Job Details

Risk Controls Assurance Associate (CORPORATION)

Copenhagen, Denmark
  • Employment Type: Direct Hire

Our client, a major bank in Europe, is looking for a Risk Controls Assurance Associate in their Denmark office. The Risk Controls Assurance associate will support the management and upkeep of risk controls and assist in maintaining the ServiceNow GRC controls catalogue. Anyone willing to relocate to Denmark, fully paid, with competitive compensation, socialized healthcare, and an opportunity to make a huge impact on a massive bank, keep reading! This role will work across multiple frameworks and regulatory standards including, but not limited to, NIST Cyber Security Framework, ISO, GDPR, and SOX. The successful candidate will liaise with business groups and other stakeholders globally to support internal control system management as a top priority enabling the bank's risk mitigation objectives. The Associate will assist stakeholders in understanding risks versus control effectiveness regarding critical processes, will support testing against defined controls (compliance, risk assessments of systems, applications, processes, vendors, and etc.), and will increase the awareness of how risk controls support the success of the bank. Information Governance, Risk or Security credentials such as IGP, CISSP, CSSLP, CIPPE, ITIL, or CGRC advantageous but not required. Send resumes to [email protected].

Job Description:

  • The Risk Controls Assurance Associate will be supporting controls assessment, assurance testing, and determination of control gaps to increase awareness of why risk controls are important to the success of the bank
  • Client is looking for an Associate who will support the management of risk inventories and who will assist in increasing the awareness of how risk controls support the success of the bank
  • This role will be exciting and challenging as this person will work with the team to inventory controls over critical business processes and catalogue and compare them to standard controls within our governance, risk and compliance (GRC) platform

Responsibilities:

  • Assesses the design and operating effectiveness of the IT risk and information security controls to enable appropriate risk management and compliance with bank policy and legal/regulatory requirements.
  • Supports the management and upkeep of risk controls and assist in maintaining the ServiceNow GRC controls catalogue
  • Works across multiple frameworks and regulatory standards including, but not limited to, NIST Cyber Security Framework, ISO, GDPR, SOX, etc.; the successful candidate will liaise with business groups and other stakeholders globally to support internal control system management as a top priority enabling the bank’s risk mitigation objectives
  • Supports testing against defined controls (compliance/risk assessments of systems, applications, processes, vendors, etc.)
  • Supports the ongoing development of our controls framework by assessing gaps in existing controls
  • Supports business stakeholders to understand risks vs. control effectiveness over critical processes and support the definition of potential business impact of poor controls
  • Supports the assessment of control effectiveness over potential security weaknesses and supports creative ways to tackle challenges unique to the bank’s critical business processes
  • Effectively support controls for IT risks of the bank stakeholders, business partners, and vendors when the bank introduces new systems, new technologies, new third-party service providers and other changes to the business environment
  • Supports control testing as this relates to compliance to and assurance of the bank security assessments
  • Writes technical guidance for risk controls and their effectiveness in English and keep it updated

Requirements:

  • Bachelors degree in Management Technology, Computer Science, Mathematics, Risk Management or Information Security or equivalent, with advanced degrees preferred
  • Experience in GRC implementation, processes, and practices
  • Experience with industry standards in risk controls
  • Experience in delivering risk training and conducting control gap audits
  • Experience with regulatory compliance through risk controls, risk evaluation, controls assessments, records management, data and document classification, collaboration technologies and information lifecycle practices
  • Experience with ServiceNow GRC and response to business risks, risk controls monitoring, risk prioritization and risk control automation
  • Familiarity with RSA Archer, ARIS, Collibra, Informatica, Solix,, IBM Unified GRC, Talend, Clearswift IG Server, OpenText Enterprise Content Management, or similar technologies would be advantageous 
  • Solid understanding of IT security principles, associating risk controls to processes, the technology within the processes and the inter-relationship with the systems supporting critical business processes to allow for the determination, evaluation, reporting and mitigation of technology risk
  • Fluent English; verbal and written 
  • Strong written and oral communication skills, have a good eye for detail and the ability to manage a busy workload
  • Information Governance, Risk or Security credentials such as IGP, CISSP, CSSLP, CIPPE, ITIL, or CGRC (advantageous, but not required)

Interested in this job? Get in touch.

(Accepted file formats are PDF, DOC, DOCX, TXT, RTF and ZIP. File size maximum is 2 MB.)