Team and Position Summary
The IT Governance Specialist plays a key role in the Line 1.5 defense framework, reporting directly to the Head of IT Governance. This individual will be responsible for Governance, Risk, and Compliance (GRC) management, audit coordination, and serving as a liaison between Line 1 and Line 2 to ensure effective communication and process optimisation.
Key Responsibilities
Governance, Risk & Compliance (GRC) Oversight
- Act as the first quality assurance checkpoint for OSPAR compliance activities with other divisions and external auditor to ensure compliance with OSPAR guidelines
- Track and report remediation progress from audits and compliance findings to the management, ensure timely resolution
- Conduct independent reviews of Line 1 controls and processes to ensure compliance with policies, standards, and organizational alignment across all IT divisions.
- Collaborate with the Risk and Compliance division on risk and compliance matters, ensuring cohesive oversight.
- Coordinate and provide support for IT and Operations audits. Engaging and working with Line 2 and Line 1 to perform Risk and Control self-assessment (RCSA) testing
Requirements
Education and Experience
- Degree in Information Technology, Business Administration, or a related field
- Minimum 5 years of experience in IT governance, IT audits, risk and compliances, or relevant control function. Familiar with OSPAR guidelines and a proven ability to ensure compliance with these requirements
Skills and Knowledge
- Experience in conducting or participating in audits, particularly OSPAR audits
- Exhibit strong risk mindset, ensuring rigorous execution and adherence to best practices in line with BCS' role as an operator of the national critical payment infrastructure
- Good written and verbal communication skills
- Strong problem-solving skills with a proactive approach to identifying issues, developing solutions, and implementing changes to improve vendor management processes Familiar with regulatory requirements, IT governance practices, operations risk management processes, and industry trends/practices (e.g., COBIT, ITIL, NIST, MAS requirements, Payment Services Act).
Professional Certifications
- Certifications such as CISA, CISM, CISSP, CRISC or any relevant certification will be an advantage
Report job
