The Apex Group was established in Bermuda in 2003 and is now one of the worlds largest fund administration and middle office solutions providers.
Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide. Your career with us should reflect your energy and passion.
Thats why, at Apex Group, we will do more than simply empower you. We will work to supercharge your unique skills and experience.
Take the lead and well give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities.
For our business, for clients, and for you.
Purpose of the Role
Reporting to the Chief Information Security Officer (CISO), this role ensures that Technology, Data Management and Information Security policies are written, maintained and published in line with the Enterprise Risk Management Framework assuring compliance with regulatory requirements across all entities within the Group.
Responsible for leading a team in monitoring regulations related to Information Technology and Security, and ensuring compliance through the development and implementation of policies in conjunction with owners of policy, standards, processes, and controls. This includes the maintenance of those artefacts and providing comprehensive responses to external, client, regulator, and internal audits or due diligence questionnaires.
Collaborating with key stakeholders to manage and coordinate audit activities, mitigate risks, address audit findings, and enforce control measures effectively.
Key Responsibilities
1. Leading the Technology Assurance team to effectively manage technology assurance across the Group.
2. Policy and Standards Management: working with Policy owners to manage updates to policies, standards, processes, and controls within the Enterprise Risk Management Framework (ERMF).
3. Controls Catalogue Management: Oversee the IT General Controls catalogue, ensuring it is comprehensive and up-to-date.
4. Audit Relationship Management: Manage relationships with internal and external auditors, coordinating with stakeholders to provide necessary evidence.
5. Audit Findings Management: Address and manage audit findings, ensuring timely resolution and implementation of corrective actions.
6. External Liaison: Liaise with regulators (with the Compliance Heads), clients (with CRM/CSM), and auditors to ensure compliance and effective communication.
7. Regulatory Monitoring: Monitor regulations relating to Technology, Data and Information Security across all regions to ensure they are accurately reflected in Technology, Data and Information Security policies, standards and controls.
8. Controls Testing: Conduct regular testing of controls to ensure their effectiveness and compliance. Testing design and execution effectiveness proactively to avoid audit surprises, supporting control owners in improvement plans required.
9. Stakeholder Coordination: Coordinate with various stakeholders to ensure alignment and effective implementation of technology assurance practices.
10. Risk Assessment: Perform risk assessments to identify potential issues and develop mitigation strategies, providing input to the Technology Risk Forum.
11. Reporting: Prepare and present reports on technology assurance activities to senior management and relevant committees.
12. Continuous Improvement: Drive continuous improvement initiatives to enhance the effectiveness of technology assurance processes.
13. Ensure that Technology policies are understood, reflect compliance needs and are followed. Providing training and guidance where appropriate.
Experience required
1. 5 years plus as experienced senior IT leader in a global, regulated enterprise essential.
2. Experience in an Asset Servicing or financial services enterprise preferred.
3. Strong communication skills to effectively liaise between regional and global teams across all levels, both technically and in relaying strategic messages to a senior audience.
4. Proven experience in managing audits, closing audit actions, and executing effective controls.
5. Proven experience in implementing or managing controls frameworks such as COBIT 2019 or ISO27001.
6. Excellent collaboration skills to foster teamwork and enhance communication across teams.
7. In-depth knowledge of local and corporate policies and regulations to ensure compliance.
8. Expertise in identifying, assessing, and mitigating technology risks at a local level.
9. Preferred experience of dealing with regulators and external auditors.
Disclaimer: Unsolicited CVs sent to Apex (Talent Acquisition Team or Hiring Managers) by recruitment agencies will not be accepted for this position. Apex operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our exclusive recruitment partners.
J-18808-Ljbffr