IT Risk & Inspections Specialist - Dublin
Posted on Nov 7, 2020 by E-Frontiers
Candidates need to be based in Dublin
The purpose of the role is to provide detailed technical expertise across the Bank on technology risk; and contribute to the delivery of on-site inspections on technology to support the supervision of all impact categories of firms regulated by the Prudential Regulation Pillar in particular.
- Contribute to delivering On-Site Inspections, ensuring they take into account the relevant legislative requirements, guidelines, industry best practice and peers so the inspections are comprehensive. Support engagement with senior management of relevant entities with regard to the final findings and factual accuracy of the reports to ensure there is full comprehension of the assessment.
- Contribute to identifying the emerging issues and evolving landscape for technology risk through horizon scanning, peer analysis and data analysis. This includes the on-going surveillance of issues.
- Provide technical expertise, so the recipients, particularly supervisors, are fully informed when making supervisory assessments and decisions.
- Develop and maintain a network of contacts with internal and external stakeholders, addressing concerns/queries to help deliver the division's mandate. This includes collaborating with the Policy and Risk Directorate and the Supervisory Directorates to provide guidance regarding the supervision of the relevant risk area, for example. Participate in inter-divisional working groups as they arise also, to contribute specialist knowledge ensuring more informed outcomes are realised.
- Provide briefings to senior management regarding the particular risk area as/if required so they are fully informed of developments and equipped with the necessary information to make decisions.
- Provide training and knowledge sharing within the team and across the Pillar/Bank for the relevant risk area so it's understood and contributes to robust supervision.
- Carry out other risk and inspections activities as may be determined by the Risk and Inspections Manager/Senior Risk and Inspections Specialist. Be responsible for own work outcomes and communicate these effectively within the team whilst also supporting the Risk and Inspections Manager/Senior Risk and Inspections Specialist in the development of other team members.
- A high level of relevant academic achievement eg an honours degree in information systems, computer studies and/or a professional IT auditor qualification with accreditation from a relevant professional organisation (eg CISA);
- 6 years relevant experience in financial regulation and/or relevant IT operations or IT risk management experience in financial services.
- Relevant experience includes inter alia: working in supervision, working in a relevant financial services sector, an audit role, or experience of IT control or risk-management functions.
- Good understanding/experience of the technology risk area, the complex IT landscape (including outsourcing), and the practical operation of companies within relevant financial services sectors.
- Deep Subject Matter Expertise is required in technology risk, including:
- Subject matter expertise in the area of IT risk management, IT security management or IT change management;
- Understanding of, and ability to analyse ( what if analysis), financial institutions' IT operations (including outsourced IT operations), systems, network diagrams, and IT risk registers.
- Knowledge of the relevant regulatory and legal frameworks and a deep understanding of best practice frameworks for the management if IT risk (eg COBIT, ISO, ITIL, NIST, etc.)
- Experience in penetration testing, threat intelligence and/or operational resilience would be beneficial
- Strong analytical, problem solving and organisational skills.
- Ability to critically assess complex/once off issues and problems with the ability to distil significant volumes of information, identifying solutions for root causes of issues.
- Good verbal and written communication in particular the ability to communicate to team.
- Capability to challenge regulated institutions' management on subjective issues where required.
- Acting professionally, ethically and with integrity.