Join to apply for the IT Risk Manager role at CNA Hardy
Position Summary
The IT Risk Manager supports the organisation's IT & Operations Risk Management Programme by providing best practice and quality contributions. The individual acts as the first line of defense, conducting RCG risk assessments and other risk management activities such as risk identification, profiling, assessment, response, evaluation, and advising on issues and remediations. This role aligns with the Risk and Controls Governance framework.
Candidates should have an intermediate or expert understanding of IT & Operational risks, along with experience in executing first-line IT risk management processes within a large institution. Good communication, management skills, and industry best practices knowledge are essential.
Key Responsibilities
Performs duties according to departmental guidelines, including:
Strategy And Transformation
* Align with Group RCG target state program covering governance, risk management methodologies, technology enablement, automation, metrics, and reporting.
* Collaborate with the three lines of defense and other risk functions to support and align the Risk and Controls Governance strategy within CNA & CNA Hardy.
* Engage stakeholders across various levels for effective communication and buy-in.
* Develop education, training, and awareness materials on IT & Operations risks.
Operational Activities
* Execute operational activities such as risk profiling, assessments, scenario analysis, metrics, and reporting.
* Document issues and develop materials for leadership review.
* Support the creation and monitoring of risk response plans.
* Act as a contact point for stakeholder questions and escalate issues as needed.
* Provide guidance and risk advisory for initiatives.
* Develop and present training materials as appropriate.
* Update management on progress and escalate issues accordingly.
* Perform other duties as directed by leadership.
Skills, Knowledge & Abilities
* 5+ years of experience in IT & Operations Governance and risk functions.
* Ability to develop risk registers, control libraries, and compliance documentation.
* Strong analytical skills for risk assessment and mitigation.
* Experience collaborating across functions and with various stakeholders.
* Knowledge of technology risk and control frameworks.
* Certifications such as CISSP, CISM, CISA, CIA, CRISC, CGEIT, ISO are desirable.
* Excellent communication and presentation skills.
The Company
CNA Hardy is a leading provider of specialist commercial insurance, offering innovative products for businesses of all sizes with domestic and international exposures.
#J-18808-Ljbffr