Join RSA and make a difference every day.
At RSA and we empower our customers to make a difference in their lives. And the same goes for our employees.
We have offices in Belfast, Galway and Dublin, where we’ve embraced hybrid working and empower our people to work flexibly to suit their needs and those of our customers. Our Dublin office is also home to our sister-company 123.ie.
Our diverse customer base benefits from the diverse perspectives of our teams that serve them, solving complex problems with creative ideas.
As proud member of the Intact family, we’re part of something bigger with a presence in North America, the UK, and Europe. Our business has grown organically and through acquisitions to over $20 billion of total annual premiums.
We want you to succeed with us and grow with us – and we’ll give you the tools, flexibility and learning opportunities you need to do it.
And, if you bring your best, then we promise to give you, our best.
Culture and Community
RSA is a purpose-driven business – our purpose is to ‘help people, businesses, and society prosper in good times, and be resilient in bad times’.
We do that by living our values – Integrity, Respect, Customer-driven, Excellence, and Generosity – in everything that we do.
We provide an open and honest workplace – where everybody contributes, and every view is listened-to and respected.
Generosity is in our DNA and is the value that guides and enables our people to help others, protect the environment and make our communities more resilient. It drives our efforts to care for people and to give our time, financial resources and talent. We’re also committed to helping society adapt to a changing climate taking reasonable care to ensure that our business activities are conducted in an environmentally sustainable manner.
Our stats don’t lie… in our annual engagement survey
95% of our people are committed to driving innovation and change
91% of our people celebrate the diversity in their teams and wider company
90% of our people feel safe to share they’ve made a mistake
89% of our people strive to recognise colleagues for the amazing work they do
89% of our people know how their job supports the company’s strategy
So if you want to make a difference every day, we’d love to have you.
Senior IT Risk and Compliance Specialist
The role of Senior IT Risk and Compliance Specialist is a key position within our business. This role will involve advising, guiding and supporting IT leadership and management in carrying out their IT risk management responsibilities. The role will also involve designing, developing, monitoring, and reporting on IT Risk, Control and Compliance frameworks and maintaining our IT policies, procedures, standards, guidelines, and reporting requirements. In addition, this role will be responsible for co-ordinating and supporting Line 2, Line 3, external, and regulatory IT audit activity, resulting actions and remediation plans. This role is also responsible for managing Line 1 IT Control Validation activities to deliver against the agreed plan.
A key responsibility of this role is the effective management and facilitation of IT Risk Reporting on behalf of the CIO. Regular and accurate IT Risk Reporting, that can be easily and clearly interpreted by the business, is key to enabling Senior and Executive Management and the Board understand any potential exposure to the organisation.
Reporting to the Head of IT Risk and Compliance, this role will work closely with the IT teams within the CIO function, our IT Outsource partners and the Risk, Financial Control and Audit teams locally and across the Group. The role holder will work with key business stakeholders across all RSAI locations, providing advice, and guidance on managing IT risks and concerns, and ensuring compliance with the appropriate policies and standards.
- Managing and facilitating IT Risk reporting on behalf of the CIO to local executive management, Committees, Board, Group and Regulatory bodies. Attending committees to provide updates as required.
- Building strong key business stakeholder relationships with Line 2, Line 3, External auditors, IT teams, Business teams, and IT Outsource partners to ensure effective working relationships.
- Facilitating and supporting all Line 2, Line 3, external and regulatory IT audit and assurance activity, and resulting actions and remediation plans across RSAII.
- Supporting the Head of IT Risk and Compliance with strategic planning of Line 1 IT Control Validation testing activities.
- Managing Line 1 IT Control validation activities in conjunction with our strategic partner to deliver IT policy requirement and control objective testing in line with agreed plan.
- Advising, guiding and supporting management in carrying out their IT risk management responsibilities in all aspects of IT risk including identification, assessment, triage, evaluation and management of IT risks.
- Providing IT Risk and Compliance related advice, support and assistance to all business areas to ensure compliance with policies, procedures, standards, guidelines and reporting requirements.
- Designing, developing, monitoring and reporting on IT Risk, Control and Compliance frameworks including the IT Risk Profile, IT Risk Appetite and associated Governance Frameworks, associated tooling and reporting submissions.
- Representing the RSAII IT Risk and Compliance team at Regional and/or Group IT risk fora and committees.
- Providing oversight and maintenance of a centralised IT Risk Register, audit and RPA/RA action tracker for RSAII.
- Chairing and facilitating IT Risk Meetings within the CIO function and acting as IT Risk Champion for the CIO function.
- Providing oversight of compliance to IT related policies and any gaps identified by internal staff, 3rd parties and IT Outsourcers providers and ensuring they are addressed through IT risk management process.
- Guiding and advising management in the preparation, review and approval of IT related remediation plans and localisation/policy adjustments for IT related policies.
- Monitoring, oversight and tracking of all IT remediation actions and plans from L1, L2, L3, external audit, and regulatory assurance activities.
- Completing quality assurance review and challenge of IT Control Validation detailed testing workpapers to provide RSAII oversight on testing activities completed.
- Coaching and mentoring more junior members of the IT Risk and Compliance team to further develop their competencies in IT risk management practices.
- Demonstrating the RSAII values of Integrity, Respect, Customer-Driven, Generosity and Excellence in carrying out all responsibilities within this role.
- Acting as delegate for the Head of IT Risk and Compliance as required.
- In-depth knowledge of IT Risk Management, IT Governance principles, Information Security risks and controls, IT processes and infrastructure and/or IT external audit or IT internal audit experience of 3-5+ years is preferable
- Strong experience is Stakeholder Management across IT Risk Management, Audit, Assurance activities
- Strong knowledge of IT General Controls (Change Management, Logical Access, and IT Operations [backup and recovery, problem and incident management and job scheduling])
- General knowledge of IT Controls testing would be an advantage
- Experience working with 3rd party outsourced providers
- CISA, CRISC, CISM, CISSP or similar certification is desirable
- 3rd level qualification in related discipline such as Information Systems, Operational Risk Management, Business Management is desirable
- Eagerness to increase IT risk management and control environment knowledge
- Problem Solving mindset and Can-Do Attitude
- Based in Ireland - Hybrid/Dundrum Office
RSA Insurance Ireland DAC and its affiliate companies consider applicants on the basis of qualifications and without regard to race, colour, religion, sex, national origin, age, marital or veteran status, sexual orientation, disability or any other legally protected status