IT Risk Manager at Guardrisk

Role Purpose    

• To ensure the business risk management framework is effectively applied to technology and information systems and to oversee business continuity, security and quality. To plan, execute, and manage multi-faceted projects related to risk management, mitigation and response, compliance, control assurance, and user awareness. To oversee security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the business.

Requirements    

• Minimum Qualification: Relevant Diploma/Degree in Information Technology, Computer Science and/or IT Risk Management
• Preferred Qualification: Certification in any of the following will be an advantage: CRISC, CISA, CISSP, CISM, CIA, PECB (ISO)
• COBIT 5 certified (Foundation and Assessor)
• At least 5-7 years’ experience with relevant IT, risk, auditing, governance and compliance experience and/or management experience
• Requires in-depth knowledge of security issues, techniques and implications across all existing computer platforms
• Experience in the financial services industry
• Understanding of Enterprise Risk Management (ERM), Own Risk and Solvency Assessment (ORSA) and Solvency Assessment and Management (SAM) practices and philosophy and relevant local legislation and regulations impacting risk management.
• Comprehensive risk management skills encompassing the regulatory, risk governance, risk management and IT risk management landscape.
• Relevant industry and technical skills and experience
• Preferred: Quantitative, financial, and accounting knowledge

Duties & Responsibilities    

• Lead by example in contributing to a culture that builds rewarding relationships, facilitates feedback and provides exceptional client service
• Build strong relationships with internal and external stakeholders at all levels and the wider Risk, Legal and Compliance community to remove hurdles and obstacles and co-create an empowered and risk-aware culture
• Engage with relevant internal stakeholders to advise them on the risk profile and to keep them in the loop of issues that need to be escalated
• Conduct the risk management component of due diligence reviews of new clients as well as periodic reviews and monitoring of existing clients.
• Ensure appropriate governance, risk management and internal controls are in place internally and with clients.
• Maintain, update, monitor and report on the risk profile of each client
• Identify changing client needs and incorporate client feedback into improved business processes and systems
• Participate in internal group forums to ensure local business is kept abreast of relevant Risk events and initiatives, take note of key action points and follow-through to ensure execution
• Apply specific technical and business insights in liaising with individual risk owners on a day-to-day basis to understand, manage and optimise end-to-end risk identification, assessment, monitoring, quantification, treatment and reporting processes
• Work closely with business to co-create plans and solutions and ensure proactive risk management is embedded in their processes
• Work closely with business and Risk Managers to flag and mitigate material risks (including IT Risk)
• Produce Risk reports highlighting areas of concern, opportunities and anything requiring further investigation
• Conduct regular interviews to assess and monitor risks
• Continuously monitor and evaluate the overall risk profile across (with a specific inclusion of IT Risk) the risk spectrum for relevant department(s) to provide a combined assurance view
• Ensure the audit plan speaks to the risks identified in the risk plan
• Identify internal and external Risk trends
• Access different databases, newsletters and newspapers and prioritise what is relevant to understanding the broad Risk environment
• Act in an ethical, transparent and morally defensible manner, including highlighting unethical practices
• Identify financial and business risks and escalate accordingly
• Identify opportunities to enhance efficiencies and reduce wasteful expenditure

Competencies    

• Client Centricity
• Integrity, Courage, Transparency
• Assertive, resilient, Deadline and solution-driven,
• Excellent written and verbal communication, influencing, facilitation, and presentation skills
• Interpersonally agile and strong at building relationships at all levels
• Conceptual and analytical with strong attention to detail