AGC IT Compliance Manager
We have a full time permanent position available to join our team in Norwich or York.
The Aviva Group Centre CIO function must demonstrate that we understand and manage risks and comply with Aviva IT and Business Protection standards. This is a new role which will work across the team to support and oversee control owners as well as managing specific key controls for the team. The aim will be to embed these governance processes within the business community so that they become just the way we do things and part of us providing a great service.
Our team is created by a community of professionals who provide IT service and change to Group Functions such as Finance, Risk, HR and Legal & Compliance. Team members are based in London, Norwich, York and in Poland. Our vision is, as a community, to provide a flawless service for all of the systems and services that we support which are used right across Aviva.
We are looking for someone with risk management, compliance and governance experience but who ideally also has worked in an IT application support role so that they can appreciate the complexity and challenges faced by the teams they will be supporting.
As this is a new role, the role holder will have the opportunity to shape the application of the governance framework within the Chief Information Officer team and to identify and drive improvements in the way we manage our risks and controls.
The role holder will work with people in the Aviva Group Centre CIO team but also across the wider CIO team and Group Functions teams. They will therefore have the opportunity to develop networks, governance and IT knowledge and also knowledge of how the Group Functions operate.
Duties & Responsibilities
- Manage and co-ordinate risk management, control ownership and other governance activity across the teams.
- Understand the IT and Business Protection Control standards and Integrated Assurance Framework in order to assess the risks for different IT services and to provide expert advice and support for control owners and the business community.
- Maintain a thorough understanding of agile delivery and IT service in order to support and oversee run and change teams as they assess controls and progress remediation plans.
- Work with and support controllership activity in CISO, GITO and the Cyber Security Transformation programme, understanding and overseeing any impact on our business area.
- Identify key controls improvement themes and run projects across the teams to drive a consistent standard of control.
- Ensure all Control issues are logged, have a remediation plan, and have confirmed owners and target dates for remediation
- Manage Specific Key Controls for the team to ensure compliance with the IT and Business Protection Standards e.g. maintain IT information asset register, review access to development tools and utilities, and support CISO in the completion of Business Criticality Questionnaires.