GRC (Governance, Risk and Compliance) Manager – IT Planning
Direct message the job poster from SuMi TRUST Global Asset Services
HR Officer | Recruitment | Administrator | Executive Assistant | Dedicated to building strong relationships and delivering on all tasks.
GRC (Governance, Risk and Compliance) Manager – IT Planning
Location: Dublin
Department: IT Planning
Grade: AVP
Reporting to: IT Planning Manager – Vice President
Company
SMT Fund Services (Ireland) Limited is part of SuMi TRUST Global Asset Services and is wholly owned by Sumitomo Mitsui Trust Bank, Limited, one of Japan's largest financial groups.
We provide fund administration services for a wide range of investment products, including alternative and regulated funds, handling all components necessary to produce accurate NAVs regularly.
Department
The IT Planning Department (IPD) develops the IT Road Map, manages IT projects, and establishes standards through policies to support IT Quality and Risk Management activities. It also collaborates with SMT Tokyo headquarters for oversight and strategic alignment.
The GRC (Governance, Risk, and Compliance) function ensures compliance with regulations, manages audits, policies, and controls, and collaborates with Compliance, Outsourcing Oversight, and ERM departments to align with regulatory standards.
Role Overview
The GRC Manager ensures SMT Ireland’s compliance with regulations, effective risk management, and enhancement of IT governance frameworks.
Core Responsibilities
1. Lead compliance and audit readiness efforts, develop frameworks and tracking tools, and coordinate audit activities with stakeholders, embedding compliance into organizational processes.
2. Oversee IT risk management, including maintaining the IT Risk Register, conducting vulnerability assessments, and coordinating with Information Security to mitigate risks.
3. Manage governance documentation and application inventories, ensuring timely reviews, updates, and compliance of policies and IT asset records.
4. Drive access governance initiatives, including implementing least privilege access models, role-based controls, and delivering GRC training across units.
5. Manage third-party vendor relationships, ensuring risk management, due diligence, and regulatory compliance, including exit strategies and risk assessments.
6. Establish and monitor KPIs and KRIs for GRC processes, using insights for continuous improvement.
7. Support staffing activities such as recruitment, staff development, and retention aligned with corporate goals.
8. Perform other duties as assigned.
9. Proven experience in GRC or related roles, with strong analytical skills and understanding of GRC practices.
10. Hands-on experience with frameworks like GDPR, NIST, ISO 27001, including audit coordination and response.
11. Solid understanding of cybersecurity principles and controls.
12. Effective project and change management skills to advance GRC initiatives.
13. Excellent communication skills across all levels, including senior management.
14. Relevant GRC certifications such as CISA, CISM, CRISC, or CGEIT.
*********************
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Information Technology
#J-18808-Ljbffr