We take Risk, Control and Governance seriously. Our mission is to create the world’s best core banking engine which means adhering to the highest risk and security standards. Our clients expect our risk and control framework to be at least on par with theirs, but we want to raise the bar. We always exceed expectations, also when it comes to security. Are you the one to help manage and improve all aspects of Ohpen’s Control Framework?
As our Risk Manager, you will define and mature the Ohpen Control Framework (OCF) and help to develop and embed the risk and control function into the first line of the organisation. Furthermore you will continuously search for opportunities to operate in a more efficient manner while identifying and reducing technology and operational risks. The job requires a hands-on mentality and excellent communication and relationship building capabilities as you will work closely with all departments.
- Own and perform regular reviews with management on the Ohpen Control Framework. From mapping of applicable legal and regulatory requirements and industry standards to policies and standards, to effective design of IT General Controls, Business Process Outsourcing and OFS Application Controls;
- Maintain the Risk Assessments and OCF mapping in ServiceNow Governance, Risk and Control (GRC) module;
- Perform Internal IT Security Risk Assessments and Data Protection Impact Assessments for GDPR compliance;
- Support External Audit activity with preparation of all materials for the ISAE3402 SOC-1, SOC-2 and ISO 27001certifications;
- Develop training materials for e-learning modules and coach and mentor first line risk and control owners;
- Identify opportunities to mature the risk management activities and improve the strength and effectiveness of the key controls by introducing new industry standards for the people, processes and technology.
- You have a MSc/ BSc in Computer Science, related degree or commensurate work experience;
- You are an expert in relevant IT, Security and Risk frameworks, standards and regulations such as ISO, COBIT, NIST, ISAE, CSA CCM and GDPR;
- You will have a leg up if you have worked with ServiceNow, or have experience translating risk management requirements and control objectives into a similar tool for automation;
- You have experience working with Cloud Service Providers (CSP) or a solid understanding of the unique challenges for CSPs from a risk and control perspective;
- You are comfortable with a rapidly changing environment as the company continues to add new Clients;
- You have strong analytical and problem solving abilities.
- As our business is growing, things that might be your default setting today, might be different tomorrow;
- Communication is key to empower the organization in supporting your objectives;
- Your work is highly structured. It will require strong analytical skills to succeed in this job.
- You will be part of a growing team, with a lot of opportunities. Seize them!
- We will provide you with all necessary resources to be successful;
- Your learning curve will be steep;
You will work with the most driven people you will ever meet.