Job Description:

The Controls Risk Officer (CRO) is accountable for providing end-to-end risk management over a particular control domain. The CRO works in partnership with groups across all lines of defense to understand and manage the risks and controls relevant to that domain. This includes defining the relevant risks and gaining a deep understanding of the related controls and their effectiveness at holistically mitigating those risks.

Responsibilities:

-Support the CRO and/or wider team to develop or enhance risk, control changes or improvements ? specific to Technology, Information Security or Cyber Security.

-Support the CRO aligned to a particular Technology domain to maintain a view of the risks, controls and supporting artefacts including any relevant governance content, issues, action plans or other data points.

-Assist with the creation of risk, control change artifacts or content with a particular focus on right 1st time, quality and completeness.

-Identify, maintain and manage stakeholder group and/or communications to ensure that there is pro-active and timely messaging to internal and external parties.

-Provide programme or operational support to deliver agreed risk, control activities or actions; working to deadlines or agreed milestones.

-Support Technology control testing or control measurement development, including testing compliance within Technology domain area(s).

-Support the Firm's risk and control assessment process (RCSA) to ensure that any impact to Technology controls are understood.?Produce Technology risk or control reporting/commentary on a monthly and quarterly basis to satisfy internal or key stakeholder requirements.

-Perform analysis of risk and control indicators to identify and escalate appropriate issues for management attention.

-Engage local stakeholder in execution and collection of risk or control information.

Skills Required:

-Awareness of financial legislation and regulations impacting technology risk and control management processes including technology governance, information security, cyber security and Technology.

-Awareness of risk and control management concepts, internal controls and industry technology risk management frameworks such as ITIL, CobiT, and ISO 27001.?Strong analytical and report writing skills; with focus on quality and right 1st time.

-Experience writing Technology policies, Standards and Procedures

-Effective organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.

-Effective time management and planning skills (e.g. prioritization, multi-tasking and delivery focused)

-Strong problem-solving skills and accurate, delivery focused mindset with good attention to detail.

-Able to work effectively as a team or as an individual contributor

- comfortable to self-organize.

-Experience of working with Microsoft packages (Word, Excel, PowerPoint, Outlook)?Excellent communication and interpersonal skills

-Ability to work effectively with all levels of the organization.

-Excellent spoken and written English is essential for this position.

Skills Desired:

-Technology operations, Technology Oversight (2LOD) or audit background in a complex financial institution