Head of IT Governance & Risk
- Recruiter
- Tradition
- Location
- London, United Kingdom
- Salary
- £70,000 - £100,000
- Posted
- 17 May 2022
- Closes
- 16 Jun 2022
- Ref
- 14535705
- Job Function
- Risk Management
- Industry Sector
- Finance - General
- Employment Type
- Full Time
- Education
- Bachelors
Tradition is currently seeking to appoint a Head of IT Governance & Risk to be based within the London office.
Main responsibilities within the Head of IT Governance & Risk position include:
IT Governance & Control
Policy Documentation
IT Controls Assurance
Operational Resilience
Continuity and Disaster Recovery
IT Risk Management
Risk Framework
Risk Management
RCSA
Audits
Third Parties
Compliance
Key skills, experience and competencies required in this role:
Main responsibilities within the Head of IT Governance & Risk position include:
IT Governance & Control
Policy Documentation
- Maintain the IT policy/procedural documentation and ensure that all documentations are up to date
- Assist with writing the IT policy/procedural documentation
IT Controls Assurance
- Perform periodic assurance procedures to validate the design and operating effectiveness of IT controls
Operational Resilience
- Maintain systems register (Service Directory)
- Maintain Critical Risk Assessments (CRA) for each critical IT system
- Participate in scenario testing
- Monitor compliance with Impact Tolerances for systems supporting Important Business Services
Continuity and Disaster Recovery
- Assist the IT Service Manager in reviewing the IT recovery arrangements to ensure that these are aligned with the Front Office and other departments BCP.
- Assist the IT Department and Service Manager in establishing and maintaining the IT BCP.
IT Risk Management
Risk Framework
- Establish a risk management framework for IT that fits within the Enterprise-wide risk management framework
- Maintain a formal IT risk appetite framework that is aligned with management's broader business risk appetite
- Monitor for breaches of risk appetite
Risk Management
- Collate KRIs to highlight potential control failings
- Assist with generation and documentation of operational risk scenarios (used in ICARA process)
- Assist with stress testing and scenario analysis workshops
RCSA
- Facilitate Risk and Control Self Assessments ("RCSA") and capture of results on the Risk Management System
- Collate RCSA reporting for CFT Group risk assessment
- Ensure remediation plans are in place for identified control gaps
Audits
- Liaise with the External and Internal Auditors with regards to Audit planning, assist the IT Staff during audit processes and ensure that audit reports are accurate.
- Facilitate the Audit exercises by acting as a liaison between IT stakeholders and Auditors
- Liaise with action owners to ensure that IT internal/external audit actions are addressed and completed as planned
Third Parties
- Establish and manage a Vendor Risk Management Program.
- Coordinate responses to questionnaires from external parties.
Compliance
- Maintain up-to-date knowledge of regulatory obligations relating to provision of IT services.
- Act as internal subject matter expert on relevant compliance obligations.
- Work with teams to ensure policies, procedures are in place and enforced.
- Act as point of contact with regulators on IT-related matters.
Key skills, experience and competencies required in this role:
- Good knowledge of IT risk management, operational risk and associated best practice
- Experience in a similar role within financial services would be advantageous
- Risk qualifications, with IT specialism, would be advantageous
- Strong academic background
- Excellent Microsoft Office skills
- Knowledge of OneSum-X would be advantageous
- Strong work ethic
- Hard-working
- High level of integrity and discretion
- Loyal, trustworthy and reliable
- Self-motivated, able to work as part of a team, as well as on own initiative with minimal guidance and support team-mates
- Proactive, willing to learn and adapt, with a can-do approach and determined attitude
- Personable with a friendly, confident and approachable manner, whilst maintaining a high degree of professionalism/confidentiality
- Able to work in a busy and demanding environment
- Ability to prioritise a heavy workload in order to meet deadlines and problem-solve
- Ability to liaise with a wide range of people on a variety of levels
- High degree of accuracy and attention to detail
- Excellent written and oral communication skills