Business Risk Senior Group Manager / Head of Information Security Management Department

The Business Risk Senior Group Manager manages multiple teams through other managers. In-depth understanding of how own sub-function contributes to achieving the objectives of the function. A good understanding of the industry, direct competitors' products and services, is also necessary in order to contribute to the commercial objectives of the business. Requires thorough understanding of strategic direction of the function within the relevant part of the business, combined with a solid conceptual/practical grounding in both the function and/or area of expertise and related subject areas. Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication/negotiation may be necessary. Responsible for executing functional strategy in area managed. Determines approach to implementing functional strategy. Accountable for end results, budgeting, planning, policy formulation and contribution to future strategy of the area(s). Impact reflects size of team managed, strategic influence on the business and interaction with other functions or businesses. Full management responsibility for multiple teams, including management of people, budget and planning, to include duties such as performance evaluation, compensation, hiring, disciplinary actions and terminations and budget approval. May be doing involved or responsible for diverse (cross-discipline) activities. Typically, a direct report to a Member of Management Board role and function as an integral member of the functional leadership team within a country/site location, job family, or line of business.

Responsibilities:

• Creating and implementation of Risk&Control strategy in line with business requirements and bank strategy
• Managing a functional area and processes in a way that ensures timely, correct and effective implementation of the set goals and tasks
• Determining the budget of the subordinate unit and responsibility for its implementation
• Controlling end results (e.g., resources, policy formulation, budgeting and planning) that primarily affect a sub-function
• Make critical decisions that are guided by functional objectives.
• Supervision and responsibility for project implementation in own area and support in implementation of general banking projects
• Ensuring high-quality cooperation with other units in the bank
• Conducting activities aimed at ensuring compliance and operation of the subordinate unit with the applicable regulations in Bank and the law and regulations. Identification of regulatory, operational and process risks and problems. Implementing actions to mitigate identified problems and risks.
• Approving of draft proposals and decisions as well as information prepared forOperations and TechnologyHead and the Board Members.
• Issuing internal normative acts within the limits of the powers granted.
• Establishing, implementing and monitoring in all Bank areas the following procedures and policies:
  • ICT Risk Management Framework and Resilience Strategyfollowing DORA regulation
  • Information Security Management, including cybersecurity
  • Operational Resilience andBusiness ContinuityManagement
• Risk management of entrusting banking and investment activities by Bank (outsourcing)
• Coordinating selfassessment process (MCA) in Bank
• Defining Risk & Control Governence forOperations and TechnologySector. Defines and supervises the implementation of principles and standards for control activities inOperations and Technology.Supervises existing and emerging key control issues and related risks.Developing risk assessment indicators and recommends the implementation of appropriate measures inOperations and Technology
• Evaluate the effectiveness of existing controls, identifying areas for improvement, and implementing necessary changes
• Promoting a culture of risk, control and compliance awareness with internal and external requirements
• Interact and cooperate with Regulators and Internal and External Audits forOperations and Technologyarea

Qualifications: 

• 15+ years of experience in operational risk management, compliance, audit, or other control-related functions in the financial services industry, including managerial experience
• Proven knowledge in ICT Risk Management, Information Security and Cybersecurity Management, IT Governance, IT Risk Management, Business ContinuityManagement, Outsourcing, Project Management. Expert certificates ie  CISSP, CISA, CISM
• Ability to identify, measure, and manage key risks and controls combined with an ability to provide challenge and make recommendation for risk and controls remediation
• Demonstrate sound business judgment
• Ability to see the big pictures with high attention to critical details
• Experience in developing and implementing strategy
• Experience in running transformational projects across all organization
• Experience in developing new ideas and improving current processes to proactively mitigate risks
• Excellent knowledge in the development and execution for controls
• Proven experience in control related functions in the financial industry
• Proven experience in implementing sustainable solutions and improving processes
• Deep understanding of compliance laws, rules, regulations, and best practices
• Demonstrate exceptional leadership, decision-making, and problem-solving skills
• Excellent analytical skills to evaluate complex risk and control activities and processes
• Ability to deliver compelling presentations and influence executive audiences, including presentation of formal motions to the Board Member level
• Strong sense of accountability and ownership, with strong results orientation
• Excellent communication skills; ability to engage and inspire across stakeholder groups
• Polish language is a must to interact with polish regulators and to approve BHW policies
• Bachelor’s/University degree or equivalent experience, potentially Masters degree and managerial experience

Citi Handlowy offers:

• Job contract and social benefits (private medical care, fitness card, life insurance, pension programme, co-financing of cultural and entertainment events and more. Full list can be found here: www.karierawciti.pl under Benefits for you and Benefits for your loved ones sections)
• Possibility to gain globally appreciated work experience
• Friendly and supportive culture and team
• Flexible and partly-remote working conditions

Your personal data will be administered by Bank Handlowy w Warszawie S.A. with its registered office in Warsaw, ul. Senatorska 16. The Bank carries out the processing of your personal data first of all to conduct the recruitment process in which you participate, i.e. in the scope specified in Article 22(1) of the Labour Code (Article 6(1)(c) of the GDPR). You are entitled to: access your personal data, rectify them, erase them, restrict their processing, transfer your data and object to their processing. More detailed information is available at the website: BankHandlowyPolandPrivacyNotice

Please read the information about internal reports procedure – Whistleblowers Protection Act: BankHandlowyPolandWhistleblowersProtectionAct

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Most Relevant Skills

------------------------------------------------------

Other Relevant Skills

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.