Technology Risk and Controls Manager - Insurance firm

勤務地 東京都
雇用形態 正社員
給与 ¥9000000.00 - ¥11000000.00 (年収)
専門 テクノロジー・デジタル・通信,
職種 情報セキュリティ/サイバーセキュリティ/ITリスク・ガバナンス,
お問合せ Sangay Rabsel Sherpa
JOB ID JO-2208-473416

MANDATORY
・Applicants must have permission to work in Japan
・Applicants must be able to speak fluent ~ native level Japanese (Equivalent to JLPT N1)

☑Foreign business ☑English language required ☑Japanese language required ☑Hybrid (On-site x Remote)

Would you be interested in working for a company that encourages their employees to use 4% of their work time to engage in trainings for their career development? Would be in interested in a company prioritizes diversity and inclusion as a critical part of their growth and also encourages their employees to use 90% of their paid leave and provides 7 additional days of paid leave per year?

[Position]
Technology Risk and Controls Manager

[Company Description]
Global Insurance company

[Responsibilities]
Technology Risk and Controls Manager;

  • Is responsible for risk management that includes internal and external audits and regulatory examinations, IT internal controls, governance for IT security, system development, computer operation and management reporting.
  • Is responsible for overseeing and implementing IT Control framework, including but not limited to: review and implementation of IT policies and standards; understanding new and existing regulations that have cybersecurity, privacy or other technology implementations; and issue tracking from issue identification, creation of Management Action Plans (MAPs), and tracking these MAPS through issue closure.
  • Works closely with senior management across IT, Legal, Internal Audit and External Audit.

Oversee IT's SOX issues:

  • Collaborate with the firm's External Auditors, Internal Audit and IT functions to identify and understand all SOX-related issues
  • Facilitate collection of IT artefacts to provide the External Auditor and review prior to submission
  • Support and drive the drafting of SOX MAPs
  • Monitor MAPs, understanding where there are significant issues, and what can be done to address these issues, escalating as appropriate
  • Monitor and ensure timely remediation of issues
  • Validate MAP closures address the root cause of the issues
  • Provide management reporting on SOX issues

Oversee IT's Internal Audit issues:

  • Partner with Internal Audit and IT functions to identify and understand all issues
  • Support and drive the drafting of the MAPs
  • Monitor MAPs, understanding where there are significant issues, and what can be done to address these issues, escalating as appropriate
  • Monitor and ensure timely remediation of issues
  • Validate MAP closures address the root cause of the issues
  • Provide management reporting on Internal Audit issues

Implement IT's policies and standards across Japan:

  • Provide feedback to policy and standard owners to review and refresh the existing policy suite
  • Identify gaps and drive strategic change/improvement
  • Once the policies and standards are updated and published, provide training in Japan if necessary
  • Adopt the global policies and standards in Japan entities

Manage IT Regulatory Compliance:

  • Manage technology regulatory examinations and requests for information for technology and cyber (coordination, data collection, status reporting)
  • Review regulations to understand any implications for IT
  • Own and execute regulatory governance and oversight structure to report on results of segment regulatory and audit activities
  • Monitor MAPs, understanding where there are significant issues, and what can be done to address these issues, escalating as appropriate
  • Work with Legal and Compliance to confirm interpretation of the regulation
  • Collaborate with Risk to understand emerging risks stemming from these regulations

Internal Interactions (Within the Organization)

  • Senior management across IT
  • Legal team
  • Internal Auditor

External Interactions (Outside the Organization)

  • External Auditor

[Requirements]
Educational Qualification
Required: Bachelor's degree

Specific Qualifications
Demonstrate effective leadership skills

  • Clear, concise written and oral communication skills coupled with the ability to drive agreement using information and interpersonal acumen
  • Proven track record of drawing conclusions, making decisions, and using data to solve problems
  • Ability to define solutions from ambiguous scenarios

Maintain excellent interpersonal and oral/written communication skills

  • Active listener
  • Ability to drive change through influence

Excellent negotiation, collaboration, facilitation and coordination

  • Negotiate prioritization and treatment of risk issues that span:
    • Audit obligations
    • Across various lines of business and shared service areas

Excellent program, project and team management

  • Maintain project plans related to internal audit, external audit, and regulatory examination issues/findings to remediate risks. Monitor schedule of each task, remind people and make sure projects are on track.
  • Maintain issue tracking sheet. Chase people in charge, facilitate remediation of risks and update status.

Total Experience

  • 5+ years of experience within technology risk, control, and governance, IT Internal Audit or SOX disciplines in financial industry
  • Understand Japanese regulatory requirements and explain to people concerned in both English and Japanese.
  • To have worked with policies and standards and providing risk analysis throughout the development life cycle of business applications.
  • A demonstrated knowledge of internal and external (regulators) controls required in a regulated insurance company environment including Japanese Personal Information Protection Act.
  • Candidate must be Bi-Lingual (Japanese and English)
  • Strong expertise in SOX framework
  • Understanding of IT Audit principles and best practices
  • Ability to oversee multiple processes, action plans and key stakeholders simultaneously
  • Experience raising awareness of issues to key stakeholders across technology
  • Working in a global and large organization

[Salary]
9-11 million JPY

[Welfare]
Social insurance, Commuting allowance, retirement benefits

[Holidays]
Full 2 holiday week system (Sat/Sun) national holidays, New year's holiday, Annual Leave

Please click "apply" if you are interested in the job.
We will review your profile and contact you within five business days should we find that you satisfy the requirements of the hiring company.
Further details about the company and position will be notified at a later date.

Reference: JO-2208-473416
#LI-Hybrid
Seniority Level: Mid-Senior level
Job Function: Information Technology