Job Title: Lead Risk & Control Analyst

Job Code: 10683

Country: IN

City: Mumbai

Skill Category: IT\Technology

Description:

Nomura Overview:

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

Nomura Services, India supports the group’s global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group’s global operations.

At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards.

Department overview

The GCIO function oversees group-wide technology, operations, and our data office. Our purpose is to support Nomura’s business strategy and deliver consistent group-wide services based on common operating principles. We are aligned to our key businesses across the group and operate enterprise-wide functions for risk management, governance and controls, supply chain and infrastructure.

The Chief Controls Office (CCO) is a key function within GCIO and our purpose is aligned to the GCIO Strengthen & Protect strategic pillar. We are a global team focused on strengthening GCIO’s non-financial risk management framework enabling the business to accelerate strategic delivery, whilst enhancing our ability to dynamically manage risks and evidence that we are operating in control.

CCO function is on a multi-year global transformation journey which starts with building the right foundations especially the right skills and capabilities within our global team.

Role description

Nomura in Powai is looking for a Controls Associate to support the India Head of Controls (HoC) service. This team provides risk management advisory and partnering cover, and the role will be responsible for embedding the GCIO Risk Management framework across the region, driving adherence, and strengthening the risk and control culture.

The role offers great potential for involvement across the IT organization as well as interfacing closely with the Operational Risk department, Legal, Compliance, Regulatory Affairs, Business Resilience, Vendor Management, Internal and External Audit.

The position reports to the Controls Lead (VP), India.

You will work with our IT Business Units and IT leads to fully understand and actively manage the Firm’s Technology risk profile. In your risk management oversight role, you will need to be able to navigate a landscape of competing priorities – understanding which risks to prioritize and which to accept, provide advice and challenge to senior stakeholders, and facilitate and communicate the minimum risk management requirements.

You will be using your collaboration & influencing skills to develop and sustain strong working relationship across our Technology teams globally and Business stakeholders.

Key Responsibilities

- Support the Technology risk forum for Powai
- Support implementation and embedding of the GCIO Risk Management Framework
- Support the creation and implementation of policies, standards, controls, indicators etc.
- Support Technology functions and divisions to perform impact assessment on new group-wide standards
- Oversee timely and effectively completion of Risk and Control Self-Assessment
- Oversee control testing, documentation, and remediation efforts
- Oversee the identification, assessment, and management of control issues
- Partner with technology leadership to integrate controls into system development lifecycle and operational processes
- Provide guidance on control design and effectiveness to multiple technology teams
- Support controls lead to drive automation initiatives for control monitoring and reporting
- Support impact assessments for new technology initiatives and changes, e.g., Cloud, AI
- Support effective engagements with 2LOD, 3LOD, auditors, regulators etc.
- Participate in the firm’s risk management forums and committees as necessary

Skills & Experience Required

8-10 years’ experience in Technology Risk Management (First Line of Defense) in the financial services industry
Strong understanding of risks relevant to GCIO – such as Information Technology (IT), Information Security (IS), and/ or Data Management
Breadth of experience in non-financial risk management, for example, Risk Appetite, Risk Taxonomy, Control Library, Risk and Control Self-Assessment, Controls Testing, Issue Management, Scenario Analysis, KRIs, KCIs etc
Strong communication skills, both verbal and written, with the ability to influence and engage stakeholders at all levels. You should be comfortable in a matrixed managed environment
Experience operating in a regulated environment and managing stakeholders across the Three Lines of Defense.
Knowledge of control frameworks (COBIT, ISO, NIST etc.)
(Preferred) Experience with GRC tools such as ServiceNow Integrated Risk Management or similar
(Preferred) experience in IT/Cyber regulations, especially from India regulators like SEBI, RBI
Demonstrated ability to effectively collaborate with globally dispersed teams.
Accuracy and attention to detail
Ability to think laterally and take a pragmatic approach, when necessary, to issue resolution

Qualifications

B.E / B.Tech / MCA / M.Tech
(Preferred) Risk management certification, e.g. CISA, CISM, CRISC, CISSP

Nomura Leadership Behaviours:

Leadership Behaviours	Description	Element
Exploring Insights & Vision	Comprehensively analyse the nature of the problems we face and set our focus toward the future vision	-Gather Intelligence -Create a vision -Identify an issue
Making Strategic Decisions	Analyse options and feasibility to resolve issues, in making judgments and recommendations	-Identify countermeasures -Assess feasibility Make a judgment
Inspiring Entrepreneurship in People	Promotes the vision and goals to others in such a way that inspires commitment and independent contributions	-Influence -Inspire -Commit
Elevating Organizational Capacity	Maximize organizational productivity through leadership development and engagement	-Have an Ownership in Own Development -Support other‘s growth -Encourage organizational growth
Inclusion	Respect diverse perspectives and promote psychological safety and the creation of a risk culture	-Foster psychological safety -Encourage the active participation of all talent -Foster a risk culture

The firm is an equal opportunity employer, and we are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. The firm and its affiliates prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer’s responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age.