Description
As an IT Risk and Control Governance Lead you will aim to manage risks and issues appropriately within Technology and ensure information security on cyber risks or deficiencies are structurally remediated through balanced controls and risks are actioned through control maturity.
Responsibilities
- Maintaining close oversight of the technology and security risks and issues both internally and externally
- Providing regular reports to stakeholders on the status of the risk efforts and KRIs in Technology
- Promoting the positive risk culture in IT working closely with the local risk champions and ambassadors as well as with the second and third line
- Support and contribute towards the embedding of the Enterprise Risk Management framework and principles in Technology
- Participating to the Change initiatives to further improve the risk environment in Technology
- Coordinating activities related to the annual Risk and Control Selfassessment (RCSA) for Group Technology
- Taking initiatives to document and communicate intensively to further increase risk and control awareness knowledge and expertise
Skillsets
- Positive relationship management and influencing skills with the ability to balance assertiveness with need to build and maintain internal relationships
- Knowledge of IT and security risk management and control environment
- Experience with managing regulatory compliance issues as well as providing best practices in security
- Strong organisation prioritisation management coordination reporting and communication
- Knowledge of control frameworks e.g. ISO 27001 COBIT5 NIST CIS18
- Ability to adapt quickly and positively to change
- Knowledge of financial markets FMIs and CSD operations is an advantage
#LINS1