Beschreibung
Unser Mandant ist ein internationales FinanzdienstleisterLead CIO risk and control initiatives (50%)
- Define scope of required remediation actions while assessing cost of implementation vs. group risk appetite
- Create proposal and defend in front of relevant boards and internal governance bodies (e.g. Group Change Board)
- Act as senior stakeholder and point of escalation during project execution
- Manage stakeholders at all levels and obtain support for successful implementation of initiatives
- Coordinate the Risk & Control project portfolio to successful delivery
Manage risk and control reporting (20%)
- Collate weekly summary information for MI reporting and present to senior management e.g. during Group Control Board
- Negotiate required remediation actions with risk owners to bring CIO risk profile in line with group risk appetite
- Prepare the quarterly G&CC submission
- Provide information into the monthly GTIS business report
- Compile monthly business unit control board report
- Attend meetings representing Technology Governance and Assurance.
- Provide ad hoc reporting as required on progress of risk and control initiatives
- Assess reporting process for potential for efficiency gains and propose innovative solutions for automating reports
Manage CIGLS and CIBULS for German entity (10%)
- Work with company risk functions to co-ordinate actions to resolve the CIGLS/CIBULS
- Work with Audit and Barclaycard to ensure consistent understanding of position and progress
Manage risk events and non-compliances (10%)
- Detailed analysis of issues, risk events, and incidents to identify root causes and define effective remediation actions
- Identify and manage stakeholders
- Manage and support implementation of remediation actions
- Manage dispensations, wavers, and breaches, specifically justify and negotiate extensions with stakeholders in the global risk community
Support of audit activities
- Co-ordinate any planned activities with audit prior to, during and post audit
- Work with audit to support the continuous business management activities
- Monitor and report audits and resulting audit actions
- Assist Head of Risk & Control, CIO in preparation for audits and track any resulting actions
- Work with GTIS and business to co-ordinate the support of audit activities
Manage the attestation process for principle risk and key risk scenario
- Initiate and drive data gathering for the attestations
- Set up timetable and meetings for reviews and final attestation
- Determine delta with previously reported position and report accordingly
Support the ongoing development of Risk and Control assessments (RCSA) for both BAU and projects
- Review risks identified for consistency and relevance to the assessment
- Confirm controls are relevant and accurately reported
- Ensure funding and resourcing is in place for the action plan
- Validate the action plan for do-ability and monitor and report progress
- Identify control owners and obtain their support for control implementation
Ensure risk and control objectives are embedded within the CIO organisation
- Integrate CIO risk and control objectives into overall CIO strategy
- Manage new risk and control initiatives to properly land the BAU function within the leadership
- Monitor progress of Risk and Control responsibilities within Leadership responsibilities
- Prepare and present Risk and control briefings as required across the business and CIO Organisation
Manage key policy implementation
- Monitor and maintain list of all policies affecting CIO
- For agreed priority/key policies develop a monitoring and control process within GISD
- Implement and report progress of actions to achieve and maintain policy compliance
Liaise with Compliance Manager, Regulators, Data Protection Officer, Business Contingency Management and Business Risk
Assist in Supplier and Contract Management Process
Skills:
- Proficiency in performing risk analysis, evaluation, and reporting utilizing risk management tools such as RSAM and OPUS. A clear understanding of the enterprise risk management frameworks
- A self-motivated team player who is able to define, structure and prioritize work for self as well as others, but who also has the flexibility and capability to change priorities when circumstances dictate
- The role holder also needs a strong technical focus and a good understanding of the drivers of technical risk in project delivery
- Excellent communication skills across all levels up to SX, assertive, able to challenge discussion partners and to negotiate appropriate remediation measures
- Fluent in German and English languages
Expertise:
- Specialist Technology risk management knowledge across the value chain in Change and BAU
- Expertise of the implementation of policies and procedures
- Expertise of process improvement and standardization in risk management
Experience:
- 3-5 years of experience in Audit, Compliance or Risk Management, ideally in a technology driven environment and / or Banking environment
- Extensive experience of managing complex relationships and supporting developments in technology risk techniques and infrastructure through negotiation and support
- Sound experience in Project management and Quality assurance