- Adherence to Risk Framework - Assist in the implementation, and continued adherence to the GCIO Risk Management Framework
- Risk Appetite - Engaging appropriate stakeholders (Technology, ORM, Compliance, Legal, Audit, BCM etc.) to establish Nomura s risk appetite ensuring any key metrics are produced and presented in the context of stated appetite.
- Audit Support - Liaise with Internal/External auditors and regulators etc. through all phases of an audit including providing independent input/advise to technology teams being audited (auditee), liaising with Auditors to ensure identified risks are appropriately represented and dimensioned. Other key elements of audit support include educating technology teams in their responsibilities during an audit (audit engagement), ensuring requested information is sourced, reviewed, and provided in a timely and secure manner.
- Risk related activities/initiatives - Support the full range of IT risk activities including -
- IT incidents
- Change
- Internal / External audits
- Risk assessments
- Risk workshops
- Disaster recovery planning / walkthroughs / exercises
- Attestations / affirmation
- Remediation tracking
- Maintenance of artefacts
- Facilitate cross-technology and cross-division forums / meetings etc.
- Formal Reporting - Assist in the production of both ad-hoc and periodic risk reporting - appropriately tailoring reports for target audience.
- Informal Reporting - Provide ongoing status updates of pertinent risk, incidents, and other risk related activities/initiatives to management.
- Automate Reporting - Automate ongoing and new status reports of pertinent risk, incidents, and other risk and/or audit related activities/initiatives to management.
- Risk Assessment - Undertake risk assessments (RCSA) with Technology functions ensuring identified risks that are out of appetite are appropriately analysed against defined criteria for potential impact/likelihood and pragmatic remediation plans are appropriately defined and tracked.
- Controls Assessment - Organizing and conducting independent controls assessments evaluating the design and operating effectiveness of the controls, providing independent opinion to management, and tracking any necessary remedial efforts.
- Application risk assessment - Organizing and conducting independent application risk assessments evaluating providing independent opinion to management and tracking any necessary remedial efforts.
- Training & Awareness - Act as the risk subject matter expert to Technology units providing day-to-day support, education, and training to staff to raise risk awareness and skill levels that help us embed risk management within our day-to-day activities.
- Risk Management Tool - Support the implementation of GCIO risk management tool
Skills & Experience Required
- 5-7 years experience in Risk management, preferably within financial services
- Expertise in MS Office (O365) suite for Reporting (very good at Excel), MIS (very good at Power point)
- Prior experience in using a Risk Management tool, preferably ServiceNow.
- Understanding of industry standards like ITIL, COBIT and NIST
- Excellent analytical and problem-solving skills
- Good interpersonal skills necessary to work effectively with a variety of individuals and departments
- Good organizational skills that support multiple units of Technology in a time sensitive global environment
- Ability to work with both remote teams and across division
- Strong attention to detail in supporting management reporting with clear and concise data points and presentation
- Result-oriented, proactive and adaptive
- Self-starter and Team player
- Ability to manage multiple tasks, as well as prioritize; time management
- Demonstrate an excellent track record in execution of the tasks at hand
- Strong understanding of regulatory requirements and industry best practices related to controls assurance, relevant to GCIO risks - such as Information Technology (IT), Information Security (IS), and/ or Data Management
- Exceptional communication skills, both verbal and written, with the ability to influence and engage stakeholders at all levels.
- Experience operating in a regulated environment and managing stakeholders across the Three Lines of Defense.
- Strong organization skills and attention to detail.
Qualifications
- Bachelor s degree in Finance, Information Technology (IT), Business Administration etc
- Risk management certification (e.g., CRISC) preferred.
Nomura Competencies - Associate/Analyst
Trusted Partner
- Understand clients needs and issues and respond with high- quality proposals.
- Acquire capabilities to perform one s responsibilities and contribute to being a Trusted Partner
Entrepreneurial leadership
- Produce new ideas that might challenge the status-quo or oneself.
Teamwork - Collaboration
- Seek advice from senior colleagues and utilize it for improved results.
- Collaborate with members from relevant departments.
Teamwork - Influence
- Contribute to the success of the organization both quantitatively and qualitatively, and act with awareness of the impact on others.
- Serve as role model and provide guidance to junior employees.
Integrity
- Have a good understanding of corporate philosophy, professional ethics, compliance, risk management, and code of conduct, and make decisions and take actions accordingly.
