Risk Associate - IT

Job Description

ABOUT THE ROLE

As part of Group Risk Management – Technology Team, this position executes the organization’s comprehensive Technology Risk Management program and activities. This role involves identifying, assessing, mitigating, monitoring, and reporting technology risks to ensure the organization's IT infrastructure and systems remain secure and compliant.

Successful candidates will require an ability to effect change by successfully embedding the risk framework and improving risk maturity and awareness within the organization. Additionally, the role requires a strong 'check and challenge' mentality, utilizing the risk toolkit aligned with product knowledge to implement the desired improvements in a controlled manner.

This role will directly report into Group Risk Management (GRM) – Technology team.

Key Tasks And Responsibilities

Technology Risk Management

• Support the organization in implementing an effective and efficient Technology risk management and control framework in a collaborative manner
• Support 1 st line (CTM) to ensure that the Group Risk Management Framework, policies, and procedures are adhered to.
• Support the 1 st line (CTM) and coordinating the risk response with key partners including Group Risk Management, Group Internal Audit, Group Compliance, and other Group functions where required
• Assist in the development and maintenance of Technology Risk Management policies and procedures
• Foster and promote a risk and controls awareness culture
  
  

Risk Identification, Assessment and Analysis

• Assist the 1 st line (CTM) in identifying technology risks across the organization’s IT landscape
• Partner with Operational Control Management (OCM) in the design and implementation of assessments and reporting to ensure adherence to all internal, external, and regulatory requirements
• Perform check and challenge of all IT-related risk assessments (Theme, IT Application, Annual Risk Assessments). Ensure all relevant IT/IT Security risks have been identified and appropriately assessed and are mitigated appropriately.
• Assist 1 st line (CM) in monitoring of action plans as well as its effectiveness in mitigating the risks
  
  

Risk Reporting

• Prepare and present regular risk reports to risk committees, senior management, and relevant stakeholders.
• Support the IT Risk Manager in developing and implementing Technology Risk Management annual plans, strategies, and processes
• Collates and validates risk event data, providing analysis of same and using information to complete both internal/external reporting requirements within required timelines.
  
  

Risk Consulting

• Perform data analytics related to technology risks (e.g., Major Risk Events Analysis, Key Risk Reports)
• Perform process reviews and deep-dive risk assessments and recommend mitigating action plans and controls to address identified risks
• Stay up to date with emerging technology risks, industry best practices, and regulatory requirements.
• Support IT compliance efforts and internal/external audits related to technology risks.
  
  

Qualifications

• Hold a related bachelor's degree or comparable education relevant for risk management;
• Ideally 4+ years’ experience in Technology Risk Management or Controls-based role in financial services or similar industry, currently operating at supervisory level;
• Valuable experience on Cybersecurity, Technology and Enterprise Risk Management
• Highly collaborative, innovative, and effective communication skills;
• Strong analytical ability with high attention to detail, ideally with experience of data analytics tools;
• Project management skills with proven ability to multi-task and meet target deadlines;
• Strong interpersonal and communication skills;
• Ability to work independently and as part of a team.
• Comprehensive knowledge of Excel, Word, and PowerPoint essential;
• Prepared to undertake domestic and international travel; and
• Proven technical / report writing skills advantageous.