Senior Associate - IT OPC - ISPL Conduct & Control

The role is to provide both the Business Units and IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way. In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods.

Direct Responsibilities

Conduct periodic controls assessments across process areas in scope. Raise any non-compliance, and follow up of the corrective actions until closure.

Liaise with global and local IT control areas to ensure their certification is timely and appropriate.

Perform periodic Root Cause Analysis of process issues and non-compliances at Project and Application Domain level. Ensure that the exercise is planned, executed effectively and reported to appropriate level.

Participate in minimising production risks and issues, including but not exclusively, by helping to devise, and by implementing, sufficient regular controls.

Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified.

The enforcement of Permanent Controls, providing ongoing risk & controls self-assessment status of the control environment.

Contribute all relevant management information (KPIs/KRIs) to the various scope reports/dashboards.

Assist with Historical Incident management process, including liaising with various stakeholders involved, root cause analysis and impact evaluation.

Contributing Responsibilities

Contribute to the upkeep and maintenance of the ISPL Permanent Control Framework

Maintaining relevant Operational Permanent Control (OPC IT) processes and procedures

Good knowledge of IT Risk & Audit domain with focus on Internal and/or External Audits.

Good understanding of IT Controls Framework and experience executing controls.

Understanding of IT Software, IT Infrastructure and IT Service Management domain is a value add.

Exposure to security and infrastructure controls for IT space

Ability to present and report to stakeholders across geographies

Good interpersonal and communication skills

Exposure to regulatory frameworks and requirements

Experience in facing and managing internal/external audits

Relevant certifications like CISA, ISO27000 or similar

Strong analysis & problem solving skills

Structured and methodical mindset

Proactive approach with a strong ability to work on own initiative

Ownership of work and commitment to delivery

Team oriented (both local and global)

Big picture awareness make relationships between tactical issues and strategic options

Client focused

Pragmatic and creative approach