Technology Risk & Controls Manager - Exempt - TTI of USA, Inc.

Job Description:
The Position: The Enterprise Risk Management (ERM) team within GRM is seeking a Technology Risk & Controls Manager to support several operational resilience remediation initiatives in relation to the upcoming Digital Operational Resilience Act (DORA) regulation. Responsibilities will include:

• Enhance, embed, and mature ERM s technology risk and controls framework.
• Assist in development and implementation of ERM strategy, tools, policies and procedures for identifying, capturing and assessing technology related risks and controls.
• Assist in verifying and documenting the technology risk and control inventory
• Work with Divisional and Business Unit Technology to drive risk frameworks and assessments related to the products and the surrounding infrastructure.
• Support the production of annual risk and control self-assessments of the technology risk environment.
• Assist in the identification of quantitative and qualitative technology risk metrics. Create technology risk reporting and dashboards.
• Support BU Risk Officers in risk reporting to senior management.
• Support BCM/Operational Resilience enhancements.

• 8+ years experience in technology risk management, technology audit and/or compliance in the financial services industry within capital markets.
• Strong understanding of (technology) risk management principles and internal control framework.
• Experience in implementing and supporting a technology risk management framework and/or technology internal controls framework in a complex organization.
• Ability to evaluate operational or technological measures to assess risks and effectiveness of controls.
• Experience in creating, implementing and maintaining (technology related) policies, procedures, guidelines, standards, and best practices.
• Good understanding of (technology) risk management frameworks, including COSO, COBIT, NIST and ISO 27001.
• Understanding of operational resilience concepts and experience working on operational resilience related (regulatory) programs (e.g. PRA/FCA/BoE Operational Resilience, DORA)
• Innovative, strategic thinker.
• Inquisitive nature with high attention to detail and ability to seek out information.
• Action and results-oriented with ability to drive results and effect change.
• Strong communication, facilitation and influencing skills; ability to articulate and communicate complex ideas and concepts in a clear, concise, and structured manner.
• Strong organizational skills and ability to successfully multi-task and prioritize work.
• Ability to pro-actively cultivate relationships and collaborate with multiple stakeholders, including business leaders, legal, internal audit, and technology across regional locations.
• Advanced Microsoft Office skills