Head of IT Risk Management Support

IT@BOI enables the Group strategy by delivering high quality business and technology change in line with Group goals and customer expectations by ensuring that the technology landscape runs and customers are being appropriately supported. IT@BOI is made up of five functions:

• Strategy, Architecture & Innovation
• Business Partners
• Change Delivery
• Technology Services
• Chief Operating Office
• Chief Technology Office

Purpose of Role:

The Head of IT Risk Management Support reports directly to the Head of Risk Management Support, Group Manufacturing and indirectly to the Chief Information Officer (CIO). The role is two levels down from Group Executive Committee (GEC) level (i.e. "GEC-2 level") and is a member of the Group Manufacturing Top Leadership Team.

The key purpose of the role is to work with both IT and non IT stakeholders to ensure that the technology risks and controls within Bank of Ireland are understood, documented appropriately, tested for effectiveness, with gaps prioritised for appropriate actions. The successful candidate will be People Manager for all P4 and P3 level resources within the IT Risk Management Support team.

Key Accountabilities:

• Responsible for all first line of defence IT/technology risk assurance and risk management support matters for the Group.
• Manage and oversee the embedding of the Group's Business Control Framework (BCF) in IT@BOI. Manage, track and monitor progress in embedding all aspects of this framework.
• Provide independent risk management support and challenge to the CIO and IT Leadership Team, champion risk awareness and promote risk management across IT to ensure better decision-making.
• Lead the team who are responsible for supporting, coordinating and aligning the IT functions in executing their responsibility for managing and monitoring IT risk in a consistent manner and aligned to the Group's operational risk management framework.Identify and evaluate key emerging risks / trends impacting IT@BOI and communicate to the CIO and IT Leadership Team as needed.
• Represent IT@BOI at Group Manufacturing working and steering groups as required.
• Develop and maintain strong working relationships across Senior Management within IT@BOI.
• Develop and maintain strong working relationships with other first line business units.
• Provide an independent view and challenge to business plans, change initiatives and transactions within IT@BOI to ensure risk has been considered.
• Responsible for a large team working on IT Process/Risk/Control, Controls Testing and GIA/Regulatory coordination.
• Ensure delivery of timely and high quality IT controls testing for all key IT controls (including IT General Controls [ITGCs]) as required under both the Group Operational Risk framework as well as the Group Internal Financial Control Framework and in line with IT external audit requirements.
• Chair and operate the Group's official IT risk and control governance forum, with attendance from CIO and IT Leadership, CISO, GOR and GIA.
• Issue a monthly IT risk report to provide an independent view and challenge on the overall management of IT risk and discuss related concerns or issues.
• Support the continued enhancement of IT@BOI risk reporting.
• Attend as a core member at the "BOI UK / Group Manufacturing Outsource Assurance Forum" representing IT Risk Management Support, Group Manufacturing. Attend as a core member at the "BOIUK and IT@BOI Outsourced IT Performance Committee" representing IT Risk Management Support, Group Manufacturing.
• Provide independent assurance to the CIO as to the quality and appropriateness of quarterly returns to the Joint Supervisory Team on open Risk Mitigation Plans.
• Provide independent assurance to the CIO as to the quality and appropriateness of Management's GIA actions plans to address GIA issues identified.

What is the Opportunity?

• Refine and improve the technology risk management strategy within Bank of Ireland.
• Further develop critical skills and experience, including the engagement with bank senior management and core Regulators.
• Fundamentally develop the technology risk capability of the bank and enhance the safety, security and resilience of our customer offerings.

Essential Qualifications:

• Broad financial services experience and detailed understanding of banking and insurance sectors.
• Knowledge of industry standards in risk management and internal controls (e.g. ISO standards, ITIL and COBIT standards, COSO Internal Control Framework, Certified in Risk and Information Systems Control (CRISC), Control Objectives for Information and Related Technologies (COBIT) etc.).
• Certified Information Systems Auditor (CISA).

Essential Skills and Experience:

• Proven experience in internal controls, audit, IT risk, or operational risk management.
• Experience of working in (and with) the current regulatory supervisory regime. Knowledge and understanding of current regulatory issues and upstream agenda.
• Strong change management and project management capability and proven experience in delivering change/projects
• Ability to establish rapport and credibility at all levels of the business and build long term relationships.
• Proven influencing skills and stakeholder engagement at senior levels with an ability to operate effectively in a matrix environment.
• Independent and decisive with willingness to challenge.
• Ability to see the "big picture" and remain focused on the steps to deliver on the IT@BOI risk management agenda.
• Ability to provide intellectual rigour and commercial awareness to risk assessment, development of business solutions and decision making.
• Strong financial and analytical acumen with the ability to manage an extremely broad and diverse agenda.
• Relevant academic qualification an advantage.
• Strong communications skills, proven ability to work effectively with and influence the actions of stakeholders at all levels of the Group.

Competencies:

• Challenging the Status Quo - level 4
• Communicating - Level 4
• Influencing - Level 4
• Working Together - Level 4
• Harnessing Talent - Level 4

Closing date: Feb 26, 2019

For further information, and to apply, please visit our website via the “Apply” button below.