IT Risk Director
Salary £90,000 - £140,000 per annum
Consultant Darius Goodarzi
Date posted 26 February 2019 2019-02-262019-04-27 financial-services London London GB GBP 90000 140000 140000 YEAR Robert Walters https://www.robertwalters.co.uk
My client, an International Investment Bank based in London, are looking for an IT Risk Director to join their growing team.
About the IT Risk Director Role:
Lead the development of the firm’s Second Line of Defence capabilities (policies, procedures, and controls) to manage Technology (IT) risk, including Information Security and Cyber risks in London and across the EMEA region, in line with regulatory requirements, and to support the achievement of the Bank's strategic objectives.
- Lead the design, build and implementation of a Technology Risk framework (including Information Security and Cyber Risk) working in conjunction with the First Line technology teams and Head Office.
- Drive the development and delivery of medium to long term objectives and actions within the framework, including rollout to the First Line of Defence.
- Participate actively in the delivery of changes, enhancements and projects in conjunction with the technology teams.
- Provide robust challenge to the First Line of Defence as they identify, assess, manage and report their technology risks (including Information Security and Cyber Risk) through various tools and activities including risk and control assessments, key indicators, issue and incident management, and control assurance.
- Perform Second Line of Defence activities in the evaluation of technology risks for new products, systems and material change projects.
- Provide Technology Risk subject matter expertise, and monitor and communicate the risk environment to management, and other key stakeholders, effectively
- Analyse Technology, Information Security and Cyber risks and the effectiveness of the region’s risk management reporting arrangements, and identify/escalate appropriate actions to improve the overall reporting for the function.
- Build close and continuous relationships with key individuals within the First Line of Defence, particularly the technology department, and ensure their control weaknesses and concerns are addressed proactively.
- Liaise closely and co-operate with Head Office (HO) to ensure that HO initiatives/goals are met.
- Support the development of the firm’s operational resilience capabilities by providing Operational Risk input into the framework and processes
- Engage with senior stakeholders across the firm to provide oversight and challenge to assess the effectiveness of the firm’s operational resilience strategy, planning and capabilities.
- Represent Operational Risk Management in processes such as business continuity planning, disaster recovery testing, crisis management planning
- Support and have input into activities within the wider senior management team within ERMD.
- Assist in the creation and maintenance of a good 3LoD model and embedding the risk culture across London and EMEA offices.
- Strong knowledge of banking products
- Excellent knowledge and experience of Technology, Information Security and Cyber risk management and their application within the financial services industry
- Proven ability to understand, identify, analyse and communicate clearly an organisation’s data and technology risks.
- Proven experience in applying legal/regulatory guidance into solving practical problems.
- Solid technical and functional knowledge of the external regulations, policies and developments for Information Security, Cyber Risk and IT risk.
- Solid technical and functional knowledge of financial services internal rules and policies.
- Good understanding of the overall operational processes and technology challenges within the financial services industry.
Functional / Technical Competencies:
- Cyber Security technology
- Information assurance
- Data loss prevention
- Incident handling and analysis
- Governance, compliance and audit
- Business continuity planning
- Crisis management
- Recovery and resolution planning
- ISO 27001
If the above is of interest and you woud like to know more please apply or call me on 0207 509 8040 to find out more.