EMEA CIO Technology Risk - Framework Lead

Corporate Level: Vice President 

Location: London (Hybrid)

Department: Group CIO Chief Controls Office

Company overview

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com

Department overview

The GCIO function oversees group-wide technology, operations and our data office. Our purpose is to support Nomura’s business strategy and deliver consistent group-wide services based on common operating principles. We are aligned to our key businesses across the group and operate enterprise-wide functions for risk management, governance and controls, supply chain and infrastructure.

The Chief Controls Office (CCO) is a key function within GCIO and our purpose is aligned to the GCIO Strengthen and Protect strategic pillar. We are a global team focused on strengthening our non-financial risk management framework enabling the business to accelerate strategic delivery, whilst enhancing our ability to dynamically manage risks and evidence that we are operating in control.

The CCO function is on a multi-year global transformation journey which starts with building the right foundations especially the right skills and capabilities within our global team.

Role description

• This is a key and strategic role supporting the EMEA CIO with technology risk management as part of a growing Chief Controls Office. Your focus will be supporting with the design, implementation and operation of IT risk management frameworks.
• You will work closely with first line IT and senior management to manage the EMEA CIO technology risk profile within risk appetite (EMEA is a technology hub with other 500 IT staff). You will need to be pragmatic and outcome focused to navigate a complex landscape of competing priorities, including advising management on where to avoid, transfer, mitigate or accept technology risk. You will work closely with Internal Audit, External Audit, Operational Risk Management, Legal, Compliance and Resilience teams.
• You will be a leader and role model within the team. You will need to leverage your technical and interpersonal skills to develop strong working relationships and influence stakeholders across teams and regions.
• The position reports in to the EMEA CCO Lead Executive Director and you will work closely with the EMEA CIO and the Group CCO.
• If you are looking for an opportunity to roll up your sleeves and be at the heart of technology risk management - leveraging your knowledge, ideas and hands-on experience - this is an ideal opportunity for you.

The role is currently hybrid (40% central London office and 60% remote).

Key areas of oversight and engagement

• Support with the design, implementation and operation of IT risk management frameworks (including policies, standards, risks, controls, issues etc.)
• Risk and Control Self-Assessments (RCSAs) Lead – support with the design, implementation and operation of process-led RCSAs
• Control Management Lead – support with the design, implementation and operation of the control management lifecycle
• Issue Management Lead – support with the design, implementation and operation of issue management including read across
• Operational Events Lead – support with the design, implementation and operation of operational events management and reporting
• Scenario Analysis Lead – support with the design, implementation and operation of scenario analysis
• Ensure the firm’s Operational Risk Management Framework (second line) is appropriately embedded in EMEA CIO (first line)
• Support the CCO strategy and transformation programme in EMEA
• Support with senior stakeholder engagement
• Key participant in risk management forums and committees
• Provide an IT risk management advisory service and embed a risk and control culture
• Identify opportunities for process and control enhancement
• Advise on risk management for new and emerging technologies such as cloud, artificial intelligence and automation

What you will bring to the role

• Extensive experience in the financial services industry in technology and technology risk management
• Extensive experience of designing, implementing and operating industry leading technology risk management frameworks e.g. COBIT
• Experience of working in a dynamic technology environment and a thorough understanding of technology
• Resilience and third party risk experience
• Experience of UK regulation
• Strong leadership and people management skills
• Strong stakeholder management skills – ability to challenge at the executive level across the three lines of defense
• Skilled communicator and influencer – ability to articulate technical and complex concepts simply, presenting with impact and gravitas to the most senior stakeholders
• Project management experience – ability to deliver on time, cost and quality
• Experience of risk management toolsets such as ServiceNow Integrated Risk Management or similar

Qualifications, Skills & Experience Required

• 10+ years’ of relevant experience in financial services
• Highly experienced in designing, implementing and operating IT risk management frameworks in Banking
• Knowledge and experience of IT regulatory requirements such as UK Operational Resilience and the EU Digital Operational Resilience Act (DORA)
• A risk management qualification such as CISA, CISM, CRISC or CISSP
• A keen interest in technology
• Proven experience as a trusted IT risk advisor to senior management
• Proven experience of collaborating effectively at all levels within a global matrix organisation
• Self-starter and ability to learn quickly and thrive in a fast-paced and dynamic environment
• High energy, positive and collaborative team player
• Resilient, enjoys challenges and able to resolve complex problems independently 
• Confident with strong communication skills (both written and verbal) – ability to influence and communicate effectively and efficiently
• Delivery and outcome focused
• Innovative and pragmatic approach to solving problems
• Strong analytical skills – attention to detail, accuracy and quality

Diversity & Inclusion

Nomura is an equal opportunity employer. We value diversity and are committed to creating an inclusive environment for all our employees.

We do not discriminate on the basis of age, disability, gender identity and gender expression, pregnancy and maternity, marriage and civil partnership, race, religion or belief, sex or sexual orientation.

If you require any assistance or reasonable adjustments due to a disability or long-term health condition, please do not hesitate to contact us.

Right to Work

The UK Government have taken steps to reduce net migration to the UK by limiting the number of overseas workers from outside the EEA coming to the UK for employment. Please note that whilst we are able to consider applications from overseas workers from outside the EEA (who require a Tier 2 (General) visa) we can only employ them if we can provide evidence that there are no other suitable candidates for this vacancy from inside the EEA.