Job Description
The Enterprise Technology and Digital Risk leader will be responsible for the identification, evaluation, and mitigation of technology risks across all business units.
This role ensures alignment with AIB's strategic objectives, regulatory standards, and overall risk position is pivotal in ensuring the resilience, security, and compliance of digital platforms, embedding risk management practices within daily operations, and promoting a culture of risk awareness throughout the organisation.
Key Accountabilities:
* Supporting Head of Enterprise Technology Risk & Compliance in rolling out a best-in-class technology risk framework, including risk incident and issues management, digital operational resilience practices, product governance, and more.
* Partnering with 'first line' teams - primarily the 'Technology & Data' organisation to provide risk support in the assessment of systems and infrastructure risk, cloud and security risk, including in the development of new products and features by embedding good risk practices and finding solutions to problems, identifying risks and recommending controls.
* Playing a key role in the management of technology and security related risk incidents and issues that occur.
* Supporting the development and implementation of technology risk policies, procedures, key risk indicators, and appetite statements.
* Developing and embedding a High Value Asset Framework to ensure that key technology, resilience, and cyber controls operate adequately and effectively.
* Leading the further embedding of a strong risk culture across Technology & Data.
* Championing a culture of doing it right first time and focused on the goal of prevention and not remediation.
* Monitoring compliance of relevant laws and key regulations (DORA, SEPA, AI Act, BCBS 239 etc) upholding a rigorous approach to meet requirements on a continuous basis.
* Developing a data-driven reporting framework that drives executive insight and promotes both accountability and transparency of digital risks.
* Staying abreast of emerging risks in areas such as cloud computing, cybersecurity threats, and regulatory changes, proactively integrating them into the risk management program.