CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
Division Summary The Technology Risk team currently provides Technology Risk service to more than 100 different applications and a wide range of infrastructure operating systems and databases across London, NY and Asia and an information security service to the whole firm. Job Purpose This role is within the IT department of a Global Investment Bank. The Technology Risk Manager is part of the Technology Risk team encompassing Technology Risk and Information Security which acts as the First Line of Defence. You will be responsible for providing oversight of the control environment across various CIO teams in the IT department. You will assess the technology risks across key applications, systems and processes and maintain an understanding of the key areas of risk. You will work in close partnership other members of the Technology Risk team (Security Operations, Cyber Security, IT Risk and Logical Access Management) and with the CIO teams to identify appropriate remediation actions to being any risks identified back to within our risk appetite and then oversee the timely delivery of any remediation work agreed. You will be responsible for running the risk governance processes. You will also play an important part in collaborating with colleagues in Operational Risk and internal and external Audit. Key Responsibilities
Support the risk governance processes covering the IT teams (control assessments, risk committees, risk acceptances, risk register, risk remediation action tracking)
Capture and manage risks raised by IT either in response to identified vulnerabilities, incidents or formal controls assessment processes
Work in collaboration with the IT teams to agree appropriate remediation actions to identified control weaknesses and oversee the timely completion of these actions and other actions identified in IS vulnerability scanning or pen testing activities
Perform application and system control reviews both as part of the change management processes and also as part of a periodic controls assessment program.
Produce monthly management reporting (MIS) in support of the various activities within the IT risk management governance framework
Support the Head of Technology Risk in developing the maturity of risk management activities across IT and provide thought leadership as required
Provide technology controls and risk advice to the IT teams and liaise with other controls experts across the organisation as appropriate (e.g. information security, business continuity)
Champion best practices for GCC (general computer controls), including change management, Identify and access management, SDLC
Collaborate with colleagues in Operational Risk and internal and external Audit.
Preferred Qualifications and Experience
Professional Qualifications - CISA/RiskIT/CISM/CISSP/CSSLP (Desirable)
Extensive experience working in IT with a risk or controls focus or in an internal audit function specialising in IT
Thorough understanding of software development lifecycles (SDLC) and general computer controls (GCCs)
Excellent knowledge of technology risk and control taxonomies and the industry standard frameworks (COBIT, ISO27001, ISO/IEC 27034)
Excellent relationship management and collaboration skills and ability to provide appropriate challenge to IT colleagues on control design and operation and the tracking of any agreed remediation activities
Deep understanding of audit requirements and ability to provide accurate and timely information to requests
Understanding of regulation, policy and standards applicable to the technology control environment
Working knowledge of the Global Markets business
Demonstrable technical credibility
Proven influence at senior manager level
Excellent written and oral communication skills
Excellent facilitation, negotiation, challenge and conflict resolution skills
Analytical and problem solving skills
Demonstrable ability to plan, prioritise and manage multiple activities
Strong networking skills
Team player - approachable, ability to share and consult others
Requirements: Locale London
Internal Number: 6302070
About ICBC Standard Bank Plc
eFinancialCareers is a career site specializing in financial services.