Operational Risk Financial Company

IT Risk Management Framework – work with Operations and Technology to provide a consistent; pragmatic; and effective approach to Operational and Technology Risk Management:


Main Function:
Provide Risk Management expertise to the CIO Organization, encouraging a pro-active approach
Provide guidance and support Operations involved in Regulatory, Compliance and Audit reviews.
Support the Sarbanes-Oxley IT programme and help coordinate/QA the SOX evaluations/testing performed, while managing down the impact of SOX and supporting individual Technology teams through the life-cycle.
Lead and/ or support delivery of specific projects


Main Duties :
Risk and Vulnerability Assessments understanding operational risks.
Work with Internal & External Audit teams to deliver an effective, efficient, fit for purpose process limiting impact to the CIO Organisation
Raise Auditee understanding of, and skill-set in, management of the audit process through formal training
Support the CIO Organisation with Audit Management expertise, including:
Review audit scope, findings and recommended solutions
Ensure effective, on schedule closure of IT audit points
Facilitate remediation of Pan-Technology audit issues
Produce Management Reports on audit related issues and associated risks
Support the Sarbanes-Oxley IT programme, including: advising Technology teams on SOX control execution and testing, coordinating with Internal and External Audit, as required, produce Management Reports on SOX related issues and associated risks
Work hand-in-hand with Technology teams to execute Sarbanes-Oxley IT evaluations and testing, including QA, obtain relevant sign-off, work with Technology management on issue analysis and appropriate remediation
Work with Compliance to co-ordinate management of Regulatory requests
Support Technology in fulfilment of the request, co-ordinating impacted teams
Provide independent QA of responses prior to Compliance submission
Assist in delivery of pan-Technology risk reduction projects and/ or support specific Technology areas in risk remediation activities

Person Requirements
Qualifications / Education Required
Degree or qualified by appropriate experience

Experience Required
Understanding of risks and controls within a Operations environment,
Ability to assess, quantify, effectively communicate and gain buy-in to risk
Risk assessment and implementation of remediation in both the application and infrastructure disciplines.
Experience in management and delivery of change projects
Awareness of relevant industry Regulators and experience in dealing with Regulatory requests
Relationship building/maintenance across Operations and Technology Management and teams
Experience in Sarbanes-Oxley programmes delivery levels, to include: assessment and remediation implementation in both application controls and infrastructure controls

If you want to be part of a growing organization please send your resume to Joseph Amanna at Huxley Associates.