Job Type: Executive
Location: Isle of Man
An opportunity has arisen for a new team member to join the Risk, Legal & Compliance Team.
This is an important role at the heart of our Risk Strategy. It is fundamental to providing constructive oversight, challenge and support to the approach to how the Group’s IT operations and strategic change projects are directed and controlled. This includes challenging decision making around the Group’s IT strategy, how it achieves its aims, and ensuring that all activities undertaken are within risk appetite and comply with legal, ethical and regulatory requirements, with the overall goal of ensuring that the Group is protected from internal and external risk as far as possible.
Key Responsibilities include:
• Providing strategic and tactical direction and consultation on IT and Project related risks
• Providing Line 2 oversight of key strategic projects and associated governance frameworks
• Constructively overseeing, challenging and validating IT and Project risk assessments
• Supporting and providing input into the Technology Team’s quarterly Risk Forum
• Developing processes and procedures for overseeing, challenging and validating Technology risks
• Recommending changes and improvements to Technology risk policies and procedures
• Reviewing, challenging and validating Line 1 IT Risk Policy compliance assessments
• Working collaboratively with other teams to facilitate up-to-date IT risk analysis and risk management processes and to identify threats, vulnerabilities and acceptable levels of residual risk. This includes emerging risks with due consideration of external events and case studies.
• Participating in the development, embedding and maintenance of our Group Risk Management Framework, including providing oversight of and input into Third Party Risk Management processes and framework
• Reviewing Line 1 Risk and Control Self-assessments (RCSAs), analysing the effectiveness of IT risk control activities from a Line 2 perspective, in accordance with ITIL best practices and reporting on them with practical and commercial recommendations
• Providing advice and training to support Line 1 with managing risks associated with critical issues/incidents that may affect customer, or information security objectives.
• Providing Line 2 review, challenge and insight into new security products as part of a security risk assessment process.
• Assist with and oversee the identification of suitable Risk Management solutions (GRC), risk management information (i.e. dashboards) and automation of risk processes.
To ensure that this role is carried out to the desired level, the successful candidate should have the following skills and experience:
• In depth knowledge and experience of IT related risks, IT risk change, techniques and implications across platforms.
• Broad commercial experience with experience in the financial services sector preferable, operating in a multiājurisdictional environment.
• Experience of working in a business going through continuous upgrading, change and growth.
• Understanding of market knowledge and regulations/legislation within industry and expert on IT risk governance, risk management and risk response.
• Demonstrable track record of working with Risk, Change, IT teams and understanding of audit.
• Relevant IT and Risk Management qualifications and/or relevant equivalent work experience
• Problem solving skills, with the ability to work independently and with integrity.
Interested parties can contact Jon Morley in confidence on 611044 or jon@bespoke.co.im
© Bespoke Recruitment,