IT Risk & Control Manager

JOB DESCRIPTION :

- Coordinate and support internal audit, external audit, and regulatory reviews relating to WPB technology and cyber controls.

- Maintain and enhance the WPB technology control framework, ensuring alignment with enterprise-wide governance standards and regulatory expectations.

- Proactively identify control weaknesses, gaps, and emerging risks within the WPB technology estate, escalating material issues appropriately.

- Engage with WPB technology and business stakeholders to embed a strong risk culture and ensure control owners understand their obligations.

- Produce accurate, timely management information on the control environment, risk profile, and audit/regulatory action status.

- Support the execution and documentation of Risk and Control Self-Assessments (RCSA) across WPB technology domains.

- Track and drive closure of audit findings, regulatory actions, and self-identified issues within agreed timeframes.

- Assess new technology change initiatives for control implications, providing risk input into project governance processes.

- Liaise with second-line Risk and Compliance functions and third-line Audit teams to ensure consistency and alignment.

- Contribute to the development of control documentation, policies, standards, and procedures relevant to WPB technology.

- Support senior leadership with risk reporting, committee packs, and governance forums.

Qualifications :

- Operational risk lifecycle knowledge (identification, assessment, mitigation, reporting)

- Audit coordination internal, external, and regulatory

- Stakeholder management across technology and business functions

- Governance framework design and implementation

- Risk and Control Self-Assessment (RCSA) experience

- Strong analytical, documentation, and reporting skills

- Ability to manage multiple concurrent workstreams