Technology Governance, Risk and Control Senior Associate

We have an exciting and rewarding opportunity for you to take your Tech Risk & Controls career to the next level.

As a Technology Governance, Risk and Controls Senior Associate within the Cybersecurity and Technology Controls organization aligned to Asset and Wealth Management you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Control in line with the firm's standards.

Within the Governance, Risk and Control (GRC) team you will leverage your broad knowledge in risk management principles and practices to assess and monitor risks, evaluate implementation of effective controls and oversee issue remediation. All of which are crucial in strengthening Asset and Wealth Technology's controls and risk mitigation.

• Monitor and evaluate the effectiveness of controls executed by AWM Technology ensuring compliance with firm standards.
• Conduct detailed walkthroughs with Senior Technologists/Process Owners to ensure a comprehensive understanding of technology processes and workflows.
• Develop and execute robust control test scripts designed to identify control weaknesses, determine root causes, and identify solutions, in line with Firmwide measurement steps.
• Document test steps and results in comprehensive and organized manner to sufficiently support and justify testing conclusions.
• Communicate findings and contribute to the recommendations for improvements, recognize opportunities to strengthen controls and improve operational efficiency ensuring alignment with organizational objectives and risk appetite.
• Develop and maintain strong relationships with stakeholders in Cybersecurity and Technology Controls, Enterprise Technology, and AWM Technologists, becoming a trusted partner whilst supporting process owners in managing execution of controls and provide transparency to stakeholders.
• Perform ongoing oversight to accurately represent and maintain AWM's complex technology operations within the Compliance Operational Risk Evaluation (CORE) system.
• Conduct thorough root cause analysis to identify the underlying causes and themes of issues, developing actionable insights and recommendations to address these root causes and prevent recurrence.
• Maintain oversight of technology owned issues through to delivery with validation of completeness of remediation in addressing root cause and repeatability.
• Ensure robust, accurate documentation throughout the issue Lifecycle with appropriate approvals and management in CORE timely and within firmwide issue management standards.
• Collaborate with Operational Risk Management and Audit on identified Issues and control gaps, whilst fostering a culture of risk awareness and promoting best practices in risk management across the AWM Risk organization.

• Proven experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation.
• Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards.
• Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders.
• Proficient knowledge of risk management frameworks, regulations, and industry best practices.

• CISM, CRISC, CISSP, or other industry-recognized risk certifications