IT Infrastructure Risk & Governance Manager

Job Description

The purpose of the Risk & Governance Manager is to lead and drive the Infrastructure Governance Control team in order to deliver appropriate governance, risk management, compliance and control solutions in across GEC, Networks, and Data Centres (Infrastructure) by providing subject matter expertise and leadership; To be the key conduit in the formulation, development, maintenance and ongoing review of Governance & Control frameworks, policies, procedures and processes within Infrastructure; To engage effectively with the senior management team to discuss and review risk profile for the Infrastructure portfolio and articulate recommendations for improvement in clear and precise manner.The IT Infrastructure Risk & Governance Manager will also be the primary point of contact for all audits carried out across infrastructure, managing the planning, execution, and reporting as well as agreeing and tracking all audit actions.The successful candidate will be responsible for managing risk for a business-critical IT function with an annual budget of approximately 340m.Key Accountabilities:

• Shape the control environment across Infrastructure, addressing both current weaknesses and providing direction on future improvement
• Consult and challenge the Technology Risk strategy and process controls to assure Senior Leadership that Risk is delivered in a controlled manner fit to Unilever appetite, framework and environment
• Review and challenge existing and new strategy to ensure it is compliant with appropriate policy and makes sense given wider business strategies and focus of external parties (Regulators or Group Risk).
• Work with the management team to identify control weaknesses and advise process authors/owners of the required improvements.
• Perform root cause analysis when risk events are raised and make recommendations for improvements.
• Perform gap analyses to identify instances of non-compliance and document findings
• Recommend solutions to improve control effectiveness to senior management team
• Share/ escalate concerns, risks and policy breaches as appropriate.
• Design and establish concise, risk based Management Information packs for the Senior Leadership; write high quality reports on findings and making appropriate recommendations following these reviews.
• Build effective relationships with the senior management team, functional business areas and cross Infrastructure Risk teams to ensure consistency of approach across risk areas
• Lead, drive and develop a highly motivated team, maintain excellent relationships within own and wider team to ensure achievement of business goals; take ownership in staff matters including hiring, performance development and remuneration decisions.
• Undertake ad hoc projects which assist in the development of a streamlined Governance process.
• Work with key internal and external stakeholders to ensure the success of the deliverables of all our governance requirements.
• Ensure that Infrastructure is in a good position to be compliant on audits.
• Develop and maintain a clear understanding of all Infrastructure governance risk and control requirements.
• Manage the governance deliverables schedule and calendar.
• Drive and facilitate the completion of Governance and Compliance reporting.
• Ensure progress against all mandatory/regulatory activity, including delivery of audit actions.
• Define specific Governance Best Practices that support first class Governance.
• Facilitate risk management sessions with colleagues to improve education and awareness.
• Audit Management -Including assurance testing for pre and post audit activity.
• Ensure that Business Continuity and Disaster Recovery Plans are developed and then tested regularly.
• Develop, manage and maintain effective working relationships with people at all levels across Infrastructure, with particular emphasis on building strong relationships with Audit.
• Provide support and guidance on respect of mitigating unplanned risk events e.g. incidents or audit issues.
• Share / escalate technology concerns, risks, breaches as appropriate.
• Produce regular reports in support of regulatory needs and management assurance.
• Support and educate the team/business to facilitate reporting and ad hoc requests.
• Manage stakeholder relationships to ensure timely input/update of risk/control data.
• Adhoc Governance administration including document management for regular committees.

Skills/ Experience/ Qualifications:

• CISA, CISM, or equivalent qualification
• At least 5 years experience as either a Risk & Governance Manager
• Proven experience in implementing an IT Risk Governance Framework in a global context
• Strong relationship building capability
• Strong communication skills, both written and verbal
• Proven experience of managing an effective working relationship with audit departments, and challenging where appropriate
• Strong appreciation of the governance processes and challenges
• Strong appreciation of the IT infrastructure and application area in a complex environment
• Proven experience of leading and managing teams in a diverse and extended logistical environment
• Good commercial awareness and understanding of providing TCO models

,

Keyskills :
rootcauseanalysis subjectmatterexpertise itrisk rootcause recoveryplans riskmanagement riskgovernance technologyrisk itinfrastructure seniormanagement disasterrecovery documentmanagement tatementsofworksow