Head Of Technology Compliance Regulatory

Description:

Reporting to the Chief Technology Risk & Information Security Officer (CTRISO), Europe, this is a leadership role within the European Technology Risk and Security Team which is a new function of the Office of the CIO, Europe. This new role will take direct responsibility for ensuring regulatory requirements, including pipeline regulations, are complied with in the provision of technology services across the European business segment. In addition, the role will lead a team to develop, implement and maintain first line technology processes and capabilities to deliver the following: technology controls assurance; third-party contractual and due diligence obligations relating to technology and cyber security; support regulatory enquiries; facilitate and monitor Audit and Risk activities; and provide data governance & privacy services and advice to European Technology.

The role will lead a team and will involve significant senior relationship and stakeholder management across multiple lines of business in Europe and Lifeco.

This role can be based in Ireland or the UK .We have embraced a hybrid working model for most of our positions, which means that you can enjoy a balanced approach of working from home for part of the week and working from the office for the remainder of the week.
Key Accountabilities
Work closely with the European Chief Compliance Officer’s team and European Data Privacy Office to direct the European Technology strategy and business preparedness to meet its regulatory obligations including those relating to data privacy
Responsible for the provision of advice and monitoring compliance with relevant regulations including data governance and privacy that directly apply in the provision of technology services across the European segment
Coordinate and facilitate regulatory enquiries relating to European Technology and Central Technology Services ensuring consistency, quality, and timeliness of responses
Coordinate and facilitate Audit, Risk and Compliance engagements relating to European Technology including planning, engagement, management response and remediation tracking
Develop, apply and embed Supplier Risk Management standards as they relate to technology and cyber security, including procedures and guidance aligned to Lifeco’s global minimum standards whilst meeting European business and jurisdictional requirements
Develop and operate efficient standardised processes to deliver third-party security due diligence and support the in country legal / commercial teams in drafting appropriate clauses relating to technology and cyber security ensuring relevant regulatory and commercial considerations are included
Responsible for the oversight of ongoing due-diligence for third parties security and technology risks
Responsible for the process development and delivery of technology controls assurance activities including assessment of design and operating effectiveness, agreeing and monitoring delivery of remediation plans
Coordinate annual policy attestations relating to the risk and control effectiveness of European Technology, as required
Responsible for the process development and coordination of client assurance activities relating to Central Technology Services including standard responses, supporting certification audits (e.g. ISO27001, SOC1 and SOC2) and customer right to audit requests
Responsible for the delivery and maintenance of Registers of Processing Activities (ROPA) and Data Privacy Impact Assessments (DPIA) for critical third-party services and applications provided to Central Technology Services
Key contributor to the European Technology annual planning and budgeting process.
Lead and motivate a team, managing the performance and development of direct reports, ensuring alignment with the European Technology strategic direction. Ensures robust succession planning across the team and uses talent management strategies to build and retain capability
Role model and support the broader leadership activities of the OCIO Risk & Security team, developing the ‘brand’ and highly engaged team recognised for its diligence, subject matter expertise and excellence in delivery. Able to seamlessly deputise for the CTRISO as required
Be a thought leader for technology and cyber security compliance, third-party risk and data governance across the European business segment, educating stakeholders including senior executive on complex topics, emerging trends and regulations
Knowledge, Skills & Experience
Experienced Risk and Compliance leader with diverse experience across operations and Information Technology in a complex large organization across multiple geographies
Experience of managing and responding to regulatory enquiries
Deep knowledge of regulations and data privacy and their application within a Technology environment including a good understanding of trends and regulatory focus across European regulators, particularly operational resilience and cloud infrastructure is required
Experience of technology and cyber security supplier and third-party risk would be beneficial
The ability to partner with and relationship manage senior stakeholders in order to manage expectations and influence business goals to achieve successful outcomes.
The ability to set clear and challenging goals while committing the organization to improved performance; tenacious and accountable in driving results
The ability to use a combination of logic, analysis, experience, wisdom to solve complex, difficult problems in a timely and innovative way
Third level qualification in Risk management, Compliance or law, or equivalent work or education-related experience preferable.