Join us as a Technology Controls Specialist, Third Party Risk Management (TPRM), Records and Risk Culture
- In this crucial role, we’ll turn to you to drive and facilitate IT risk assessments across the bank, with a focus on TPRM, Records Management and Risk Culture through the effective application of technology risk framework
- This is an opportunity to gain exposure as you build and maintain relationships with stakeholders across Technology and the Wealth business, ensuring management engagement with operational risk objectives
- You can join us on a full-time or part-time basis, which means you’ll work fewer hours a week than someone on a full time contract, either by working on fewer days, or for fewer hours each day, minimum of 30 hours per week
What you'll do
As a Technology Controls Specialist in TPRM, Records and Risk Culture,, we’ll look to you to apply effective risk management thinking in an IT environment, anticipating, and assessing the potential impact of risk across the bank. You’ll be supervising TPRM controls and external outsourcing risks and respective control environments aswell as supporting critical outsourcing initiatives in the Wealth Chief Digital Information Office (WCDIO) from a risk and SME perspective.
You’ll also be:
- Supporting management in identifying and assessing material risks, and in determining position against risk appetite
- Supervising 3rd party assurance findings including risk assessment and remediation plans
- Supporting business service owners with assessment of 3rd party assurance reports, such as ISAE and SOC
- First point of contact from a WCDIO risk perspective for supply chain management
- Managing an inventory of all critical suppliers to WCDIO to track risk and control status
- Pro-actively supporting external audits in WCDIO from a first line IT risk perspective and put potential findings in risk context
- Owning the external outsourcing risk reporting as part of the overall WCDIO risk reporting
- Supporting the development and delivery of programmes of work to ensure compliance with regulatory requirements
The skills you'll need
To succeed in this role, you’ll need experience of external outsourcing control environments, as well as practical experience in risk management methodologies. In addition, you’ll need a good understanding of the application of operational risk in a technology environment, with a focus on Third Party Risk Management and Records Management, along with experience in a risk or control technical role in the financial services industry.
You’ll need to hold a risk assessor accreditation under the technology risk framework, and either hold or be working towards a qualification in risk, audit or control.
You’ll also demonstrate:
- A fundamental understanding and knowledge of TPRM risks and respective key controls
- Solid experience in IT risk management practices and frameworks
- Experience in IT auditing
- Experience in risk reporting
- Strong communicator and ability to communicate technical concepts to non-technical colleagues and stakeholders
