GBBC Member Careers

Technology Risk Lead



IT, Operations
London, UK
Posted on Saturday, May 27, 2023

About CLS

CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars’ worth of currency flows through our systems each day.

Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world’s most actively traded currencies. We deliver huge efficiencies and savings for our clients: in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.

CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle – whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.

Our ambition to make a positive difference starts with our people. Our values – Protect, Improve, Grow – underpin everything that we do at CLS and define and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking.

Job Description

May 19, 2023


CLS helps clients navigate the changing FX marketplace – reducing risk and creating efficiencies. Our extensive network and deep market intelligence enable CLS specialists to lead the development of standardized solutions to real market problems. Our innovative, forward-looking products make the trading process faster, easier, safer

and more cost-effective – empowering our clients’ success.

Functional title

Technology Risk Management Lead


New York, New Jersey, London

Corporate title

Technology Risk Management Lead

Report to

Head of Technology & Information Security Risk Management (TISRM)



No. of direct reports


Job purpose

The Technology Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by CLS to identify, measure, monitor and mitigate technology risks. The successful candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of technology management processes and controls. This position is highly engaged with the firm-wide Technology teams who provide technology solutions as well as all corporate departments that own technology risk.

Essential Function / major duties and responsibilities of the job


· Mature the firm’s technology risk program by developing a universe of technology risks based on organizational analysis, regulatory exposure, industry factors and strategic priorities by articulating framework requirements through policy and procedures utilizing industry best practice

· Support CRO, and head of Enterprise Risk Management and Operational Risk in establishing and communicating the organization’s ORM Framework driving the efficacy of the technology risk management program

· Identify trends and shape discussions leading to process improvements mitigating operational risks at CLS

· Embed risk framework throughout the organization via projects, programs and business processes to improve risk culture throughout the firm


· Lead a team of technology risk professionals in executing oversight of technology risks in projects

o Provide subject matter expertise to business units to drive, guide and influence the 1st Line ownership, clarity and assessment of technology risks & controls

o Assess and challenge technology risks & evaluate IT risk indicators

o Prioritize IT monitoring activities & prioritize and align technology audit activities

o Review and monitor the progress of actions and validate appropriateness of actions for closure

o Thematic review of incidents and associated proposed actions to address root cause

o Document 2LoD challenge of the 1LoD assessment of Risk appetite quarterly to support the Enterprise Risk management (ERM) program

o Annual review and assessment of the technology key risk indicators including thresholds, risk taxonomy

o Annual review and update of Technology Risk procedures and project checklist

o Mature the firm’s technology risk profile by developing a universe of technology risks based on organizational analysis, regulatory exposure, industry factors and strategic priorities

o Ensure Technology risks are tracked managed and reported on to articulate the current risk exposure

o Prepare monthly and quarterly ORM/ERM reports and present these to IT Management

· Projects

o Represent ORM in working groups and Project Boards for major projects that may impact the firm risk profile.

o Work with business partners to challenge the quality of the project inherent risk assessments (PIRA) completed and contribute to the independent risk review for projects.

o Oversee ORMs independent challenge of technology project portfolio

· Products/services

o Works closely with the relevant stakeholders to ensure new products/services identified are managed in line with operational risk thresholds and with prudent, comprehensive risk assessments to minimize negative impact to CLS or the ecosystem.

· Internal Audit

o Triage internal audit requests and challenge internal audit observations and actions for clarity, impact and appropriateness

· Regulatory engagement

o Engage clear and transparent communication with the regulators to ensure we give an accurate picture of risks to the business.


· Assist Head of TISRM by taking a leadership role in driving the culture of engagement, teamwork and accountability

· Lead projects in co-ordination with Operational Risk team to enhance the ORM framework and assist with implementation of best practices

· Assist Head of ORM with implementation and sustainability of Risk framework (i.e. review and update ORM procedure / guidance documents, reporting etc.)

· Interact with and / present to the Federal Reserve Bank of New York in regular ORM continuous monitoring meetings and selected projects

· Ability to partner, influence, and gain credibility with the business

Experience / essential and desired for successful job performance

· 10+ years of technology risk / assurance, preferably in financial services or another regulated industry

· Experience and in-depth understanding of the different system development lifecycle practices, Agile methodologies and system architecture best practices, infrastructure and network management

· Experience of the COBIT framework

· Experience in the Operational Risk discipline, establishing framework and on-going process in accordance with best practices and Basel requirements.

· Experience managing the delivery of new financial products or services that involve Information Technology systems changes

· Ability to operate in an independent manner without close supervision is essential as assessments must be sound and must contain a thorough command of the risk regime of the company.

Qualifications / certifications

· Industry certification preferred, e.g. Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certificate of Cloud Auditing Knowledge (CCAK).

· Experience of using structured methodologies (e.g. Prince2, ITIL, PMI, APM, Lean/Six Sigma)

· Experience in MS Office suite, including Excel, Word, Project and Visio

Knowledge, skills and abilities / competencies required for successful job performance

· Knowledge of applicable internal and/or external regulatory policies, standards, procedures and controls (e.g. International Organization for Standardization (ISO) 27000, National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT), Cyber Essentials, Centre for Protection of National Infrastructure (CPNI), OWASP Top 10, SANS Top 20 Critical Controls, Information Security Forum (ISF)), and relevant IT Risk frameworks

· Judgement and decision making

· Communication & Influence

· Teamwork & Professionalism

Success factors / ‘How’. Personal characteristics contributing to an individual’s ability to excel in the position

Risk Management

1. Takes personal responsibility and accountability for solving operational risk related problems to meet organizational standards

2. Identifies and appropriately manages/escalates potential risks

3. Assist business partners with their identification of process / control related issues.

Judgement and Decision Making

4. Makes decisions that have moderate and at times high impact within a function, producing positive or negative effect for efficiencies, delays, and contribute to financial gain or expense

5. Contributes significantly to achieving cross-functional, consensus driven decisions by engaging and influencing others

Work Complexity and Innovation

6. Manages work guided by established policies; and regularly establishes new procedures and policies as required

7. Drives innovative solutions that contribute to the success of the department and/or viability of the organization

Communication and Influence

8. Delivers, directs, and facilitates communication amongst the function and to business functions

9. Resolves conflicts, influences outcomes on matters of significance for the division


10. Identifies opportunities to improve the effectiveness or efficiency of key processes within a function and/or across functions

Teamwork and Professionalism

11. Builds strong relationships across the organization

12. Drives teamwork and cooperation with others to arrive at consensus driven decisions

13. Demonstrates the CLS values, superior professionalism and ethical conduct

Personal Effectiveness

14. Adapts to unexpected changes in circumstances and re-prioritises the team's approach and activities

15. Plans and prioritises, establishing a course of action leading to successful achievement of the team's objectives

16. Designs and implements new working practices and structures which deliver improvements for the team

Our commitment to employees

At CLS, we celebrate diversity and consider this to be one of our strongest assets. We are committed to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including:

  • Holiday - UK/Asia: 25 holiday days and 3 ‘life days’ (in addition to bank holidays). US: 23 holiday days.
  • 2 paid volunteer days so that you can actively support causes within your community that are important to you.
  • Generous parental leave policies to ensure you can enjoy valuable time with your family.
  • Parental transition coaching programmes and support services.
  • Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others.
  • Affinity Groups (including our Women’s Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I.
  • Hybrid working to promote a healthy work/life balance, enabling employees to work collaboratively in the office when needed and work from home when they don’t.
  • Active support of flexible working for all employees where possible.
  • Monthly ‘Heads Down Days’ with no meetings across the whole company.
  • Generous non-contributory pension provision for UK/Asia employees, and 401K match from CLS for US employees.
  • Private medical insurance and dental coverage.
  • Social events that give you opportunities to meet new people and broaden your network across the organisation.
  • Annual flu vaccinations.
  • Discounts and savings and cashback across a wide range of categories including health and retail for UK employees.
  • Discounted Gym membership – Complete Body Gym Discount/Sweat equity program for US employees.
  • All employees have access to Discover – our comprehensive learning platform with 1000+ courses from LinkedIn Learning.
  • Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.