Job title:
RISK LEAD
Company:
AXA
Job description
AXA Group Operations is an IT company delivering services to AXA Group, to its banking and insurance business companies. Our mission is to shape, build and maintain the IT solutions of AXA Group to sustain business development, reduce time to market, & generate savings.We develop and operate transverse business solutions at an international scale. Working for different companies of the AXA group, AXA Group Operations has a worldwide action field with offices in several countries.YOUR TEAM :You will join the team of The General Secretary Department at Group Operations who regroups the transversal functions in the areas of Legal, Governance, Compliance, Data Privacy, Risk, Internal Control and Remediation.They are composed of 5 teams with respective accountabilities :
- Legal & Governance
- Compliance & Data Privacy
- Risk & Control
- Remediation, Reporting & Projects
The Risk & Control team where the position is situated has many missions:
- Improve Risk awareness at all levels of the organization and develop a strong Risk Culture (Risk and Data Privacy by design principles, especially into Products and Projects lifecycles)
- Define and implement the Risk Policy for Group Operations, ensuring risks are properly managed and coordinating the Risk Management network
- Deploy the internal control framework across Group Operations (including the Internal Financial Control program and reporting)
- Risk & Control referential have been recently centralized in a global tool for most of AXA entities, SCALA.
YOUR MISSIONS :
- Oversees all project risk lifecycle and risk identification on IT products, vendors/contracts : You are in charge of risk management in projects, products and vendor/contract e.g. act as the second line of defense and ensure adequate implementation of risk governance and framework and take into account specificities
- Support strategic projects: You are in charge of supporting Risk Officers assigned to AXA GO strategic project and will ensure adequate use of Risk Project Framework.
- Drive risk opinions delivery: You are in charge to identify and assign 2nd Opinions to Risk Officers on specific topic such as critical contracts, product or any request coming from GO EXCOM
- Act as the point of contact for your scope: You have to put in place the proper governance to ensure adequate implementation of risk framework by the first line of defense and ensure periodic follow-up meeting with SMEs and Process leads
- Oversee the Identification and quantification of risks in accordance to minimum frequency covering its given perimeter on operational risk (Project, Product, vendor, contract…) including DORA criteria
- Monitor proper mitigation plan follow up and monitor (KRIs) risks in the project, product and vendor areas
- Coordinate with parent risk officer regarding risks and internal controls related to projects, products and vendors.
- Pilot pipeline and proper delivery of 2nd opinion performed by risk officers related to projects, products or vendors
- Assist risk officers in onboarding, follow up and scoping of 2nd opinions on the project, product and vendor areas.
- Maintain documentation regarding the policies, guidelines and procedures around 2nd opinions, product, project and vendor risk lifecycle
- Support the risk management framework with risk officers and risks champions
- Be the referent for the risk team for the SMEs involved in the project, product and vendor lifecycles (information security, operational resiliency, compliance, data privacy, finance, legal procurement, procurement, service introduction readiness, architecture…)
QualificationsProfile
- For this position, you should ideally have a Bachelor’s degree minimum or Master’s degree
- Minimum of 5-8 years’ work experience, preferably in IT as a Project Manager, Product Owner, Incident Manager.
- understanding of GDPR, vendor contract negotiations, IA Act, DORA,
- Knowledge of Risk management framework, processes and governance
- Experience in Risk assessment or IT audits is a plus.
- One of the following certifications: CISA, CRISC, CISM, PMP, Certified ISO 31000 risk management or ISO 27001/27005 Information Security is a plus
Skills & Competencies
- Expertise in Risk (identification, quantification, follow-up, reporting)
- Demonstrate rigor, high quality of deliverables and respect of deadlines
- Fluent written and spoken English and French
- Appetence to work within an international and intercultural environment
- Analysis and Reporting Abilities
Expected salary
Location
Paris
Job date
Wed, 09 Oct 2024 22:47:59 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (vacanciesineu.com) you saw this job posting.