Key Responsibilities
* Develop and refine IT governance frameworks, policies, and procedures in line with industry best practices and regulatory mandates.
* Conduct periodic reviews and updates of IT governance documents to ensure ongoing compliance with changing regulations and standards.
* Collaborate with senior leadership to establish IT governance strategies that align with business objectives and regulatory requirements.
* Identify, evaluate, and manage IT risks, including cybersecurity threats, data privacy issues, and operational risks.
* Perform comprehensive risk assessments and create risk mitigation plans to address identified vulnerabilities.
* Continuously monitor and report on the effectiveness of risk management activities and controls.
* Work with the Compliance team to ensure adherence of IT systems to EU regulations such as GDPR, and other international regulatory requirements pertinent to the finance industry.
* Conduct assurance activities including security assessments and issues management.
* Collaborate with IT teams to improve security compliance, manage risk and the effectiveness of the HL IT control environment.
* Plan and execute IT audits to evaluate the effectiveness of internal controls, risk management, and governance processes.
* Work closely with internal and external auditors to facilitate audit activities and manage IT remediation workstreams.
* Prepare and present detailed reports on IT governance, risk, and compliance activities to senior management and relevant stakeholders.
* Work with IT, Compliance, and Audit personnel to develop IT governance and compliance related educational and training materials.
Qualifications
* Bachelor's degree in Information Technology, Computer Science, Finance, Accounting, or a related field.
* Minimum of 5-7 years of experience in IT governance, risk management, compliance, and audit within the finance industry.
* In-depth knowledge of EU regulations, such as GDPR, and other international regulatory frameworks.
* Professional certifications such as CISA, CRISC, CISSP, or equivalent are highly desirable.
* Proven ability to manage multiple projects and priorities in a fast-paced environment.
* Proficiency in GRC and audit tools and software is a plus.
