Job Description
Level 4
Years of experience minimum 10 years
Description :
The Technology Risk, Governance and Controls (TRGC) department provides a range of Group-wide Governance and Control functions focused on Technology, Information Security or Cyber-Security within the Firm.
This FTC position within Technology Controls Group will be based within one of our Canadian locations and will support the ongoing provision of Technology Control subject matter expertise (SME) in the design, development and on-going operation of the controls you would expect within a complex, diverse Technology environment that underpins a global Bank and organization like our Company.
The position will be exposed to a significant pace of control change; with the Firm undertaking a strategic enhancement programme focused on ensuring that the current Technology, Information Security and Cyber Security controls remain fit-for-purpose; as well as leveraging opportunities (where possible) to utilize continuous control monitoring and measurement.
In addition, this role will have access and exposure to the on-going evolution of risk and control architecture that supports the Firm to operate within appetite of Operational Risks – as the control environment, evolves further to support additional regulatory or legislative requirements, optimization or continued focus on control measurement and automation. This role will work alongside the Control Risk Officer within the Technology Controls group.
The Controls Risk Officer (CRO) is accountable for providing end-to-end risk management over a particular control domain. The CRO works in partnership with groups across all lines of defense to understand and manage the risks and controls relevant to that domain. This includes defining the relevant risks and gaining a deep understanding of the related controls and their effectiveness at holistically mitigating those risks.
Responsibilities :
Support the CRO and / or wider team to develop or enhance risk, control changes or improvements (specific to Technology, Information Security or Cyber Security.)
Support the CRO aligned to a particular Technology domain to maintain a view of the risks, controls and supporting artefacts including any relevant governance content, issues, action plans or other data points.
Assist with the creation of risk, control change artifacts or content (with a particular focus on right 1st time, quality and completeness).
Identify, maintain and manage stakeholder group and / or communications to ensure that there is pro-active and timely messaging to internal and external parties.
Provide programme or operational support to deliver agreed risk, control activities or actions; working to deadlines or agreed milestones.
Support Technology control testing or control measurement development, including testing compliance within Technology domain area(s).
Support the Firm’s risk and control assessment process (RCSA) to ensure that any impact to Technology controls are understood.
Produce Technology risk or control reporting / commentary on a monthly and quarterly basis to satisfy internal or key stakeholder requirements.
Perform analysis of risk and control indicators to identify and escalate appropriate issues for management attention.
Engage local stakeholder in execution and collection of risk or control information.
Skills Required :
Awareness of financial legislation and regulations impacting technology risk and control management processes including technology governance, information security, cyber security and Technology.
Awareness of risk and control management concepts, internal controls and industry technology risk management frameworks such as ITIL, CobiT, and ISO 27001.
Strong analytical and report writing skills; with focus on quality and right 1st time.
Experience writing Technology policies, Standards and Procedures
Effective organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.
Effective time management and planning skills (e.g. prioritization, multi-tasking and delivery focused)
Strong problem-solving skills and accurate, delivery focused mindset with good attention to detail.
Able to work effectively as a team or as an individual contributor (comfortable to self-organize).
Experience of working with Microsoft packages (Word, Excel, PowerPoint, Outlook)
Excellent communication and interpersonal skills
Ability to work effectively with all levels of the organization.
Excellent spoken and written English is essential for this position.