Responsibilities
Direct Responsibilities
Enforce the WMIS TPTRM framework in accordance with Group requirements
• Ensure the WMIS TPTRM policies and procedures are up-to-date, validated by proper stakeholders and are published
• Participate to project IPO and propose GO/NO GO risk assessment for ITSVC (IT Risk perimeter)
• Perform TPTRM due diligence for projects or incoming requests
• Provide TPTRM awareness training on quarterly basis.
Execute TPTRM Controls
Group IT Control Library
• Execute ICT controls in accordance with the Group IT Control Library
Security Clauses
• In coordination with WMIS Contract Management team, follow regularly (at least on a monthly basis) the WMIS security clause remediation plan
• Built a (PowerBI) dashboard aiming to know the WMIS Contract Security Compliance rate
Ensure the outsourcing, purchasing & shoring arrangements are adequately recorded in Group Tools
• Ensure that new WMIS outsourcing, purchasing & shoring arrangements are promptly recorded and validated in 360 Arrangement.
• Assist the onboarding of TPTRM activities on TPTRM GRC IT tool
• Monitor the data quality of TPTRM GRC IT tool regularly
Ensure the WM TPTRM remain in compliance with relevant regulatory regulations
• Keep in focus of the evolving TPTRM regulatory requirements from ECB, Singapore, Hong Kong, Taiwan and Thailand and others.
Contributing Responsibilities
Contribute to the Group Cyber Security Program on TPTRM stream
• Perform an analysis of the TPTRM requirements of the Group Cybersecurity Program and formalise the WM TPTRM roadmap
• Execute the WM TPTRM roadmap in coordination with WM stakeholders (Procurement, Outsourcing Coordinator, WMIS managers, etc)
• Keep track of WM TPTRM roadmap regularly and raise alert when deviation is observed.
• Report the progress of the TPTRM topic during the CyberTrust@WM Operational Committee and WM Quarterly ITRCS Committee
Technical & Behavioral Competencies
Master the project management practices, including agile mindset as well as reporting, tooling (Sharepoint, Planner, Microsoft 365, PowerBI, Confluence, Jira)
Deep knowledge
Third Party Technology Risk Assessment and Management
Deep knowledge
Knowledge of IT Security standards and methodologies (e.g. NIST CSF, CIS, ISO2700x)
Good
Knowledge of Contract management, Procurement
Good
Essential Banking Knowledge
Banking Knowledge and understanding of Wealth Management specificities
General Knowledge
International banking regulations
General Knowledge
Essential Personal Skills
Communication skills – Ability to interact throughout oral and written communication skills
Deep Knowledge
Provide leadership to various stakeholders in proactive manner
Deep Knowledge
Ability to provide an accurate reporting to the Management
Deep Knowledge
Must be motivated, and able to work independently as well as part of a team
Deep Knowledge
Must demonstrate ethical responsibility, maturity, and discretion
Deep Knowledge
Specific Qualifications (if required)
Skills Referential
Behavioural Skills: (Please select up to 4 skills)
Communication skills - oral & written
Organizational skills
Ability to deliver / Results driven
Client focused
Transversal Skills: (Please select up to 5 skills)
Analytical Ability
Ability to set up relevant performance indicators
Ability to manage / facilitate a meeting, seminar, committee, training…
Ability to inspire others & generate people's commitment
Choose an item.
Education Level:
Bachelor Degree or equivalent
Experience Level
At least 5 years
Other/Specific Qualifications (if required)
Qualifications and Experience
• 5 – 8 years’ experience in Third Party Risk Management, Project Management and IT Security risk management.
• Functional as well as technical knowledge of common IT risk analysis and assessment methodologies
• Knowledge of Norms and Standards in the banking and cybersecurity industry
Other Value-added Competencies
• Project Management skills
• IT security / risk certifications: CISM / CRISC / ISO27001/ ISO20000 / CTPR
• Operational Risk and Permanent Control
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.