Principal IT Risk & Control – Executive Director ID13
Overview: IT Risk and Control plays a leading role in delivering a forward-looking and robust risk management framework across Technology globally. We are accountable for overseeing and challenging our Technology functions on the effective management of risk, and our role is pivotal from a regulatory perspective - influencing, for example, how regulators perceive Technology’s risk management framework. This is a ED role, offering great potential for involvement across the IT organisation - IT Business units, and within our IT Risk and Control team globally – as well as interfacing closely with the Operational Risk department, Legal, Compliance, Regulatory Affairs, Vendor Management, Internal and External Audit and our UK regulators, the PRA and FCA. If you are looking for an opportunity to be at the heart of the Technology risk management, leveraging your hands-on experience in senior IT and IT risk management role, and sound knowledge of risk and controls principles, this may be an ideal opportunity for you. You will work with our IT Business Units and IT senior management to fully understand and actively manage the Firm’s Technology risk profile. In your risk management oversight role you will be able to navigate a landscape of competing priorities – understanding where to strike the balance between managing risks and acknowledging or accepting certain risks. In this capacity you will be advising Technology management on those matters requiring their attention and those which are of lesser importance. You will be a leader and role model within the ITRC and you will need to leverage your leadership and influencing skills to continue to develop a strong working relationship across our Technology teams globally and Business stakeholders. Key Areas of Oversight and Engagement
Further develop, enhance and oversee the implementation of the IT policies, procedures, standards and risk management methodologies;
Ensure the firm’s Operational Risk Management Framework, including the Firm’s Risk Management Enhancement Programme (RMEP), is demonstrably embedded with the IT Division and that Management Information (MI) is available to verify that;
Conduct controls testing and advise where control enhancement are required;
Oversee the annual Internal and External audits of the IT Division;
Participate in the firm’s risk management forums and committees as necessary , e.g.
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.