Vacancy expired!
- The Business Risk Manager is a strategic professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business.
- Recognized technical authority for an area within the business.
- Requires basic commercial awareness.
- There are typically multiple people within the business that provide the same level of subject matter expertise.
- Developed communication and diplomacy skills are required in order to guide, influence and
- convince others, in particular colleagues in other areas and occasional external customers.
- Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business.
- Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function or job family.
- Requires in-depth understanding of how areas collectively integrate within the sub-function as well as coordinate and contribute to the objectives of the entire function.
- Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers.
- Has responsibility for volume, quality, timeliness and delivery of results of an area.
- Involved in short-term planning resource planning.
- 5 years of experience in Information Security, Records Management, Data Privacy and
- Continuity of Business, or Business and Risk and Control.
- Experience with EUC Management
- Strong Microsoft Excel, Word and PowerPoint skills
- Experience with interpretation and application of IS Policy and Standards.
- Familiarity of business, regulatory and compliance requirements.
- Strong risk analysis and problem-solving skills.
- Bachelor's degree or University degree or equivalent experience.
- Solid risk management skills and Information Security knowledge
- Knowledge of key government regulations and local laws
- Excellent consulting and problem-solving skills
- Able to convey ideas, advice and resolution options to enable business to senior management and staff
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding client, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
- Third Party Officer (TPO):Represent business leadership to coordinate and facilitate
- Third Party Risk Management activities
- Complete or provide advise to BAO on the Risk Assessment for third party and reevaluate as required; identify any significant changes in relationship to trigger update of Risk Assessment Verify third party's compliance to required policies and controls
- Maintains and updates client's Exit Strategy Plans as required
- Monitor and evidence third party performance and SLs through client
- Performance Management Assessment (PMA) process Verify that Third Party contracts are properly executed and uploaded in client's Contract Management System
- Facilitate Own remediation of issues or gaps identified as part of ongoing monitoring
- Liaise with the ESC Third Party Utility, as necessary, to review and respond to the results of third party risk management activities conducted centrally by the Utility
- Records Management: Responsible for the oversight and support of the records management function for the global operating teams including: Oversight of records management inventories
- Review and definition of records management controls
- Work with relevant stakeholders to develop and implement process controls and testing to evaluate compliance and demonstrate governance.
- Conduct reviews and collect metrics to demonstrate compliance with Records Management and Archiving requirements.
- Data Privacy, Cross Border Data Transfer: Review and assess initiatives being considered for a Cross Border Data Clearance (CBDC) and determine follow-up actions required to perform CBDC and Privacy Impact Assessments.
- Review, assess and develop requirements as new regulatory requirements develop globally in the privacy space.
- Assist in the workflow process as related to the Privacy Risk and Compliance Assessment (PRCA) for GDPR impacted initiatives.
- Initiative progress tracking through the Cross Border Review pipeline.
- End User Computing (EUC): Perform review and approval of EUC Registration.
- Monitor and ensure that New EUC Creation Surveys are completed in a timely manner.
- Ensure awareness of the EUC Policy and Standards within the segment's stakeholders.
- Ensure EUC exceptions are created and approved.
- Continuity of Business (COB)Manage risk by analyzing the root cause of issues, impact to business and required corrective action.
- Coordinate with internal and external compliance and auditing agencies and officials.
- Develop procedures and process control manuals.
- Generate metrics and manage productivity to ensure service level agreements and client expectations are met.
- Produce requirements documentation in both written and diagrammatic form.
- Business knowledge of documentation type and purpose.
- Ability to work on multiple projects simultaneously.
- Track record as a strong analyst - recognized as able to deliver work in pressured environments
- Information Security (ISO)Ensures oversight and compliance to the IS program within the
- business, including programs, policies, and related reporting
- Communicates and interacts regularly with employees and business management on IS related programs, policies, and standards
- Assists in the implementation of IS standards at the business level to ensure that procedures and practices comply with client standards.
- Develops corrective action language for all IS-related gaps and approves all closures by reviewing evidence to ensure the closure meets client requirements or industry best practices
- Collaborates to create Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) in the appropriate tools
- Support business on IS matters during audit reviews and regulatory inspections
- Helps security incident response teams resolve and close the investigation of incidents with proactive suggestions
- Validate third party issues and ensure management's awareness of the risk involved
Vacancy expired!