Risk and Control Manager GTIS & GTSM

Job Description

Job Title: Risk and Control Manager GTIS & GTSMLocation: PuneAbout BarclaysBarclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.Risk and Control ObjectiveEnsure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.Working FlexiblyWe re committed to providing a supportive and inclusive culture and environment for you to work in. This environment recognises and supports ways to balance your personal needs, alongside the professional needs of our business. Providing the opportunity for all our employees, globally to work flexibly empowers each of us to work in a way that suits our lives as well as enabling us to better service our customers and clients needs. Whether you have family commitments or you re a carer, or whether you need study time or wish to pursue personal interests, our approach to working flexibly is designed to help you balance your life. If you would like some flexibility then please discuss this with the hiring manager.Introduction:This role is within the Technology CCO for Advisory and Oversight function.

• The primary focus of the role will be to provide the management support for the Controls team in providing Enterprise Technology (Infrastructure) aligned regional coverage of the quantification and delivery of a highly visible, business focused and pragmatic Technology Controls agenda to ensure compliance with Barclays technology policies, standards, frameworks and procedures.
• This will require the successful candidate to establish successful engagement with key stakeholders within the Technology, Technology CCO and relevant Business Units, as well as stakeholders external to Technology such as Internal Audit, External Audit and Compliance.

What will you be doing

• Oversight and advise on technology risk identification, risk assessment, risk mitigation and response and risk reporting across the relevant transaction cycles within the Technology business to operate within risk appetite and in compliance with Barclays Control Framework.
• Provide accurate advice to the CCO GTIS Pillar Controls Officer, to enable them to set the overall strategy, policy and targets of the team.
• Undertaking risk and control assessments and supporting presentation of risk assessments to Senior Stakeholders
• Provide Risk and Advisory coverage for Infrastructure functions including Network, Operating Systems, Collaboration tools, Data Storage, related vulnerabilities, ICP processes, and Technology Resilience Management
• Scanning the horizon for external events such as Regulatory actions & penalties, regulatory changes/breaches and emerging threats. Carry out proactive risk assessment to analyse Barclays Controls environment & preparedness and recommend remediation for identified gaps
• Ensure that the Technology Operational Risk metrics, assessments, and reporting are backed by correct data and that effective risk management is demonstrated
• Identify, report and manage Operational risk events and resulting issues / actions for management visibility and awareness.
• Manage Risk assessments and logs including the TCSA s and ORAC entries ensuring that they accurately reflect the risk status of the business
• Help business by interpreting the business requirements and their impact to the bank s risk and controls posture and communicate control risks to relevant stakeholders ranging from business leaders to engineers/developers
• Ensure appropriate security policies and controls are in place that will safeguard bank s digital information and electronic systems.
• Assist in enhancing Barclays Internal Audit (BIA) relationship with Technology environments
• Promote awareness of applicable technology and security policies, standards and procedures
• Establish and maintain an effective risk culture

What we re looking for:

• Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment
• Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
• Excellent communication skills (both oral/written) including ability to clearly communicate risks and control issues to technologists and non-technologists
• Experience in Data modelling to present risk and control summary to Senior Leadership
• Excellent analytical and methodical approach to respond to internal and external events related to Technology & Cyber, emerging threats, identified vulnerabilities, regulatory actions.
• Excellent leadership skills, provide thought leadership to the team and ability to work as an individual contributor
• Detail orientated with excellent time management skills
• Problem solving ability to think unconventionally and find solutions to unstructured problems
• Ability to network and establish rapport with internal colleagues across global teams
• Strong interpersonal skills with an ability to communicate difficult or complex ideas clearly and constructively
• Collaborative, able to drive agreement across varying stakeholders
• Confident in negotiating and influencing colleagues or stakeholders
• Degree of independent thinking and decision-making authority, and ability to influence upwards
• Strong assertiveness skills and ability to challenge effectively at all the levels in the organization on the underlying risk management
• Being a global role, person must be adaptive and flexible to work across various time zones

Skills that will help you in the role:

• Bachelor s degree in Computer Science and equivalent work experience in relevant industry with strong background in risk management, technology and information security
• Experience in assessing design and operating effectiveness of technology controls related to Technology Infrastructure
• Hands-on experience in service delivery or project management of IT infrastructure (servers, network, storage) and software components with excellent understanding of related technology controls to mitigate risk
• Hands-on experience in managing the service delivery and operations with the help of key metrics like KRI, KCI, KPI etc. and designing the scorecard etc.
• Hands-on experience working/supporting SOX, SOC, Internal/ External/ Regulatory Audits
• Experience in leveraging IT risk frameworks such as COBIT5, COSO, NIST
• Excellent knowledge of information technology risks, controls and risk remediation and experience using industry wide GRC tools

• Experience in playing a lead role in:
• Review of Audit findings, self-identified issues and breaches to align them with operational risk, regulatory requirements and Barclay s Control Framework
• Advising IT on pragmatic approaches to meeting regulatory mandated technology controls and risk reduction
• Delivering of risk reduction and operational improvement projects
• Managing diverse staff and stakeholders
• Relevant professional certification such as CISA, CISSP, CISM, PMP, CRISC or equivalent

Where will you be working PuneBe More at BarclaysAt Barclays, each day is about being more as a professional, and as a person. Be More @ Barclays represents our core promise to all current and future employees. It s the characteristic that we want to be associated with as an employer, and at the heart of every employee experience. We empower our colleagues to Be More Globally Connected, working on international projects that improve the way millions of customers handle their finances. Be More Inspired by working alongside the most talented people in the industry, and delivering imaginative new solutions that are redefining the future of finance. Be More Impactful by having the opportunity to work on cutting-edge projects, and Be More Valued for who you are.,

Keyskills :
risk management frameworkenvironmental impact assessmentit riskkey metricsrisk metricsdata modelinginternal auditexternal auditbusiness unitsrisk reductionrisk managementrisk assessmenttime management