We are currently working with one of our key clients in financial services to hire a Technology Assurance Lead.
Reporting to the Technology Assurance Manager, the Technology Assurance Lead will be part of team responsible for technology Assurance across the organisation. The Technology Assurance Team is part of the newly formed Technology Risk Assurance team within IT, created to combine technology and security risk governance and assurance into a single function within IT.
The Assurance Lead will work with the Assurance Manager to develop and embed the assurance approach for technology (including security). They will drive the development and embedding of an effective control framework for Technology and for monitoring its effectiveness and adherence to it, ensuring that technology and security controls are effectively and proportionately monitored and managed across IT.
The role will lead the development and implementation a risk -based assurance plan to effectively monitor key controls, compliance and risk areas. They will also support the delivery of the next phase of a GRC tool roll out to enable attestation of control operation. Working closely with the IT teams they will ensure that controls are aligned to good practise and are proportionately applied, enabling a more proactive approach to controls monitoring.
Responsibilities
- Providing leadership and subject matter expertise to drive effective technology controls and assurance.
- Developing and implementing an effective control framework for technology and implementing mechanisms to monitoring its effectiveness, enabling proactive identification of issues/risks.
- Recommending control improvements/new controls to address known issues/identified gaps.
- Shaping and implementing a risk-based assurance plan to test and effectively monitor controls, compliance, and technology risks.
- Developing supplier assurance approach ensuring control, Technology risk position is understood and managed.
- Remaining aware of external good practise approaches to controls and assurance and changing internal requirements.
- Continuous improvement of TRA controls and assurance processes.
- Reporting on controls posture across IT and communication/escalation of IT controls and assurance position/issues to relevant working groups and committees.
- Working closely with internal IT departments to ensure that controls are effectively implemented.
- Ensuring that internal audit and risk assurance plans focus on key areas of concern.
- Coaching and mentoring junior team members.
- Embedding assurance processes/activities.
- Scoping and conducting assurance reviews.
- Identifying trends/common themes from assurance activity and progressing required actions with key stakeholders.
- Reporting controls and assurance input to key stakeholders and committees.
Skills and Experience
- Subject Matter expertise – Have a deep knowledge of Technology and / Cyber Security allowing you to be recognised as an expert within the business.
- experience in a Risk, Governance, Controls or Audit role preferably leading a team, supported by a strong understanding of IT/Cyber Security.
- Initiative and pro-activity – Take effective and informed decisions using own initiative and based upon a sound understanding of the business issues and challenges of the business.
- Communication – Clear and appropriate communication for employees at all levels with the ability to discuss technical subjects with both technical and non-technical audiences. Ability to articulate and pitch governance advice, often at a technical level, directly to key customer stakeholders.
- Planning and Organising – Develop clear, efficient, and logical approaches to tackle issues and problems in a logical, step-by-step way. Ability to effectively collaborate, and work independently in a fast-growing organisation.
- Customer focus – An understanding of customer priorities and a desire to support their expectations.