Global Resilience Risk Specialist
Technology Risk Lead
Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. Its purpose is to make sure the bank understands, and is in control of its non-financial risk position.
In addition, the function provides resilience risk stewardship to global businesses, functions and entities we operate in.
This is achieved through:
- Completing analytical assessments and opining on the control environment of the First Line of Defence (1LOD) within Businesses
- Constructive challenge to the global businesses and functions on their control environment and assessment of risk
- Oversight of emerging risks, strategic business initiatives and local change activity and new/materially changed products
- Analysis of risk exposure across all bank operations and territories to inform capital management and stress testing requirements
- Completing thematic reviews and aggregated reporting of the Non-Financial Risk profile of the bank
- Responsibility for the implementation of a Risk Management Framework (RMF) that sets out governance, policies and practices to proactively identify, assess, measure and report on, mitigate and control operational risk exposures associated with the businesses and operations at all levels of the organization.
- The role holder will maintain close working relationships with the wider ORR team, locally, globally and globally
The role holder will have global responsibility for:
- Leading the deployment of deep subject matter expertise around technology risk globally
- Providing issues, event and incident oversight, including specialist oversight of technical controls globally
- Supporting country and global ORR Managers with all technology risk related queries
- Providing advice, guidance and challenge to senior businesses, functions and entity management, ensuring robust opinion is provided through global governance
- Recommending risk appetite thresholds for technology risk, and oversee risk appetite monitoring
- Providing guidance and support with policy writing, owning and monitoring compliance with a comprehensive set of clear and concise policies that outline the key principles and minimum requirements applicable to the management of technology risk
- Engaging with risk owners, control owners and risk stewards to ensure technology risks are managed in accordance to policy
- Overseeing compliance, for example, through the Risk and Control Assessment process, Top Risk Assessments and Incident Management process
- Promoting and developing technology risk awareness and risk management culture in order to ensure that the material risks are both evident and effectively managed
- Identifying any concerning trends and challenging the business to address these
- Leading on defining the risk and control library, including minimum control standards, with input from Risk Owners, Business Service and Control Owners, specifying key risks and key controls
- Recommending RCA scoping for technology risk controls and challenge where this is not appropriately applied in the RCA
- Driving appropriate governance for technology risk across key stakeholders and senior control owners
- Reporting on risk and control profile, including impacts of external environment changes, emerging risks and changes to the business strategy
- Monitoring the local external environment to get early sight of emerging risks and provide detailed guidance on controls required to mitigate against them
- Providing technical guidance to support development and completion of ORR and regulatory reporting obligations (e.g. RAS, top & emerging risks, risk profile reporting, RMM, Board reporting where relevant, etc.)
- Ensuring any concerns with key controls and material change programmes, relevant to technology risk, are understood and escalated as required
- Leading regulator and audit engagement pertaining to technology risk; ensure regulatory compliance for technology risk and timely completion of audit actions and findings
- Support training and capability uplift across ORR to ensure robust understanding of Technology risk.
- Strong leader with the ability to influence at the senior levels of the organisation
- Expert level of technology risk management knowledge and relevant deep experience in this field
- Comprehensive knowledge of the internal control environment
- Ability to communicate effectively, building strong relationships and influence senior internal and external stakeholders
- Comprehensive knowledge of the external environment (threat, regulatory, geopolitical, competitor, technological landscapes)
- A change agent who challenges the status quo constructively and positively, leading relevant strategies that enable safe growth of the bank
- An advanced degree preferable in relevant discipline (e.g. Masters, Doctorate etc.)
The Client will consider candidates from France, Germany UK etc... to work remotely whilst we are in a Pandemic and probably 2 days a week in Krakow after that point.
Salary will be in the range of Euros 75K - Euros 95K.
Do send your CV to us in Word format along with your monthly salary either in Euros or PLZ.