Operational Risk Specialist - Technology & Change - eFinancialCareers : Job Details

Operational Risk - Technology & Change

£65,000 - £80,000 (dependant on experience) + 15% Non-Con Pension + Bonus + Benefits Central London 3-day week in office - hybrid model

THE COMPANYGrowing London operation of international banking group with global assets of over $50billion, has a newly created role within their risk team (which comprises 18 staff) The role sits within the operational risk team of 3. In this role, the successful candidate will be a specialist who understands operational risk from a cyber security / systems perspective, providing key support to the risk department in the 2 LOD and will be responsible for overseeing technology and change across the bank. The business comprises private banking, commercial and wholesale banking together with retail activities. They have a truly international culture and a very cosmopolitan and collegiate culture.

SKILLS & EXPERIENCE

• Banking or financial services experience is essential
• At least 3+ years technology experience is required, perhaps CompTIA A+ certification
• ISO27001 or equivalent would be an advantage
• Good understanding of Microsoft cloud security as well as Azure
• Understanding of technology reference architectures of leading cloud service providers mainly with a focus on Defender and Sentinel, AWS etc
• Strong understanding of central banking systems and the principles of using them from an operational perspective
• Good understanding of Technology & Change within financial services and ability to identify, analyse, understand and concisely communicate Technology and Change risk. 
• Risk, Issue and Event Management as well as able to challenge systems risk from an operational side
• Control Testing and Risk and Control Self-Assessment (RCSA) and good understanding of wider operational risk practices
• Information and Data Governance Principles
• Excellent communication skills in order to ensure effective communication between functions and business units

THE ROLE

Reporting to the CRO and the Operational Risk lead, and working closely with the IT department and the banks operations both in London and internationally, the role has two areas of work and will include the following:

Technology & Change:

• Assess Technology risks and recommend practical solutions to ensure technology risk remains within risk appetite.
• Participate in the development of new products, business initiatives, and change management projects to ensure risks are captured.
• Provide oversight and challenge systems, products etc with a focus on data risks.
• Support the ISO second line activities and serve as an advisor to business units on technology related issues and initiatives.

Operational Risk 

• Support the development and enhancement of the Banks Operational Risk Framework in line with regulatory requirements and industry best practices.
• Assess and challenge the effectiveness of data protection systems and controls. Identify potential areas of operational risk and control weaknesses in the business, propose remedial actions.
• Maintain robust records of framework, responsibilities, and risk assessments. Provide oversight and challenge with a focus on data risks.  
• Conduct end-to-end Risk and Control Self-assessments (RCSAs) using the systems / tools already in place and support the business in addressing control gaps and areas for improvement.
• Conduct Control testing in line with the operational risk plan or as and when required.
• Support the risk event management process, including root cause analysis, mitigation, and closure.       

• Participate at monthly Operational Risk Committee (ORC) and provide insight, analysis, and updates.
• Coordinate and compile MI for committee packs and document minutes where required
• Support product owners with the completion of risk-related actions such as risk assessments and production of MI. 
• Build, develop and maintain strong relationships with stakeholders. 
• Coordinate with technology to ensure third party vendors are managed and potential supply chain risks appropriately mitigated.