IT Governance & Controls Manager

Office Status: Hybrid

Job Duties

This job description outlines the requirement for Americas Head of IT Governance & Controls reporting to the Global Head of IT Governance & Controls with matrix reporting to the Americas CIO.

Governance Frameworks & Controls:

• Support implementation of the IT risk management framework and process through supporting the roll out the firm’s Enhanced Risk Control Framework for the region.
• Support risk reporting for core IT processes and provide regular group risk reports covering these KPIs/KRIs, with focus on Americas
• Ensure Technology policies comply with Group standards and ensure policy amendments/changes are carried out in accordance the relevant governance bodies
• Support the Technology Risk Forum as part of risk governance structure and provide coverage in the Americas Regional Risk Committee
• Provide central view of control requirements and control attestations for the function and appropriate regional risk owners
• Support management of controls development, attestation, and assurance program to demonstrate oversight and management of key controls
• Partner to develop new & enhance existing tools to demonstrate controls oversight within the 1st Line of Defense

Audit, Regulatory & External Response Management:

• Act as primary point of contact and facilitator between Technology and both external & internal auditors as it related to the Americas region
• Oversee and monitor progress of mandated remedial actions for the Americas from risk, events, control vulnerabilities and audit actions
• Review audit findings and provide challenge to appropriateness of ratings and action owner assignment for the region
• Oversee the regional IT teams proactive participation to remediate audit findings.
• Advise on the best possible way to remediate audit findings after validating the approach from the auditors. Provide management reporting on the open audit findings
• Facilitate with IT team to complete client and regulatory questionnaires as relevant ; review and validate responses prepared for client questionnaires; participate in follow-up meetings to resolve queries related to the response

Risk Management

• Act as primary point of contact between the Technology function and the Risk function on a day to day basis, championing Risk Management in the function and coordinating with the Risk function as required
• Co-ordinate and manage risk assessment processes including any required reporting in to the central risk system
• Liaise with all key stakeholders in carrying out all required risk management processes

Other Duties

Risk Responsibilities

Ensure that you understand the risks and controls on your department; what could go wrong, what controls you have to prevent/detect or contain these.

• Be proactive and deliver thorough risk management driving behaviors which comply with policies
• Ensure that you are fully aware of and adhere to internal policies that relate to you, your role or any other activities for which you have any level of responsibility
• Take responsibility for the implementation and maintenance of policies, processes, systems and controls as required by the Risk function and the Policy Owners
• Ensure that you engage appropriately with the Risk team to ensure the effective implementation of all risk management processes.
• Report all events and breaches where there has been a failure to adhere to policies and controls to the Compliance function
• Escalate risk events immediately and log them within 24 hours using the risk event capture form on the intranet
• Provide input if requested to the Risk and Control Self-Assessment process, scenario analysis, ‘Deep Dive’ reviews and any other risk management processes, as required.

Skills and Experience:

• Multiyear experience in a Risk control, Risk management environment
• Proven track record working in Risk Management / LOD / IT functions
• Proven track record working with regulators / auditors
• Thorough understanding of IT Risk control mechanisms
• Experience of control testing / assurance / managing audits
• Detailed Understanding of Technology governance processes
• Takes ownership / accountability of tasks and drives them to completion
• Constructively challenge where appropriate
• Continuous improvement to achieve ‘best in class’
• Ability to develop and present management summary
• Proven leadership and management qualities

Person Specification

Client Focused

• Personable with the ability to develop strong working relationships at all levels
• Proactive and highly engaged
• Demonstrates strong customer focus & ability to work effectively with others
• Constructively handles disagreements to reach a resolution
• Ability to work with diverse groups/ personalities

Innovative

• Solution orientated – not just present a problem, adapt for Technology
• Flexible approach to work – ability to adapt to a range of tasks
• Seeks opportunities for improvements; Future proof solutions
• Handles situations and problems with innovation and creativity

Dynamic & Competitive

• Demonstrates high levels of energy in seeking out and achieving new goals
• Shows evidence of being comfortable working in fast paced or pressured environments
• Enjoys a challenge and knows when to escalate
• Ability to work effectively in a high pressure environment

Open & Communicative

• Confident and professional writing skills, including ability to draft correspondence on behalf of senior leaders, and knowledge of etiquette for formal correspondence
• Communicates effectively and efficiently to internal and external stakeholders
• Adapts communication style to suit audience

Personal Integrity

• Able to demonstrate honesty, integrity and professionalism
• Promotes loyalty to principles
• Works ethically and shows respect for both professional and company values

Effective

• Excellent attention to detail, highly organized with a proactive approach
• Strong analytical ability and problem solving skills