Join us as a Technology Risk & Controls Manager
- If you have a background in risk and control assessment, testing technology controls then join our team in helping to anticipate and assess the potential impacts of risk across the bank
- We’ll look to you to lead and perform technology controls testing and reviews, proactively driving the assessment and implementation of risk framework and policy compliance and changes, converting these into appropriate strategies and action plans
- In this highly collaborative role, you’ll have an ideal platform for building your network and advancing your career, while helping to create a safer environment for the bank
What you'll doYou’ll have the responsibility of supporting management in their identification and assessment of material risks, and in determining their position relative to agreed appetites. Working with senior stakeholders across the bank, you’ll drive the SOX risk assessment technology, SOX and non-SOX control testing for Services.
On top of this, you’ll be supporting a culture of proactive and pre-emptive risk management and continuous improvement, and the attainment of operational risk objectives.
You’ll also be:
- Planning and scoping to undertake control testing, quality control reviews, control deficiency resolution management and reporting
- Engaging with external auditors to communicate the testing scope coverage testing plan and understanding their focus
- Guiding and influencing senior business and IT stakeholders on internal control requirements and improvements initiatives, including controls rationalisation and automation
- Creating a culture of continuous improvement, increasing efficiency and productivity through great people leadership coaching engagement and development of skills
The skills you'll needTo be successful in this role, you’ll need a good understanding of resting IT general controls, and the ability to lead technology risk assessments end to end in line with internal control and external audit requirements.
You’ll have experience with Oracle, SQL and Unix, along with knowledge of COBIT, COSO, NIST and ISO 27000. CISA, CISSP, CRISC or ISO 27001 Lead Auditor certifications are advantageous but not essential.
You’ll also bring:
- A good understanding of the relevant business and the risk and control environment
- The ability to communicate complex ideas and solutions to both business and technical audiences
- The ability to summarise material from a variety of complex sources to support executive commentary within the financial marketplace
- Excellent communication skills in order to work well within the team
- The ability to negotiate with, and influence, stakeholders across an organisation