you are applying for this job:
job type: permanent,
date posted: 11 september 2019,
reference number: MJ74703
Working with first-line control functions across the firm, the role holder is responsible for ensuring independent assessment of the firm's framework and arrangements for managing operational resilience and that appropriate measures are in place to meet regulatory obligations. This includes the following:
* Information Technology risk, including cyber risk and information security;
* Suitability and readiness of Business Continuity arrangements;
* Third-party risk management ("TPRM");
* End-user computing; and
* Data control.
Oversight includes, inter alia, ensuring that:
* Critical business services have been identified;
* Risks and threats are identified, appropriately understood, assessed, and monitored;
* Tolerance is clearly defined and agreed;
* Appropriate procedures are in place, and tested, to withstand, absorb and recover from critical incidents;
* Appropriate governance arrangements are in place to monitor the effectiveness of the firm's arrangements; and
* Appropriate policies are in place in both first and second lines of defence.
Leveraging the ORM and TPRM frameworks to validate the completeness and assessment of risks and controls, including Risk & Control Self-Assessment ("RCSA"), internal and external risk events, key risk indicators, scenario analysis, third-party risk assessments and monitoring; and making recommendations for improvements where necessary;
Where risk events occur, validation of root cause analysis and the effectiveness of proposed remediation, as well as ensuring these are appropriately captured in the firm's operational risk management system.
Contribute to periodic Penetration Tests including review of appointment of independent testers, suitability of scope, interpretation of results, and validation that proposed remediation is appropriate;
As a member of the Operational Risk Management team, the job holder will also be expected to support broader operational risk management initiatives and activities from time to time;
Keep abreast of regulatory & industry developments;
Report to senior management via governance forums as required;
Develop and maintain strong and effective relationships with key stakeholders, including front office, support functions, audit, and other Group entities;
Drive continuous improvement in the firm's operational resilience framework.
Randstad Financial & Professional encourage applications from individuals of all ages & backgrounds. Appointment will be made on merit alone but candidates must be able to demonstrate their ability to work in the UK. Randstad Financial & Professional acts as an employment agency for permanent recruitment & an employment business for temporary recruitment as defined by the Conduct of Employment Agencies & Employment Business Regulations 2003