Reporting directly to the Operations Service Director, but assisting the cross Nordic Risk Manager, she / he will work with the team providing support to the business with embedding the Operational Risk Management Framework, reviewing the Risks and Controls Self Assessments data and providing First line of defence training and support to the business areas with regards to Operational Risk policies and practices.
This role will be responsible for co-ordinating the delivery of monthly reporting to various committees ensuring accurate data is provided in a timely manner and to a high consistent standard.
In current phase, the role will have focus on the management of implementation of missing processes, supporting 1st line staff on implementing appropriate controls to mitigate vulnerabilities.
Monitor, report and challenge IT security threats, movements and vulnerabilities with proven experience in improving the risk profile
Undertake Second Line critical reviews and challenge the First Line on its management of risks and controls
Manage the implementation of all aspects of the operational risk information security function in the First Line of defence, including implementation of processes, tools and systems to identify, assess, measure, manage, monitor and report risks.
Enhance the operational risk / information security function in the market and be responsible for the end-to-end security architecture, technologies and services in market.
Manage the provision of secure and stable services to support business outcomes through effective risk management strategies
Participate in local and global discussions to formulate new or enhance existing security processes, policies and standards.
Provide support to clients when asking for evidences of controls in the services Experian provides them
Coordinate business continuity plans in market, from the Operations function perspective
Produce reports and assist with the design of an appropriate suite of metrics
Provide Second Line support and guidance to the wider business to increase IT Security awareness
Review, monitor and challenge IT related Risk Events which could affect the overall control environment
Conduct deep dives and Second Line of Defence reviews on IT Risks and Controls
Provide input into the Operational Risk Management Framework and associated Risk Management Policies
Computer Science Degree, Engineering or similar
Possess excellent experience of conducting technical risk based assessments, training and workshops to all levels of management, ideally from within a financial services environments.
Have experience of designing risk policies and procedures and excellent technical and analytical skills.
Worked in client facing and internal complex systems
Certification in the areas of domain will be highly recommendable (i.e. ISACA : CISA, CRISK) and deep knowledge of information security standards (ISO 27002)