IT Compliance Partner
About the RoleIf you like product delivery methodologies in an Agile BizDevOps environment and want to help teams by actively contributing to risk and compliance matters; if you enjoy collecting, framing, evolving, recommending and implementing best practices; If you believe controls are important to mitigate the risks in delivering on key business objectives, this may interest you. Being part of a Centre of Expertise, you will grow your expertise in relation to Risks, Controls and Compliance areas, exchange knowledge and experiences with other domain experts while expanding both your specific IT and business knowledge in specific fields to effectively contribute. Responsibilities As part of a Centre of Expertise and acting as Partner to the Data and Analytics Tribe, you will: Work in close partnership with Tribe members, at all levels, to help them meet their compliance objectives while delivering value; Act as a key contact for the Tribe for all compliance matters including understanding, adherence and reporting on the various Control framework (e.g. Agile, ISAE, PCI-DSS, ISO27001 certification). Support risk responses, working with the Squads and the Tribe leadership to identify practical solutions. Review the Risk Maturity responses and engage with the team members to materialise commitments by growing the right mindset. Review and progress with stakeholders Issues Known to Management (IKTMs). Follow-up on the implementation of controls, providing expert knowledge, recommendations and best practices to meet the expectations in an efficient way. Help ensure timely detection of control break-downs. You will pro-actively contribute to the resolution of previously identified risks and audit findings to prevent overdue items; learn, support and look for opportunities to improve the controls in relation to incidents. Coordinate audit responses, ensuring adequate and realistic responses to findings. Bring transparency in problems and resolutions to avoid repeats. You will support internal and external audits as a subject matter expert. Share, as a member of the CoE, your experiences, work with expert colleagues in identifying best course of actions to address common gaps and weaknesses. Your goal will be to look for and implement improvements that scale compliance while reducing overtime the workload on the team members so that they can focus on customer direct benefits. Bring coherence and consistency. Define metrics to monitor the value of compliance and to allow for identification and corrective actions through root cause analysis. Align with Global Security, CRO Office Audit on expectations and plans to protect the Tribes by filtering and structuring requests, providing transparency to allow focus on the right priorities. As part of the first line of defence, you are expected to be hands-on in a number of domains. Qualifications Professional/Soft skills Methodical and self-organised with ability to go into and follow-up on the details; Able to step back, challenging needs or string for more cost-effective approaches; Pro-active in addressing potential problem areas; Strong communication skills with a wide range of people to get them to align on and reach common objectives; Team player; Committed to quality; Able to engage others through own contribution; Sound interest in both the IT and business side; Eager to learn and share experiences; Can coach others by not only explaining the what but also the why, getting to better adoption; Help teams and individuals demonstrate they’re in control of what they do; Build relationship to get a right flow of information, fostering a collaborative mindset; Clear sense of accountability, leading by example through own materialisation of concrete actions. Technical/Hard skills 5-10+ years in an IT environment; Knowledge of Agile principles (Manifesto) and methodologies (Scrum, Kanban); Good understanding of BizDevOps and Agile organisational models; Experience with DevOps and how automation can help the strengthening of controls; Working knowledge of tools commonly used in an Agile environment (e.g. Atlassian suite); Demonstrate past experience in dealing with the 3 LoDs with understanding of their roles and areas of responsibilities; Familiar with Security compliance and related documented processes and procedures; Understand of IT solutions and products that reinforce a software delivery lifecycle (Source code control, automatic code scanning, change management, problem management) Good experience with an Enterprise Risk Management framework and the Risk identification, mitigation & monitoring; Ability to deal efficiently with internal auditor and proven track record of dealing with external auditors, aligning their vision with internal best practices; Working background with a compliance framework. What we offer We put you in control of career We give you a competitive package We help you perform at your best We help you make a difference We give you the freedom to be yourself We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. An environment in which everyone’s voice counts and where you can reach your full potential regardless of age, background, culture, colour, disability, gender, nationality, race, religion, sexual orientation, or veteran/military status.