Technology Risk & Controls Manager

Our dedicated team in Cyber and Technology Controls plays a crucial role in safeguarding our organization's data assets. We focus on managing data protection, data management, and data science risks, ensuring that our business operations are secure and compliant with industry standards.

As a Technology Risk and Controls Lead in our Corporate and Investment Banking division, you will play a crucial role in identifying and managing data-related risks whilst ensuring alignment to our strategic objectives. You will utilize your expertise in risk management, data protection, and data management to effectively communicate complex technical information to senior management and support global stakeholders in understanding and executing their data related risk and controls obligations. Your ability to influence and collaborate across all organizational levels will be essential in driving our data risk management agenda. With a strong emphasis on internal audits and regulatory engagements, you will ensure our compliance with industry standards and regulations.

You will identify, assess, and monitor risks while ensuring effective cyber and technology controls. Your contributions to risk identification, control evaluation, and governance will be vital in enhancing the firm's data risk posture. Through your technical aptitude, customer first mindset, organizational and analytical skills, you will significantly contribute to the overall success of the Cyber and Technology Controls function.

Job Responsibilities

• Data Risk Management: Identify, assess, and manage data protection, data management, and data science risks in line with organizational standards and frameworks.
• Data Governance: Provide subject matter expertise and influence in data governance forums, risk committees, controls forums and working groups.
• Control Management: Support Control Managers, Control Owners and Process Owners in accurately representing and maintaining the Operational Risk Management posture in CORE.
• Control Evaluation: Evaluate the effectiveness of new and existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firm's risk posture.
• Issue Management: Document emerging and material risks appropriately, raising issues and action plans in CORE where appropriate.
• Influence and Collaboration: Act as a vocal contributor and proven influencer, working effectively across all levels of the organization with global stakeholders in CTC, Technology, CDAO and CDO.
• Internal Audits and Regulatory Engagements: Lead and participate in internal audits and regulatory engagements.
• Senior Management Communication: Provide clear and concise executive summaries of complex technical messages and emerging risks to senior management.
• Process Documentation: Document processes and workflows using MS Office, Lucid, and other relevant tools.
• Workload Management: Independently manage your workload, prioritizing tasks without close supervision.
• Cyber Security Knowledge: Maintain a deep working knowledge of relevant cyber security policies, standards, regulations, frameworks and technologies through continuous learning.
• Risk Analysis and Mitigation: Analyse data, metrics and reporting to provide well informed guidance to stakeholders on risk management solutions and mitigations.

Required Qualifications, Capabilities, and Skills

• A passion for managing data protection, data management, and data science risks.
• 5+ years of relevant industry experience in Cyber, Information Security, or a related field.
• Strong written and oral communication skills with a proven ability to influence stakeholders.
• Experience in audits and regulatory engagements.
• Strong working knowledge of cyber security policies, standards, and regulations.
• Proficient in MS Office and related tools.
• Self-starter with the ability to manage own workload without close supervision.
• Ability to develop and maintain strong relationships with global and diverse stakeholder groups.
• Ability to analyse complex risk and controls issues and recommend risk mitigation strategies.
• Strong analytical and problem solving skills with the ability to interpret data from multiple sources to provide narratives.
• Strong organizational skills with the ability to deliver to management expectations and deadlines.

Preferred Qualifications, Capabilities, and Skills

• CISM, CRISC, CISSP, or other industry-recognized risk certifications.
• Working knowledge of AI/ML technologies, products and services.
• Working knowledge of Cloud technologies, products and services.

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.