IT Risk & Control Officer

Our client is the world leader in Trade Insurance. It works exclusively with businesses and their customers to assess trade and credit risk accurately. Our client also ensures measures are in place to collect payments due. It offers a number of insurance and collection services including protection, fraud, surety (also known as bonding) …
Located in more than 50 countries and 5 continents across the world, the company employs more than 6000 people in the world.

The internal audit team is constantly evolving with recurrent moves in the context of internal mobility.In this context, we are recruiting a Senior Internal Auditor Finance, reporting to the Head of the department.
The Internal Auditor will work in a team of four people.

The R&C officer will be a member of the Internal Control team and pro-actively participate to the implementation and management of different Solvency II Pillar 2 requirements, mainly regarding the Operational Risk Management framework and the Internal Control system. He will directly report to the Group head of Internal control.
The main task will consist of:

1) Supporting IRCS (Integrated Risk & Control System) mainly regarding the implementation of the ITRM (IT Risk management):

  • Plan & conduct ITRM Workshops:
    • Validate risks in scope of the ITRM and covered by the workshop
    • Identify and/or confirm risk owners and risk experts for each in scope risk
    • Identify key controls and assess the control environment for each in scope risk
    • Challenge the action plans for all risks outside the implied risk tolerance
    • Design and perform a control testing plan
  • Perform the formalization of the post ITRM activities (Minutes, documentation…) in the ORGS risk management tool
  • Design a ITRM reporting dashboard
  • Be the interface between external auditor and the Internal control department
  • Support of the subsidiaries ITRM process when relevant

2) Additional to the above main tasks, the Risk & Control officer will also be involved, when relevant, in the following other processes/activities:

  • TRA (Top Risk Assessment), OREC (Operational Risk Event Capture), ScA (Scenario Analysis), Project Risk Management (PRM)$
  • Implementation AZ and Regulatory policies regarding Internal Control Framework + Follow-up and review
  • Organize, complete and update the Risk Documentation
  • Coordinate the regional risk management
  • Design and perform training on IC topics