Head of Operational Risk

Isle of Man
Our client seeks a Head of Operational Risk to join their team.
Role: To develop, maintain and implement the ICS Operational-, Information-, Business Resilience- and Fraud Risk Framework (covering strategy, policy, process, procedural, standards, objectives, metrics and governance), to appropriately manage these risks in order to avoid operational losses or reputational damage to the organisation. This includes the anticipation of external drivers coupled with impacts to the business risk profile and to guide decision making on controls to manage these risks.
Key Responsibilities:
  • Develop, maintain and implement the ICS Operational Risk Framework covering strategy, policy, process, procedural, standards, objectives, metrics and governance. This Risk Framework includes Business Continuity-, Fraud- and Information Risk in addition to Operational Risk (referred to as the Operational Risk Framework for the purposes of this document). Maintain alignment of the ICS Operational Risk Framework with the requirements of the Group.
  • Control the Operational Risk budget to within the approved budget.
  • Accountable and responsible for the definition, production and attestation of the Operational Risk RDARR (Risk Data Aggregation and Risk Reporting) metrics.
  • Review and Guidance Review planned business changes (i.e. strategy changes, product changes, segment changes, system changes and process changes) and provide a view of the potential risks that the changes may bring to the organisation; represent Riskin RtB and CtB Committees and critically review all business cases; review the control measures that have been designed for the changes and provide guidance on the improvements required.
  • Attend (participate) at legal entity GovCo (Governance Committee) and Risk Committee (alternate) meetings and provide insights, assessments onrisk posture, focus areas and where remediation is required.
  • Provide high-level oversight with respect to the development, implementation and monitoring risk management alongside business unit leadership.
  • Overview, provision oversight and provide governance to key outsourced service provider / vendor management processes (Inter alia: risk and control assessments, criticality ratings, business continuity assessments; provide insights, assessments on risk posture, focus areas and where remediation is required, ensure that the processes followed are aligned to local regulations).
  • Oversee the development, provision and execution of an Information Risk Treatment programme. This programme guides business managers on the appropriate risk control strategies. The programme co-ordinates information risk self-assessments, risk assessments, analysis, ratings, control recommendations, incident response planning, investigation of information breaches and assists with disciplinary and legal matters associated with such breaches.
  • Oversee ICS's Cyber Risk assessment and responses, including provision of insights, assessments on risk posture, focus areas and where remediation is required.
  • Develop, implement, maintain and promote a Business Continuity Management programme for ICS. Equip ICS with the mechanisms to identify, mitigate and treat information and business continuity risks and assist business entities in defining suitable and effective recovery strategies and plans.
  • Participate in driving increased automation and innovative change in ICS's Operational Risk and Risk Management space.
  • Where required represent Operational Risk and participate in Group, Deep Change or Strategic programs or projects to ensure appropriate participation, mitigation and control from an Operational-, Business Continuity-, Fraud- and Information Risk perspective.
  • Build and maintain credible relationships with internal and external stakeholders, including management, internal and external audit, executives and non-executives, the regulator as well as peers in local and international jurisdictions.
  • Develop appropriate Operational Risk training and awareness programmes for executives, senior managers and other employees to drive the adoption of and adherence to the Operational Risk Framework within business. Drive the enhancement of the risk and control culture of the organisation through knowledge sharing and the provision of specialist advice, specifically promoting the awareness of the importance of risk management.
Key Skills & Experience:
  • An Undergraduate and/or Postgraduate degree in the field of Risk Management
  • An appropriate Undergraduate and/or Postgraduate degree in Finance and Accounting or Banking or Business Commerce is equally acceptable
  • 8-10 years' experience in Operational Risk Management
  • 5-7 years' experience in Information Risk Management
  • Practical knowledge of risk and control frameworks and application in the financial services industry
  • Be fully conversant in risk appetite, risk response and process improvement concepts.
  • Understand both operational risk and financial reporting risk characteristics
  • Accountable for defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
Your specialist: Sally Fenton
Quote job ref: 11168

Hi, I'm Sally and this is one of the job roles I am looking after for this super business. If this job is of interest for you, please submit your CV and we will come back to you to arrange the next staging.