Technology Risk & Controls Manager
- If you havea background in risk and control assessment, testing technologycontrols then join our team in helping to anticipate and assess thepotential impacts of risk across the bank
- We'lllook to you to lead and perform technology controls testing andreviews, proactively driving the assessment and implementation ofrisk framework and policy compliance and changes, converting theseinto appropriate strategies and action plans
- Inthis highly collaborative role, you'll have an ideal platform forbuilding your network and advancing your career, while helping tocreate a safer environment for thebank
What you'lldo
You'll have theresponsibility of supporting management in their identification andassessment of material risks, and in determining their positionrelative to agreed appetites. Working with senior stakeholdersacross the bank, you'll drive the SOX risk assessment technology,SOX and non-SOX control testing forServices.
On top of this,you'll be supporting a culture of proactive and pre-emptive riskmanagement and continuous improvement, and the attainment ofoperational riskobjectives.
You'll alsobe:
- Planning andscoping to undertake control testing, quality control reviews,control deficiency resolution management andreporting
- Engaging with external auditorsto communicate the testing scope coverage testing plan andunderstanding their focus
- Guiding andinfluencing senior business and IT stakeholders on internal controlrequirements and improvements initiatives, including controlsrationalisation and automation
- Creating aculture of continuous improvement, increasing efficiency andproductivity through great people leadership coaching engagementand development ofskills
The skillsyou'll need
To be successfulin this role, you'll need a good understanding of resting ITgeneral controls, and the ability to lead technology riskassessments end to end in line with internal control and externalaudit requirements.
You'llhave experience with Oracle, SQL and Unix, along with knowledge ofCOBIT, COSO, NIST and ISO 27000. CISA, CISSP, CRISC or ISO 27001Lead Auditor certifications are advantageous but notessential.
You'll alsobring:
- A goodunderstanding of the relevant business and the risk and controlenvironment
- The ability to communicate complexideas and solutions to both business and technicalaudiences
- The ability to summarise materialfrom a variety of complex sources to support executive commentarywithin the financial marketplace
- Excellentcommunication skills in order to work well within theteam
- The ability to negotiate with, andinfluence, stakeholders across anorganisation