Job Details

Risk Controls Assurance Lead (CORPORATION)

Copenhagen, Denmark
  • Employment Type: Direct Hire

Our client, a major bank in Europe, is looking for a Risk Controls Assurance Lead in their Denmark office. Anyone willing to relocate to Denmark, fully paid, with competitive compensation, socialized healthcare, and an opportunity to make a huge impact on a massive bank, keep reading! This role will manage the Risk Controls Assurance team, risk inventories and associated controls, increasing the awareness of how risk controls support the success of the bank. Experience with risk controls, risk evaluation assessments, records management, data and document classification, collaboration technologies, information lifecycle practices, ServiceNow GRC and risk control automation is required. Hands-on experience with RSA Archer, ARIS, Collibra, Informatica, Solix, IBM Unified GRC, Talend, Clearswift IG Server, OpenText Enterprise Content Management, NIST Cyber Security Framework, ISO, GDPR, SOX, and/or other applicable technologies is a plus. Send resumes to [email protected].

Job Description:

  • The Risk Controls Assurance Lead will be assigned to interesting tasks that includes supporting controls assessment, assurance testing, and determination of control gaps
  • Client is looking for a Risk Controls Assurance Lead who will manage the Risk Controls Assurance team, manage risk inventories and associated controls; increasing the awareness of how risk controls support the success of the bank 
  • This role will manage the team that will inventory controls over critical business processes, catalogue and compare them to standard controls within our governance, risk and compliance (GRC) platform

Responsibilities: 

  • Assesses the design and operating effectiveness of the IT risk and information security controls to enable appropriate risk management and compliance with bank policy and legal/regulatory requirements
  • Oversees the management and upkeep of risk controls that are maintained in the bank's ServiceNow GRC controls catalogue
  • Works across multiple frameworks and regulatory standards including, but not limited to, NIST Cyber Security Framework, ISO, GDPR, SOX, etc.; the successful candidate will liaise with business groups and other stakeholders globally to support internal control system management as a top priority, better enabling the bank’s risk mitigation objectives
  • Leads the ITBRC Risk Controls Assurance team
  • Manages the team’s testing against defined controls (compliance/risk assessments of systems applications, processes, vendors, etc.)
  • Oversees the ongoing development of controls framework by managing the team as it assesses gaps in the existing controls
  • Leads awareness of business stakeholders to understand risks vs. control effectiveness over critical processes and report upon the potential business impact of poor controls and work to improve those controls
  • Organizes and categorizes the bank's internal control practices and procedures established to create business value and minimize risk
  • Leads the team as it assesses control effectiveness over potential security weaknesses and recommend creative ways to tackle challenges unique to the risk control of the bank’s critical business processes
  • Manages and promotes more effective controls for the IT risks of bank stakeholders, business partners, and vendors
  • Creates awareness with stakeholders, business partners, and vendors regarding the importance of reassessing existing controls and business processes when there are new systems, technologies, and third-party services to introduction to the bank’s systems
  • Manages control testing as it relates to compliance and assurance of the bank’s security policy
  • Reviews, oversees, and updates as needed, technical guidance for risk controls and their effectiveness in English 

Requirements:

  • Bachelor degree in Management Technology, Computer Science, Mathematics , Risk Management or Information Security or equivalent, with advanced degrees preferred
  • Experience in GRC implementation, processes, and practices
  • Experience with industry standards in risk controls
  • Experience in delivering risk training and conducting control gap audits
  • Experience with regulatory compliance through risk controls, risk evaluation, controls assessments, records management, data and document classification, collaboration technologies and information lifecycle practices
  • Experience with ServiceNow GRC and response to business risks, risk controls monitoring, risk prioritization and risk control automation
  • Familiarity with RSA Archer, ARIS, Collibra, Informatica, Solix,, IBM Unified GRC, Talend, Clearswift IG Server, OpenText Enterprise Content Management, or similar technologies would be advantageous 
  • Solid understanding of IT security principles, associating risk controls to processes, the technology within the processes and the inter-relationship with the systems supporting critical business processes to allow for the determination, evaluation, reporting and mitigation of technology risk
  • Fluent English; verbal and written 
  • Strong written and oral communication skills, have a good eye for detail and the ability to manage a busy workload
  • Information Governance, Risk or Security credentials such as IGP, CISSP, CSSLP, CIPPE, ITIL, or CGRC (advantageous, but not required)

Interested in this job? Get in touch.

(Accepted file formats are PDF, DOC, DOCX, TXT, RTF and ZIP. File size maximum is 2 MB.)