Head of IT Risk Management

This London-based Information Technology Risk role is within the IT department of a Global Investment Bank. The Head of IT Risk Management role is to provide IT risk services globally. This role is responsible for safeguarding bank's IT infrastructure and application estate, protecting bank's critical IT assets, and ensuring effective IT governance practices. Key responsbilities include

• Develop, implement and maintain IT risk management and governance framework which are aligned to industry best practices, regulatory requirements and bank's overall risk appetite.
• Own and operate effective risk management process for risk identification, assessment, mitigation, and tracking of IT risks across Bank's technology landscape.
• Lead a team of IT risk management and governance professionals to conduct risk assessment, technology end-of-life and vulnerability tracking, IT risk incidents, and IT audits management.
• Partner with rest of IT functions to ensure effective integration of IT risk management and governance into all technology change-the-bank and run-the-bank initiatives., Responsible for the development, rollout and maintenance of the IT Risk Management Framework globally.
• Lead the team of IT Risk Managers to implement and operationalize the IT Risk and Control Framework
• This will include but not limited to Writing Policies and Standards, supporting gap analysis against standard, conducting risk and control assessments, review and approve exceptions and maintain risk registers.
• Conduct desk-based supplier risk assessments.
• Ensure effective communication to all key stakeholders in order to sustain relationships between Application, Infrastructure and Technology Risk.
• Interact with compliance, operational risk, audit and legal counsel to understand corporate requirements related to security and regulatory compliance, and map those requirements to current security capabilities.
• Deploy measures, systems and processes to prevent the loss or theft of the Bank's intellectual property.
• Maintain relevant metrics to facilitate reporting and decision making. Identify metrics and produce risk reports for stakeholders notifying them on key risks, incidents progress and status.
• Ensure compliance with existing laws and regulations and ensure a secure IT Environment.
• Support the IT Risk Governance forum through running meetings, preparing packs and reporting.
  
  Information Security and/or Information Technology industry certification (CISSP, CISM, CISSP-ISSMP, CRISC or GIAC equivalent) strongly preferred.
• Prior relevant industry experience within the banking and /or financial services sector in an IT Risk Management or security role
• Experience in the identification, evaluation and documentation of policies, process and controls
• Experience working with international cross-functional teams fostering collaboration and team work.
• Prior experience with the management of key incidents/errors and the ability to synthesize data, conceptualize and get to the root cause of processes that created the risk.
• Experience working in a multi-vendor and outsourced IT environment.
• Experience in developing IS strategy and frameworks in a financial institution.
• Experience in Business Analysis and Business Case Management.
• Experience directly assessing and communicating risk exposures and developing risk mitigation plans.
Knowledge, technical skills and expertise
• Strong understanding of technology and life cycle development processes (SDLC, technology operations, business continuity, etc).
• Process management
• Knowledge of COBIT and ITIL processes including change, incident and problem management.
• Knowledge of standard business processes including work prioritization and best practices.
• Good understanding of domestic and international banking industry
• Knowledge of ICBC Standard Bank Plc business, BU products, key clients, BU strategy and strategic issues.
• Knowledge of regulatory requirements of home markets e.g. Data Protection
Personal attributes
• Global mindset
• Resilience
• Client mindset
• Pays attention to detail
• Results-orientated
• High level of integrity
  
  ICBC Standard Bank Plc (ICBCS) is 60% owned by Industrial and Commercial Bank of China and 40% by Standard Bank. ICBCS benefits from a unique Chinese and African parentage and an unrivalled global network and level of expertise.
ICBCS is a leading financial markets and commodities bank, driven to deliver the right outcomes for our stakeholders, clients, counterparties and the markets in which we operate. We deliver products in an environment which considers the appropriate needs of our clients, whilst providing guidance and expertise to ensure our employees understand our business and uphold the highest levels of conduct. We want passionate and talented individuals who are motivated by high growth potential being achieved in doing business the right way. Headquartered in London, ICBCS also has operations in Shanghai, Singapore and New York.