IT Risk Manager
Core Asset Consulting
Edinburgh
Job Description:
Our asset management client is looking for an IT Risk Manager to join their Global Risk Management team based in either Edinburgh or London. Reporting into the Global Head of Risk Management, the role will collaborate across the business to develop, embed and facilitate an appropriate and robust Information Security risk management and assurance framework. This is a 2nd line risk role.
Essential Skills/Experience:
Working knowledge of Information Technology and Information Security Risk Management
Proven experience in Information Technology and Information Security Risk Management processes
Working knowledge of security frameworks/standards g. ISO 27001, HMG Cyber Essentials or NIST Cybersecurity Framework
Achieve quick and considered decision making and embrace change
Pro-active approach to tasks and to be accountable and take ownership for things
Attention to detail and the ability to constructively resolve problems and improve processes and procedures
Good judgement regarding prioritisation of tasks; taking the lead; and escalation
Well-developed interpersonal skills – articulate and able to influence
Desirable Skills/Experience:
Ideally, Certified in Risk and Information Systems Control (CRISC) or other risk management certification
Core Responsibilities:
Equip the business with the relevant tools, information and materials to allow the business to make risk- based judgements and decisions in line with strategy, risk appetite, business opportunities and operations
Develop, maintain and facilitate the firm's risk management framework, policies and procedures
Manage oversight of business risks and controls including assurance activity, risk assessments and controls testing
Manage business risk reporting internally to appropriate boards and committees, and externally to clients, consultants and regulators
Presenting, developing and maintaining global Risk Management Framework
Oversight of Information Technology (including Information Security) risks and issues, including independent review, assurance and timely reporting to key stakeholders (e.g. boards, committees, regulators), in relation to the effectiveness of the control environment
Assisting reporting, insight and information on the Information Technology risk management performance of the company including the provision of recommendations and suggested improvements
Represent Risk Management team on projects and change initiatives, and supplier onboarding and management, as required
Represent Risk Management on operational resilience initiatives as it relates to Information Technology risks
Assist Information Technology, by providing guidance and advice, in relation to IT controls that fall within scope of the company as a SOX reporting entity.
Benefits:
A highly competitive salary
Wider Benefits package
Core-Asset Consulting is an equal opportunities recruiter and we welcome applications from everyone irrespective of age, disability, gender, gender identity or expression, race, colour, ethnic or national origin, sexual orientation, religion or belief, marital/civil partner status or pregnancy.
Job reference: 15114
To apply for this vacancy applicants must be eligible to work in the UK in accordance with the Immigration, Asylum and Nationality Act 2006.
At Core-Asset, we're committed to protecting and respecting your privacy. Our privacy statement explains when and why we collect personal information about people who engage with our services, how we use it, the conditions under which we may disclose it to others, and how we keep it secure. We may change this policy from time to time, so please check this policy occasionally to ensure that you're happy with any changes.
By engaging with us (either by applying for a job we're advertising, registering through our website, or getting in touch with our business) you're agreeing to be bound by this policy.
Core-Asset Consulting is committed to protecting the privacy of our candidates, clients and website users. For further information, please refer to our full Privacy Statement available on our website http://www.core-asset.co.uk/about-core-asset/privacy-statement
Core-Asset Consulting offers specialist recruitment services to asset management, accounting & finance, asset servicing, legal and the wider financial services sector in Scotland.
INDPERM