NFR Specialist

Your day-to-day activities will be specific to the service you are allocated, but over time, you will build knowledge in all the tasks described below:Participate in and challenge risk assessments, including Business Impact Assessment and IT Asset Risk Assessment. Communicate, interpret, and provide training on IT Risk tooling, IT Risk Policies, Minimum Standards, Procedures, Methods, and Techniques. Perform second-line IT Risk and Business Continuity Management reviews, challenging IT Controls and Business Continuity controls.

Monitor second-line IT Risk of IT and BCM issues. Participate in, challenge, and periodically report on the risks of key strategic (IT/BCM) programs and projects. Measure and report the implementation of Information (Technology) or Continuity Risk frameworks throughout the organization.

Support the identification of impacts and coordinate responses to law and regulatory changes, internal and external audit reports, and monitor follow-up on regulatory issues. Act as a trusted IRM/BCM advisor to 1st line management and 1st and 2nd line Non-Financial Risk specialists.

Raise, review, and challenge risk remediation actions for IT Risk or Continuity Risk gaps identified. Participate in and contribute to deep-dive or thematic reviews of IT controls and BCM controls. Contribute to the development and maintenance of a risk awareness curriculum and training program, and deliver risk awareness training to the organization.

Perform and assist with other information risk activities as required.