Head of the Operational and Cyber Risk Unit
The EIB, the European Union’s bank, is seeking to recruit for its Risk Management Directorate (RM) – Coordination Division (COORD) – Operations Risk Unit (OPR) at its headquarters in Luxembourg, a
Head of the Operational and Cyber Risk Unit
This is a full time position at grade 5/6
The term of this contract will be 4 years
Panel interviews are anticipated for the end of January 2019
The EIB offers fixed-term contracts of up to a maximum of 6 years, according to business needs, with a possibility to convert to a permanent contract, subject to organisational requirements and individual performance.
Contribute to the definition and implementation of the Bank’s Operational and Cyber risk framework based on four key building blocks:
- Governance & Ownership; clear lines of responsibility, policies and standards
- Taxonomy & methods; common language and agreed processes and procedures.
- Skills & Capabilities; team and organisational ability to prevent and manage related risks.
- Technology & data; monitoring, assessing and reporting of related risks.
The above, in order to minimise and mitigate relevant risks, and achieve the set targets for the Bank within the framework of the EIB Group objectives and Risk Appetite and in line with the Best Banking Practices (BBP).
S/he will lead a team of operational risk officers and report to the Head of RM’s Coordination Division, with a dotted reporting line to the Regulation and EIB Group Risk Department. S/he will interact with the Audit Committee on operational risk matters. Particular attention will need to be paid to ensure alignment with Compliance Directorate (OCCO), Inspectorate General (IG) and (Financial Control) FC with regards to Operational Risk roles and responsibilities.
- Contribute to the drafting and implementation of the Bank’s second line of defence cybersecurity framework, as well as its security incident response program. Coordinate the development of the related internal policies, processes and procedures. Assist the Head of Division with the definition of the overall strategy.
- Represent Operational and Cyber Risk in working groups and Steering Committees.
- Establish the Bank’s Risk Appetite in terms of Operational and Cyber risk. Control, evaluate and monitor operational risk and cyber security in accordance with the Risk Appetite established.
- Manage and improve the implementation of measurement methodologies for Operational and Cyber Risk (in the context of the Bank’s compliance with Best Banking Practices)
- Monitor EIB’s internal and external cyber security policy compliance and controls, ensuring that both the vendors and employees are working within the framework of the above-mentioned strategy.
- Implement Key Cyber Risk Indicators to monitor and track control effectiveness.
- Plan, organise, and supervise the activities of the unit. Ensure an effective cooperation among team members and the rest of the Bank’s staff. Propose streamlining of unit procedures.
- Recruit and develop professional staff to ensure that staff within the Unit have the right competencies, objectives and motivation in order to realize the overall strategy. Develop mandatory awareness training for EIB staff. Ensure close cooperation with front line staff, notably CS/IT and CS/IMP.
- Manage the production of the monthly Operational Risk Report as well as of the Operational Risk section of the Risk Report
- Follow-up and report on all Operational and Cyber incidents and ensure their recording in the Bank’s loss event database. Review controls, procedures, processes and systems, recommending improvements as necessary
- Evaluate the new IT tools to be used by EIB for its transactions, and help implement any controls that might mitigate the risk of its operations.
- University degree, preferably at master level, in IT, Economics, Banking, Finance, Mathematics or Statistics
- Minimum 8 years’ experience in operational risk management or in another control function such as audit
- Experience in leading and coordinating multifunctional and/or transversal teams and proven track record of success
- Very good knowledge of quantitative techniques and statistical models used in operational risk
- Knowledge of the main software applications and databases used in the Operational Risk service at the Bank (e.g. as SAS). Ability to learn new IT techniques and to anticipate operational risk issues
- Good knowledge of Operational Risk regulations and best practices such as BCBS and EBA Guidelines
- Fluent English is essential. Knowledge of other EU languages such as French (*) would be an advantage
- Achievement Drive: Continually keeps an eye on performance, focusing on improving it, showing drive and determination to meet short and long-term goals.
- Change Orientation: Adapts to differences and changes in the environment; takes a flexible approach to reach outcomes.
- Collaboration: Works cooperatively as part of a team; works collaboratively with peers across organisational boundaries based on a genuine interest in and an accurate understanding of others and their individual perspectives and concerns.
- Organisational Commitment: Is willing to commit to an organisation whose mission is to support Europe and is open to diversity, and to align her/his own behaviour with the organisation’s needs and intrinsic values, acting with integrity in ways that promote the organisation’s mission, policies and rules.
EIB managerial competencies
- Developing Others: Builds the long-term capability of others by guiding and developing them to make the most of their competence and potential, based on an accurate understanding of their true strengths and development needs.
- Strategic Thinking: Thinks about the long term organisational strategy and how to align to and implement it; comes up with useful new strategic insights.
- Team Leadership: Builds a high performing team, ensuring it is focused, motivated and inspired to achieve organisational objectives, encouraging performance excellence and addressing underperformance when required.
(*) There may be certain flexibility on this requirement, but limited to particularly suitable candidates who may not yet be proficient in French. If selected, such candidates will be hired on the condition that they build up rapidly knowledge of French and accept that their future career in the EIB may be subject to the attainment of sufficient proficiency in both of the Bank's working languages.
Please apply via the 'Apply' button.
We are an equal opportunity employer, who believes that diversity is good for our people and our business. As such, we promote the inclusion of suitably qualified and experienced staff without regard to their gender, age, racial or ethnic origin, religion or beliefs, sexual orientation/identity, or disability (*).
(*). We particularly welcome applications from women and persons with disabilities.
Deadline for applications: 15th November 2018