RSA and 123.ie

Founded in 1710, we are a 300-year-old organisation that is empowering people to put the right things in place to prepare them for their future so that they can live a more fulfilled life free from worry and anxiety.

Built on resilience, expertise and human empathy, we provide insurance that makes people’s lives easier. We learn from our experiences and build on our strengths every day to deliver the best products and services in the market. We are always searching for the best protection for our customers with our extensive range of Commercial and Personal Lines products driven by our network of Insurance brokers, scale partners and via our 123.ie brand.

With a global footprint, we have leading positions in Scandinavia, Canada, the UK, Ireland and Middle East. In Ireland, we have offices in Belfast, Galway and Dublin, where we empower our people work flexibly to suit their needs and those of our customers.  We know that if we plan for tomorrow, we can truly make a positive impact on people’s lives today. 

Looking to the future

In order to be there for our customers during their greatest challenges we are looking for like-minded individuals who will embrace our strategy:

Our Vision — our ambition:
Prepared to make the difference

Our Mission — how we will live our vision:
Harnessing human expertise with agile technology

Our Purpose — why we go to work every day:
To empower people

Our Values — our DNA:
Love simplicity, Better every day, Do the right thing, Boundless ambition
We’re looking for people that are open, engaged, curious and striving to make a real difference – not only in their own lives – but in the lives of those around them.

Culture and Community

Culture and community is a key priority within our organisation. 
We strive to create a diverse and vibrant workforce where everyone feels valued and everyone’s voice is heard. 
In RSA and 123.ie career progression is nurtured and performance is recognised. We help people move forward in life that’s why we put steps in place to encourage our colleagues to learn, adapt and grow.
We cultivate an open and transparent culture where people can be their true selves. RSA and 123.ie support a stimulated workforce where individuals feel more fulfilled in their role and more comfortable in who they are as a person. Most importantly, we care about our environment and the communities around us.

We support programmes and events that give back and enhance the lives of the vulnerable and those in need. We have a dedicated Corporate Responsibility programme that facilitates new ways of thinking to help reduce our carbon footprint, protect our planet for future generations and give back to our communities. 

Senior IT Risk and Compliance Specialist 

The role of Senior IT Risk and Compliance Analyst is a key position within our business. The role will involve managing, advising, and supporting management in carrying out their IT risk management responsibilities.  The role will also involve designing, developing, testing, monitoring and reporting on IT Risk, Control and Compliance frameworks and maintaining our IT policies, procedures, standards, guidelines and reporting requirements. In addition, this role will be responsible for co-ordinating and supporting Line 2, Line 3, external, and regulatory IT audit activity, resulting actions and remediation plans.

A key responsibility of this role is the effective management and facilitation of IT Risk Reporting on behalf of the CIO. Regular and accurate IT Risk Reporting, that can be easily and clearly interpreted by the business, is key to allowing Senior and Executive Management and the Board understand any potential exposure to the organisation.

Reporting to the Head of IT Risk & Compliance, this role will work closely with the IT teams within the CIO function, our IT Outsource partners and the Risk, Financial Control and Audit teams locally and across the Group. The role holder will work with key business stakeholders across all RSAI locations, providing advice, and guidance on managing IT risks and concerns, and ensuring compliance with the appropriate policies and standards.

Key Responsibilities:

• Managing, advising, and supporting management in carrying out their IT risk management responsibilities in all aspects of IT risk including identification, assessment, triage, evaluation and management of IT risks.
• Providing IT Risk and Compliance related advice, support and assistance to all business areas/RSAII subsidiaries to ensure compliance with policies, procedures, standards, guidelines and reporting requirements.
• Designing, developing, testing, monitoring and reporting on IT Risk, Control and Compliance frameworks including the IT Risk Profile, IT Risk Appetite and associated Governance Frameworks, associated tooling and reporting submissions.
• Managing and facilitating IT Risk reporting on behalf of the CIO to local executive management, Committees, Board, Group and Regulatory bodies. Attending committees to provide updates as required.
• Facilitating and supporting all Line 2, Line 3, external and regulatory IT audit and assurance activity, and resulting actions and remediation plans across RSAII.
• Building strong key business stakeholder relationships with Line 2, Line 3, External auditors, IT teams, Business teams, and IT Outsource partners to ensure effective working relationships.
• Representing the RSAII IT Risk team at Regional and Group IT risk fora and committees.
• Providing oversight and maintenance of a centralised IT Risk Register, audit and RPA/RA action trackers for RSAII.
• Chairing and facilitating IT Risk Meetings within the CIO function and acting as IT Risk Champion for the CIO function.
• Providing oversight of compliance to IT related policies and any gaps identified by internal staff, 3rd parties and IT Outsourcers providers and ensuring they are addressed through IT risk management process.
• Acting as Regional EUCA Co-Ordinator facilitating and providing oversight of EUCA activities across RSAII.
• Guiding and advising management in the preparation, review and approval of IT related remediation plans and localisation/policy adjustments for IT related policies.
• Monitoring, oversight and tracking of all IT remediation actions and plans from L1, L2, L3, external audit, and regulatory assurance activities.
• Supporting the Head of IT Risk & Compliance with strategic planning of IT Controls Validation testing activities.
• Completing quality assurance review and challenge of IT Control Validation detailed testing workpapers to provide Level 1 approval on testing activities completed.
• Coaching and mentoring more junior members of the IT Risk team including the IT Controls Analyst to further develop their competencies in IT risk management practices.
• Demonstrating the RSAII values of Love Simplicity, Do the Right Thing, Better Everyday, Boundless Ambition in carrying out all responsibilities within this role.
• Acting as delegate for the Head of IT Risk and Compliance as required.

Requirements:

• Professional services IT external audit or IT internal audit experience of 5+ years is preferable
• In-depth knowledge of IT Risk Management, IT Governance principles, Information Security risks and controls, IT processes and infrastructure
• Experience executing detailed IT Controls testing
• Strong knowledge of IT General Controls (Change Management, Logical Access and IT Operations [backup and recovery, problem and incident management and job scheduling])
• Experience working with 3rd party outsourced providers
• CISA, CRISC, CISM, CISSP or similar certification is desirable
• 3rd level qualification in related discipline such as Information Systems, Operational Risk Management, Business Management
• Based in Ireland Dundrum Office

RSA Insurance Ireland DAC and its affiliate companies consider applicants on the basis of qualifications and without regard to race, colour, religion, sex, national origin, age, marital or veteran status, sexual orientation, disability or any other legally protected status.