Manager/AVP- ICT Operational Risk Officer

RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network.

Under the authority of the Poles Manager, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities).

Payment Systems Risk and Testing team is part of the RISK ORM Cyber and Payment Systems Risk Technical Test & Automation Centre. The teams mission is to assess the design and effectiveness of ICT controls implemented in key Payment Systems across all entities in the Group to mitigate ICT risks and present a consolidated end-to-end risk view based on the output of its independent technical testing. As trusted partners, team helps the business sustainably enhance their ICT control environment and strengthen their overall security posture; through issuing permanent control actions based on root cause of the findings identified and validating remediation of such permanent control actions.

The overall purpose of this position, as part of the RISK ORM Payment Systems Risk and Testing team, is to ensure the continued development and implementation of group-wide Payment Systems Technical Testing program, through leading and executing ICT risk assessments of Payment Systems across the group in accordance with the Group Risk ORM standards and policies. In addition, this role will also be responsible for delivering the Operational Risk Officer (ORO) oversight activities per the operational risk management framework (ORMF) in IT departments supporting critical payment processing systems. Furthermore, this role entails representing the team in Risk Management governance committees (conducted in French/English); influencing the ICT risk culture by driving the agenda and reporting the risk status to the senior management through working in collaboration with other Stakeholders from the business and RISK ORM teams.

Responsibilities

SKILLS, EXPERIENCE AND COMPETENCIES

Skills Required

Skills Preferred

• Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements.
• Is self-aware, anticipates problems, adapts and meets them head on.
• Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.
• Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success.

Competencies:

• Professional qualification and expert knowledge in a specific Risk specialism and how that fits within the broader organization as well as more deeply within the Risk function.
• Degree level qualification in STEM subject will be advantageous.

Conduct:

• Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.

Bachelors degree, and certification in Information Systems

Skills Referential

Behavioural Skills:

Attention to detail / rigor

Ability to deliver / Results driven

Ability to collaborate / Teamwork

Transversal Skills:

Ability to develop others & improve their skills

Ability to inspire others & generate people's commitment

Ability to set up relevant performance indicators

Analytical Ability

Ability to develop and leverage networks

Education Level:

Bachelor Degree or equivalent

Other/Specific Qualifications

• Industry recognized ICT Risk Management Qualifications such as CISA, CRISC, CISSP etc.