary audit issues and the creation of  remediation plans
  • Partner with Technology Management in the execution of quality assurance programs – ensure completeness of data and identify and monitor required remediation activities
  • As necessary, acts as a liaison for the department, maintaining effective and professional relationships with key business stakeholders, internal and external auditors, regulators, and others dealt with in a professional capacity.
Qualifications
  • 7-10 years Technology Audit or Technology Risk experience
  • Experience in the execution of Technology Risk Assessments, Audits and SOX 404 and 302 testing
  • Solid understanding of a risk control framework (i.e., inherent risks, control procedures, residual risk, etc.)
  • Ability to identify relevant key risk indicators to measure risk exposures (metrics reporting)
  • Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives.
  • Strong ability to analyze data to identify thematic issues / areas requiring improvement
  • Persistency, poise and perseverance to get things accomplished under pressure and within the set timelines
  • Interest and track record of ensuring accuracy, clarity and quality of work with attention to detail
  • Deputize for senior managers in various governance forums and committees in both technology and business at a FICC level
  • Understanding and knowledge of NFRR and transaction reporting compliance including industry regulations
  • Understanding of Global records management principles and their implications to the business
  • Detailed knowledge of SDLC and application governance
  • Ability to identify and validate operational losses and the parties impacted and responsible
  • Detailed understanding of Information security and the programs and disciplines that are encompassed in that.
  • Understanding of business continuity and recovery practices and ability to partner and challenge where needed
  • Gravitas to be able to challenge and debate in senior forums on risks and issues identified
  • Understanding of the business controls and compliance functions and the partnership required to be effective.
  • Sound business judgment and the ability to work successfully with all levels of management
  • Demonstrated ability to work independently and within a team
  • Commercial awareness of Bank and its license to operate.
  • Excellent written and verbal communication skills including Senior management or executive level presentation material development experience
  • Excellent inter-personal, negotiation and influencing skills
  • Strong problem solving and analytical skills
  • Excellent MS-Office skills (including PowerPoint (for presentations) and Excel ( for manipulating large amounts of data)
  • Excellent organizational skills, coupled with ability to be versatile and flexible
Desired
  • CISA, CRISC, CISSP