The Technology Risk, Controls and Assurance team is part of Technology Risk and Management Oversight (TRMO) department within Technology and provides a key liaison between all facets of the organisation, 2nd Line of Defense Oversight, and internal / external auditors, The team provides a global centralised function to assist risk owners within Technology to manage their risks effectively including:
consulting on and monitoring adherence to FIL’s ERM Framework
ensuring the requirements of external audit and certifications are met
providing a framework for the monitoring and measurement of key risk indicators and controls.
This is achieved by rolling out the Risk Target Operating Model, ensuring alignment between ERM and technology processes, and establishing a risk culture across the department by .training and education, challenge, assurance and reporting of risk with respect to Technology’s role as a risk owner.
Purpose of your role
The purpose of the role is to support the Technology Department and the wider FIL organisation ensuring that risks are managed in line with the company’s risk appetite and that issues are resolved satisfactorily, including coordination of assurance process that may be required by 2nd line oversight functions (such as Risk or Compliance),Internal audit and that company risk frameworks are embedded and complied with. The role will work closely with Fidelity International Risk Management and other Oversight functions, Policy and Business areas, and will be required to work across the matrix of functions that support the Technology department, across all of its locations.
Candidates must have strong domain knowledge and understanding on Governance, Risk and Compliance to assist in risk assessments, audits and monitor control effectiveness. This role is very challenging and requires a lot of enthusiasm and energy. The person should be a strategic thinker to resolve system issues and propose innovative solutions. This role demands a good team player who is competent in liaising with geographically spread Technology operational teams.
In order to be able to effectively support Technology Risk functions candidates should be comfortable with data analysis functions and principles in tools such as Excel and preferably Power BI. Automation of reporting and data analysis using Python will be ideal, however can be compensated by intermediate to advanced knowledge in Excel - covering domains such as automation using macros, VB Script, familiarity with statistical functions and creating conditional formulas.
Provide support to the Technology department and help coordinate all first line risk activities.
Working with the Technology teams and the relevant oversight functions, provide risk insight and help the business to fully understand their risk profile. Clearly differentiate between change delivery and operational risk.
Provide analytical commentary and insight including oversight and analysis of risk event reporting across Technology
Work with stakeholders to gather and understand functional requirements, develop complex queries and provide reports
Contribute to a proactive and open risk culture adopted across Technology and the business
Provide meaningful and value-add risk and control reporting to the technology organisation regional committees and senior management
Build meaningful professional relationships with key stakeholders to ensure organisational goals are met
Support group wide risk and control assessment and scenario planning exercises as required and ensure that these are carried out on a timely basis, are insightful, forward-looking and actionable
Embed Group-wide risk management frameworks and systems within Technology. Drive continuous improvement and excellence
Support risk management training and education to increase risk awareness
Carry out risk-based reviews, assist in Audit activities and provide assurance, as required. Where control weaknesses are identified recommend and track mitigation actions
Continuously improve risk monitoring and reporting to key stakeholders and committees
Support Technology in prioritisation decisions
Display good interpersonal skills and show confidence and ability to interact professionally with people at all levels.
Develop and implement a compliance monitoring system to identify potential risks and control solutions. Monitor actions to identify emerging risks and to close gaps
Experience And Qualifications Required
Graduate from reputed institute with 3+ years of experience and progressive working knowledge of Governance, Risk and Compliance domain and associated technologies
Work experience in Cyber Security, Information Security and Technology Risk domains.
Strong understanding of Technology and Information Security Risk, Audit and Control Objectives.
Basic level proficiency in Structured Query Language (SQL).
The candidate should be very comfortable working with Excel and be competent in advanced usage and techniques
Relevant security accreditations will be an added advantage
Good Knowledge in operating systems, databases, networking devices, applications controls and related concepts such as cloud and DevOps is desirable;
Proven experience operating within a risk management role within Financial Services industry is preferred
A good understanding of Security Control frameworks, such as ISO27001 and NIST.
Ability to multi-task and prioritise workload.
Self-motivated, flexible, with a ‘can do’ attitude.
Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organisation.
Able to build strong relationships with peers, control owners and key stakeholders.
Excellent communicator, who can consistently deliver high quality work and engage and influence key stakeholders at all levels.
Strong English skills both written and verbal are a must
Process focussed and should be able to deliver high quality documentation, Presentation, Reports and Dashboards using MS Office or other data visualisation tools like Power BI.
Undergraduate degree in a relevant field.
Independent ability to accurately evaluate risks and controls, develop effective test plans, exhibit appropriate judgment regarding issues, and prepare and communicate findings.
Fidelity International offers investment solutions and services and retirement expertise to more than 2.4 million customers globally. As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 locations and with $479.9 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.
Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $371 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.