Director Technology Risk and Controls Management

Employer: LSEG Romania
Domain:
  • Internet - eCommerce
  • IT Hardware
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • Updated at: 15.08.2022


    Role Purpose

    Drive a positive and responsible approach to risk management in an environment of increasing regulatory and audit attention, and embed a culture of risk management across technology

    • Influence the group's approach to managing risk, aligning with group risk, audit, regulators and other stakeholders
    • Drive divisional teams to ensure timely planning for adequate resources and priority to meet demand for risk data and process
    • Ensure divisional leaders are managing top risks responsibly and build transparency around remediation plans into the change portfolio
    • Work to channel second line demand and provide robust challenge to approach and sequencing to ensure value
    • Support regulatory office in delivering required data and constructive challenge to regulators, assisting in management of the relationship and ensuring the technology organisation avoids negative regulatory attention
    • Quality assure regulatory and audit responses

    Key relationships & committees

    Other Technology COO functions including strategy, business performance and programme governance

    Technology Leadership Team (Divisional CIO's)

    Technology Divisional business management teams and risk officers

    Regulatory office

    Cybersecurity

    Internal Audit

    Group Risk

    Key responsibilities

    This role enables timely and effective management of risk in technology, while aligning the governance model to support the firm's strategic goals

    • Foster a strong risk culture with proactive and collaborative value add approach rather than compliance driven
    • Operationalise Risk Management into existing Technology processes including strategic planning & project management
    • Ensure risk appetite and links to technology objectives influence target operating model and investment priorities
    • Feed audit and regulatory requirements feed into risk appetite and link to technology objectives, influencing target operating model and investment priorities
    • Build clear effectiveness metrics embedded into existing reporting mechanisms, tailored to audiences and rolled up in a way that is traceable through leadership teams, Exec Risk Committees, to the board etc.

    Build a broad, active community of risk champions and stakeholders to improve the risk management and control culture across the technology organisation

    • Build expertise in the management of IT controls to provide added value across technology
    • Deliver risk and control data analytics dashboards to facilitate data driven decisions by senior leaders
    • Use modern data analytics to enhance strategic intelligence / risk assessments

    Skills

    • Previous IT Audit, 2nd line Technology Risk or 1st line technology risk assurance expertise in financial services
    • Industry / leading practice knowledge to provide guidance to support Divisional Technology teams and influence practices in DevSecOps, agile, tooling, architecture, disaster recovery, operational resilience, IT asset management, incident and problem management, IT third party risk management, program/project management, infrastructure practices
    • Review / challenge risk & control assessments and control testing performed by the Divisional risk representatives and provide training as required
    • Perform validation testing on actions
    • Ability to write and distinguish between risks, controls, process, issues and actions
    • Help to facilitate updates/refreshes of the Group Risk Taxonomy and Risk Appetite with the Divisional Technology Risk Officers
    • Ad hoc projects and initiatives
    • GRC tool design requirements and testing
    • Thematic analysis of risk exposure

    Leadership responsibilities

    May include direct line management and matrix management of FTE and contract resources in order to build out control processes and tooling

    More emphasis is on influencing existing teams in other divisions to enhance their risk management culture and drive the availability of meaningful metrics and data.

    Critical deliverables

    Work with divisional CIO's and their risk teams to move the risk culture of 1st line to be stronger, proactive and with increased capacity to provide timely and quality input to 2nd and 3rd line, getting on the front foot with implementing controls

    Channel demand from 2nd and 3rd line through Technology COO office, triaging requests and challenging on scope, timing and sequencing where it makes sense

    Drive remediation of key risks and audit observations through making transparent and clear the relationship between risk mitigation and the investment portfolio / operational excellence activities

    Oversee assurance activities to ensure appropriate and periodic risk management activities are completed to a level of rigour that supports responsible risk taking by Technology

    Investigate and sponsor the adoption of appropriate risk tracking / management tooling and ensure the reuse of data generated by this tooling to support key decision processes such as annual demand management / capital allocation

    Ensure high priority regulatory / audit observations receive adequate management response and that proposed mitigations are tracked through to completion with traceable and demonstrable outcomes

    Impact

    By strengthening risk management capabilities in Technology, the role holder is directly contributing to the improved management of risk and therefore avoidance of negative events with revenue or reputational impacts.

    The role holder will have the opportunity to drive a complex agenda of change activities that contribute to the material success of the organisation by reducing operational risks and ensuring that the business can make investment and mitigation decisions with appropriate data and rigour.

    At LSEG, we believe that creating a diverse and inclusive organisation is fundamental to the way we deliver on our promise of creating essential partnerships and open opportunities. Our open culture is central to how we deliver our purpose - driving financial stability, empowering economies and enabling customers to create sustainable growth - in everything we do.

    Working with us means that you will be part of a dynamic organisation of 25,000 people across 70 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

    LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

    We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.

    Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject.

    If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.