Technology Governance, Risk and Control Senior Associate

We have an exciting and rewarding opportunity for you to take your Tech Risk & Controls career to the next level.

As a Technology Governance Risk and Controls Senior Associate within the Cybersecurity and Technology Controls organization aligned to Asset and Wealth Management you will contribute to the successful management of technologyaligned aspects of Governance Risk and Control in line with the firms standards.

Within the Governance Risk and Control (GRC) team you will leverage your broad knowledge in risk management principles and practices to assess and monitor risks evaluate implementation of effective controls and oversee issue remediation. All of which are crucial in strengthening Asset and Wealth Technologys controls and risk mitigation.

This role requires a combination of indepth expertise and highly effective organizational skills and is crucial in advising on complex control execution scenarios and enhancing the AWMs risk posture.

You will work closely with various partners across the firm including colleagues in CTC Enterprise Technology product & engineering Technology Risk and Controls and Technologists in our Businesses and Corporate Functions. Your ability to work effectively with a diverse set of stakeholders is essential.

Job responsibilities

• Monitor and evaluate the effectiveness of controls executed by AWM Technology ensuring compliance with firm standards.
• Conduct detailed walkthroughs with Senior Technologists/Process Owners to ensure a comprehensive understanding of technology processes and workflows.
• Develop and execute robust control test scripts designed to identify control weaknesses determine root causes and identify solutions in line with Firmwide measurement steps.
• Document test steps and results in comprehensive and organized manner to sufficiently support and justify testing conclusions.
• Communicate findings and contribute to the recommendations for improvements recognize opportunities to strengthen controls and improve operational efficiency ensuring alignment with organizational objectives and risk appetite.
• Develop and maintain strong relationships with stakeholders in Cybersecurity and Technology Controls Enterprise Technology and AWM Technologists becoming a trusted partner whilst supporting process owners in managing execution of controls and provide transparency to stakeholders.
• Perform ongoing oversight to accurately represent and maintain AWMs complex technology operations within the Compliance Operational Risk Evaluation (CORE) system.
• Conduct thorough root cause analysis to identify the underlying causes and themes of issues developing actionable insights and recommendations to address these root causes and prevent recurrence.
• Maintain oversight of technology owned issues through to delivery with validation of completeness of remediation in addressing root cause and repeatability.
• Ensure robust accurate documentation throughout the issue Lifecycle with appropriate approvals and management in CORE timely and within firmwide issue management standards.
• Collaborate with Operational Risk Management and Audit on identified Issues and control gaps whilst fostering a culture of risk awareness and promoting best practices in risk management across the AWM Risk organization.

Required qualifications capabilities and skills

• Proven experience or equivalent expertise in technology risk management information security or a related field with a focus on risk identification assessment and mitigation.
• Experience in risk identification assessment and control evaluation with a strong understanding of industry standards.
• Demonstrated ability to analyze complex issues develop and implement risk mitigation strategies and communicate effectively with senior stakeholders.
• Proficient knowledge of risk management frameworks regulations and industry best practices.

Preferred qualifications capabilities and skills

• CISM CRISC CISSP or other industryrecognized risk certifications