Technology Risk Management Specialist

The Technology Risk Management Specialist will play a key part in providing assurance and insight to the management of technology risks, controls and related change programs. The role collaborates closely with Engineering, and other global teams (e.g., Risk, Compliance, Information Security), to ensure that technology risks are managed effectively and in compliance with regulatory requirements. The Risk Management Associate reports into the Risk & QA Associate Director, Stoxx Engineering.

The right candidate must be able to understand and assess risks, build relationships with diverse stakeholders, influence change across the organization, and prioritize issues and escalate appropriately.

Key Responsibilities:

• Provide 1st line risk management support by operating and maintaining the Risk Register.

• Conduct risk analysis to identify potential technology risks and vulnerabilities, gather and prepare information to present to the Risk Owner for decisions.

• Track risk mitigation actions and plans with Application Owners (& others as appropriate) through to completion 

• Work with Engineering teams to develop and implement risk mitigation strategies and controls.

• Assist in the implementation of a control framework across Engineering.

• Support the creation of risk reports to effectively convey risk and control assessments to senior management, highlighting controls weaknesses, the evolving threat landscape, emerging risks, and much more.

• Work closely and collaboratively with key stakeholders across the organization.

• Engagement with change programs to provide ongoing oversight of delivered technology risks.

• Control effectiveness - collect and analyze data on control effectiveness and assess impact on risk posture. Process testing for effectiveness & compliance. Metric collation for KPI/KRI analysis to identify areas of process improvement.

• Support teams with process improvement implementation, automation of metrics.

• Participate in support of internal/external audits, findings, remediation, BCP, Regulatory assessments, RFIs from customers relating to Engineering.

Qualifications:

• Bachelor's degree in IT, Computer Science, Risk Management, or a related field.

• Prior experience in risk / controls assessments and ideally you will have experience with operating risk registers and/or GRC tooling.

• Strong understanding of risk assessment methodologies and frameworks.

• Knowledge of regulatory requirements and industry standards (e.g., ITIL, ISO 27001, NIST).

• Excellent analytical and problem-solving skills.

• Strong reporting and presentational skills.

• Broad exposure to related disciplines within Risk (e.g. cyber, data, change) and awareness of market best practice in risk management within financial services.

• Understanding of good governance practices and the principles of control environment design and operation.

Personal skills & capabilities:

• Strong team and stakeholder management, problem solver, a self-sufficient individual with an ability to be constructively address issues. 

• Able to work on multiple initiatives at once, prioritizing effectively.

• Collaborative skills with the ability to work across disciplines ensuring collective accountability and individual responsibility for task ownership.

• Effective communicator, sharing insight that translates technical concepts into clear and understandable language

#LI-TG1 #ASSOCIATE #STOXX