Technology Risk & Control Job Description
Technology Risk & Control Duties & Responsibilities
To write an effective technology risk & control job description, begin by listing detailed duties, responsibilities and expectations. We have included technology risk & control job description templates that you can modify and use.
Sample responsibilities for this position include:
Technology Risk & Control Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Technology Risk & Control
List any licenses or certifications required by the position: CISSP, CISA, CISM, CRISC, CFE, CIA, CBCP, CA, CPA, PMP
Education for Technology Risk & Control
Typically a job would require a certain level of education.
Employers hiring for the technology risk & control job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Management, Engineering, Business, Information Technology, Technology, Finance, Accounting, Information Systems, Financial Services
Skills for Technology Risk & Control
Desired skills for technology risk & control include:
Desired experience for technology risk & control includes:
Technology Risk & Control Examples
Technology Risk & Control Job Description
- Coordinatong across Technology infrastructure and 3rd parties to ensure timely and complete assessments
- Developing and regularly produce TRC activities reports
- Managing TRC assessments including 3rd parties, drive work streams, report on progress, escalation of risks and issues when necessary
- Establishing and manage relationships with key stakeholders across COO infrastructure and 3rd parties
- Establishing and manage key processes and interfaces across COO infrastructure and 3rd parties
- Developing, monitoring and reviewing the KPI’s and KRI’s defined for TR compliance
- Overseeing the development of a current to future state model, with compelling drivers to produce results
- Developing and maintain linkage between internal and external TRC activities
- 15+ years financial services/banking industry experience in a Global role
- Very strong technology infrastructure background
- Proficient in the MS Office Suite (Excel, Word, Powerpoint, Visio, Sharepoint)
- Participation in a number of data working groups, Information Architecture
- Strong analysis and project management skills managing multiple projects to deadlines & priorities
- Proficiency with presentation, analysis, communications tools and facilities
- Knowledge of COBIT, ISO and ITIL standard processes and controls and related regulatory requirements aligned to TRC
- Demonstrated IT risk management skills
Technology Risk & Control Job Description
- To be responsible for the identification and escalation of emerging and upstream operational risk through the execution of operational risk management framework tools, including risk event management, reporting, and action plan tracking
- To continuously improve management of the operational risk framework, identifying the need for adaptation of controls to meet changes in the risk profile and optimise the balance between controls and risks
- To be responsible for providing risk support in the management of incidents to minimise risk/loss and to identify, analyse and report control metrics on a timely basis
- Perform annual assessments
- Perform periodic control validation and audit reviews
- Mitigate operational risk to acceptable level and recommend follow-up action to facilitate risk acceptance
- To assist CB Operations in the decision making process and provide assurance that internal/external policies and regulation are fully complied to through the provision of timely, accurate and focused risk specific support, reporting and recommendation
- Act as liaison for CB Ops with Group Risk / Compliance / Legal / Audit
- To promote risk awareness and compliance with Group’s policies, standards and guidelines
- Prepare and manage the timely submission of risks reports
- Minimum of 5 years experience demonstrating expertise in structured Project Management discipline and techniques is required
- Related professional qualifications a plus
- Define, manage and oversee new and existing risk acceptances
- Provide detailed risk assessment planning and risk analysis to support the overall assessment program, including
- OSupport of initial risk assessment
- ODrafting coordination across Information Security, Security Architecture and WM/ IM business lines, and through the approval process
Technology Risk & Control Job Description
- Collaborate with various T&O technology teams in the maintenance of effective internal controls
- Liaise with the Group Audit, Group Legal and Compliance and T&O ORM teams on a regular basis
- Raise issues/concerns, and provide constructive advice to the management so that significant IT risk and control issues are escalated and resolved properly
- Participate and coordinate in internal/external audit activities
- Manage the department’s security related process improvements and quality programs by participating in research / advisory services, including capturing of organizational metrics and analysis
- Perform data analysis or procedure reviews to ensure compliance to the bank security standards
- Work with internal stakeholders and vendor to review and streamline the work processes of the bank and vendors
- Assume the role of BCP coordinator for the department and work with the relevant teams to conduct and document the annual drills
- Maybe involved in tracking of SLA delivery on vendor management
- Provide Privileged IDs support to the department including ad-hoc after office hours or weekend support if required
- Controls Gaps identified through consultant assessments
- Remediation Self-identified Controls Gaps
- Audit engagements successfully completed
- Audit findings closed on time
- Cost Avoidance on audit finding recommendations through IT Risk consulting and negotiation
- Risk Partner relationship surveys (TRMIS, Audit, ORM)
Technology Risk & Control Job Description
- Acting as the primary liaison to work with NYL Corporate (ECS, Corporate, Insurance and Agency, Investments, ) on IT Risk and Control initiatives
- Assist in aligning NYL Corporate to the IT Risk and Control capabilities and identify process improvement opportunities, where applicable
- Monitoring the implementation of controls for technology and business project plans
- Acting as the first escalation point for risks and issues interacting with the business
- Escalate issues to senior management and the Head of IT Risk and Control as appropriate
- Making moderate IT risk and business decisions
- This role directly interfaces with the Retail and Business Banking Technology (RBBT), the Corporate Centre Technology (CCT) Delivery Groups, - direct experience with RBBT or RBB is strongly desired
- Application development (design, coding, and testing)
- Technical reviews (ensure quality design and coding standards are followed)
- Technical leadership (help ensure our technologies and standards continue to evolve)
- Client relationship surveys (CB&W management)
- Executive satisfaction and commendations
- Guide CB&W delivery leaders and teams in proactive risk management and issue resolution
- The ideal candidate has significant experience in managing, coaching and/or leading Risk Management as a practitioner
- Someone with a passion for this function, pragmatism about what great RM looks like, and a genuine commitment to helping people and organizations get better at what they do
- Hands-on experience and previous accountability for Risk Management & IT Controls outcomes
Technology Risk & Control Job Description
- Risk review of Firewall rule changes in GS IT Infrastructure
- Assess IT security control deviation
- Help develop, execute and enhance the firm?s global web-control risk management program
- Participate in and/or lead programs to improve or remediate the control environment across Asset & Wealth Management, with specific emphasis on Data Management and/or Identity and Access Management
- Play a leadership role in shaping and driving the Access Management agenda, which will encompass privileged access, roles-based entitlement strategy, security administration processes, and similar
- Participate and contribute/challenge the various meetings called by Proposing Units to discuss assessments and reviews
- Drive Risk Reviews in various locations and conclude it in a timely manner with outcomes clearly articulated with related risk based prioritization
- Collaborate to bring a landscape of significant processes and articulate issues and causes of such landscape
- Provide reporting and articulate outcomes of the tasks undertaken
- Work closely with Consumer Banking Operations In-Country Representative on project timeline and project status in accordance to Consumer Banking Operations’ business scorecard
- Implements and maintains appropriate engagement models with other Lines of Defence functions external stakeholders
- Minimum a degree in Computer Science, Engineering, Information Technology or related discipline from a recognized institution
- At least 8 to 10 years of working experience in the IT industry
- Familiar with IT controls over different operating system and database platforms will be preferred
- Familiar with Applications Delivery Life Cycle, Project Management best practices and IT Controls
- Basic knowledge application user access and access matrices will be preferred