Janus Henderson Investors IT Ops Risk & Business Continuity Manager in Denver, Colorado
Janus Henderson Global Investors is a leading independent global asset manager, dedicated to delivering the best outcomes for clients through a broad range of actively managed funds.
We provide our institutional, retail and high net-worth individuals with access to skilled investment professionals representing a broad range of asset classes including, equities, fixed income, multi asset and alternatives.
We are a team of independent thinkers who work tirelessly to help our clients achieve their goals – and we do it by fostering an energetic and collaborative culture that ensures our people love the place they work.
Headquartered in London, Janus Henderson is a truly global asset manager with a diverse geographic footprint, managing assets from 27 offices globally and employing more than 2,000 staff.
Overview of the Role
The IT Operational Risk and Business Continuity Manager is responsible for establishing and maintaining Janus Henderson Investors’ overall IT operational risk management and business continuity functions. The individual in this position is responsible for identifying, evaluating and reporting on IT operational risks in a manner that meets Janus Henderson Investors’ regulatory and other compliance requirements, and to maintain, manage and govern IT's BCM function for recovery from all types of business disruption risks (natural, technical, geopolitical, accidental, workforce, supplier) across the entire geographic footprint of the enterprise. The IT Operational Risk and Business Continuity Manager works proactively with the various business units and other internal departments and organizations to implement practices that meet Janus Henderson Investors’ defined policies and standards.
As a risk manager, the role is the "process owner" for all of Janus Henderson Investors’ IT-related risk assessment and identification activities, for the company's IT systems and information assets and for its IT-dependent strategic business objectives. A crucial element of the risk manager's role is working with senior executives, line-of-business managers and other key decision makers to determine acceptable levels of residual risk for the company as a whole and for various internal departments and organizations.
As a business continuity manager, the role is the “process owner" for all of Janus Henderson Investors’ IT-related business continuity activities. The role is responsible for the planning and execution of IT business continuity tests, and maintaining business continuity and technical recovery plans in accordance with the Enterprise Business Continuity Management (BCM) framework.
The ideal candidate for this position is a proven thought leader, problem solver and integrator of people and processes, as well as an effective internal consultant. The candidate must also possess solid domain competencies in a number of IT-risk-related disciplines, including security, business continuity management, audit coordination, privacy and compliance. The IT Operational Risk and Business Continuity Manager must be much more than simply a technology and controls expert, he or she must also possess significant management and communications skills and industry specific business knowledge.
Duties and Responsibilities
Liaising with the Enterprise Risk Business Partners and Business Continuity teams, ensuring compliance and alignment with the Enterprise Risk and Business Continuity frameworks
Liaising with audit (internal and external) and coordinating audit activities
Guiding the development and implementation of internal policies and procedures, ensuring that activities are consistent with objectives, operating model and organizational strategy
Supporting the identification and documentation of risks and control weaknesses, and mitigation of those risks and weaknesses
Assessing, monitoring, and controlling the Technology risk portfolio
Supporting the currency of Technology Business Continuity and Technical Recovery Plans
Development of Business Continuity and Technical Recovery Test Plans
Coordinating Technology involvement in Business Continuity (including Crisis Management) exercises in partnership with 2nd Line Business Continuity function
Assumes additional duties as assigned
Technical Skills and Qualifications
Reports directly to Janus Henderson Investors’ Head of IT Strategy and Planning.
Tracks and reports risk management trends, opportunities and remediation monthly.
Works closely with Enterprise Operational Risk and the Information Security, Compliance, Business Continuity Management and Privacy organizations to develop and implement effective IT risk management practices.
Makes recommendations to the Head of IT Strategy and Planning, appropriate risk governance committees, line-of-business managers concerning IT-risk-related controls.
Acts as risk management liaison with all levels of the IT organization and with the lines of business and other internal departments and organizations.
Supervises the IT-risk-management-related activities of indirect reports and others.
Education: A bachelor of science is preferred, with a focus on IT- or IT-risk-related disciplines (for example, security, privacy, business continuity management and compliance). A business degree is beneficial.
Professional certifications: Certified Information Security Manager, Certified Information Systems Security Professional or equivalent is beneficial.
Five to seven years of experience in IT risk management or a related discipline (for example, security, privacy, business continuity management or compliance).
Basic knowledge of a broad range of standards and frameworks — for example, International Standards Organization (ISO) 27001, IT Infrastructure Library and ISO 20000, Capability Maturity Model Integration and Six Sigma
Knowledge of common risk management methodologies — for example, Control Objectives for Information and Related Technology and Committee of Sponsoring Organizations Enterprise Risk Management
Key Behaviors and Competencies
In-depth understanding of strategic business risks
Ability to develop a comprehensive understanding of Janus Henderson Investors’ business, market and industry and relate that knowledge to identified operations- and IT-related risks
Knowledge necessary to propose relevant IT responses to changing business risks and regulatory changes
Proven ability to communicate with people at all levels — from developers to the CIO
Excellent written and verbal communication skills — including the ability to effectively communicate security- and risk-related concepts to technical and nontechnical audiences — and strong interpersonal and collaborative skills
Strong skills as a negotiator, to facilitate commitment to, and sign-off on, appropriate levels of residual risk from line-of-business managers
High level of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally and with the appropriate level of judgment and maturity
High degree of initiative, dependability and ability to work with little supervision
Ongoing competence in the role to be assessed by:
Annual Performance Appraisal
Completion of all assigned Compliance training
Working Environment/Physical Activities
Overtime may be required on short notice and may include evening, weekend, holiday hours
Typical office environment with PC, telephone, copier, fax machine, etc.
Janus Henderson Investors (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee’s job functions (as determined by Janus Henderson Investors at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investors' Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants’ past political contributions or activity may impact applicants’ eligibility for this position. Janus Henderson Investors is an equal opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.