Your career opportunity:
Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. Its purpose is to make sure the company understands and is in control of its non-financial risk position.
This is a high-profile role in our function, with responsibility to provide technical advice and support globally to ensure stakeholders understand and are aware of the control environment and assessment of cyber risk globally commensurate with the scale and nature of our operations.
This role requires an established and experienced senior manager, who can authoritatively, and credibly, interact with executive stakeholders at C suite level across all lines of defence in the bank.
What you’ll do:
- Support the ORR Business & Functions team to explain in non-technical terms the impact of issues or events, and top and emerging risks that may require changes (for example, to controls, resources or business operations) to remain within respective Risk Appetites.
- Support the ORR Business & Functions teams to ensure risk and control owners have clear understanding of the effectiveness of the current control environment.
- Monitor the local external environment to get early sight of emerging cyber risks and provide detailed guidance on controls required to mitigate against them; build and maintain relevant cross-organisation and industry relationships.
- Deliver tailored and specific expertise across cyber risk enabling 1LOD to successfully deploy and operate mitigating key control.
- Provide technical guidance to support development and completion of ORR and regulatory reporting obligations (e.g., RAS, top & emerging risks, risk profile reporting, RMM, Board reporting where relevant, etc.).
- Ensure the root cause of relevant global operational risk issues and events are fully understood and correctly treated.
- Ensure any concerns with key controls and material change programmes, relevant to cyber risk, are understood and escalated as needed.
- Work in conjunction with the ORR Business & Functions teams and 1LOD to escalate any matters when needed.
- Lead regulatory and audit engagement pertaining to cyber risk; ensure regulatory compliance for the cyber risk and timely completion of audit actions and findings.
- Support training and capability uplift for the ORR Business & Functions teams to ensure robust understanding of cyber risks.
What you need to have to succeed in this role:
- Strong level of business knowledge and cyber risk expertise.
- Strong level of risk management knowledge and relevant experience.
- Comprehensive knowledge of the internal control environment.
- Ability to challenge practices and capabilities while maintaining a strong working relationship with the teams involved.
- Effective management of time to work across multiple disciplines, time zones, etc.
- Sensitivity to Cultural diversity and ability to dynamically adapt interpersonal style to build effective relationships.
- Understanding and Applying Risk Management in Context.
- A BA or BS University Degree, professional certificate in one or more specialist disciplines.
What we offer:
- Competitive salary
- Annual performance-based bonus
- Additional bonuses for recognition awards
- Multisport card
- Private medical care
- Life insurance
- One-time reimbursement of home office set-up (up to 800 PLN)
- Corporate parties & events
- CSR initiatives
- Nursery and kindergarten discounts
- Language classes
- Financial support with trainings and education
- Social fund
- Flexible working hours
- Free parking (Cracow office)
Note: Prepare your CV in English (PDF), fill in the form and apply!
Please include in your CV the following clause necessary for the recruitment process:
I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Cyber Risk Senior Manager position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Dotcommunity jest zarejestrowana w Rejestrze agencji zatrudnienia (KRAZ) pod numerem 9904.