Business Control, Monitoring and Readiness (BCMR) is committed to building a strong risk culture and maintaining a system of robust controls to proactively manage risk, and achieve a consistent balance between our business goals and risk management. The team is responsible for ensuring that capabilities are established to drive execution of the operational risk management framework through the implementation of Enterprise and Global Technology and Operations (GT&O) specific processes and tools. These includes risk assessment & analysis, monitoring and testing of key controls, issue management and audit & regulatory exams support. Collectively, this framework enables effective risk management and promote sound risk taking within our risk appetite, and in compliance with internal policies and with applicable laws, rules and regulations.
Key responsibilities include:
- Enabling strong operational risk management - Identify, Escalate & Debate risks across business units.
- Enabling functions to identify and monitor Key Risk & Control indicators with established triggers and limits.
- Ensuring Quality Assurance is implemented in adherence to Enterprise QA minimum standards.
- Periodically Testing key controls for critical functions, reporting findings and supporting gap remediation as needed.
- Supporting delivery teams on managing Issues and Audits.
- Managing relationships and communications with key stakeholders, business partners at various levels of the organization, including Enterprise Control Functions (ECFs).
- Working effectively in a fast paced environment with stringent timelines, global teams and differing time zones.
Required Job Skills
- Deep understanding of Information Technology (IT) Risk Management and Governance.
- Significant experience in developing, testing and assessing IT controls.
- In-depth understanding of Software Development methodologies Waterfall, Agile, DevOps etc.
- In-depth knowledge of Software Development and Infrastructure Management (Software Development Life Cycle, Incident and Problem Management, Change Control, Access Management, Business Continuity/Disaster Recovery etc.)
- Strong process design/process improvement and change management experience.
- Experiencewith Global Delivery environments
- Risk Sensitive: Ability to identify and evaluate potential risks and appropriately identify and engage stakeholders for discussion, escalation and resolution. Strong analysis and fact-based decision making. Expected to look beyond the issue at hand and raise questions.
- Communication: Proven ability to communicate complex information in simple terms (oral and written). Influence horizontally and vertically across the organization and diverse audiences. Will work both independently and as part of a team and be expected to develop relationships with otherTechnology Delivery, Control Function, Risk and Compliance groups.
- Research: Strong research skills, familiarity/comfort with multiple data/information sources; ability to synthesize findings into a succinct summary/conclusion
- Self Directed: Ability to prioritize work activity to maximize performance in a dynamic, complex, fast paced environment
- 5-8years’ experience in Internal Audit, IT Risk Management and/or Information Security Management
- Thorough knowledge of metrics based risk management.
Job number: 18009611