Butterfield Support Services (Halifax) Limited provides centralized shared services and support to the Butterfield Group in the areas of Finance and Accounting, Human Resources, Information Technology, Operations, Client Services and Compliance.

• Leading the IT Controls team, ensuring continuity and operational adequacy of support resources/services.
• Ensuring that IT Controls processes and procedures are delivered and operated according to the principles of professional practices and standards, accountability, openness, clarity of roles and responsibilities, and that there are effective systems for delegation, audit, and control.
• Responding to auditors, regulators and customer queries related to IT applications, systems, and controls.
• Assessing and reporting on the conformity to IT controls, processes, deliverables, and services against the criteria of agreed standards.
• Effectively leading specialist technical staff and managing external consultancy/contract resources.
• Overseeing the authorization and allocation of appropriate access rights to networks, systems, applications, data, email facilities, and internet/intranet facilities, as well as physical assets, such as server rooms, comms cabinets, etc.
• Overseeing the provision and monitoring of control activities to ensure that user access changes, including new responsibilities, new joiners and departers are all controlled, and measures taken to ensure that confidentiality, integrity, and availability are maintained.
• Ensuring that all monitoring activity complies with the requirements of applicable regulatory frameworks, including but not limited to data protection and human rights legislation.
• Identifying and investigating unauthorized access and ensuring compliance with relevant policies and legislation.
• Ensuring Privileged Access Management processes are in place and operate effectively for IT systems and applications.
• Ensuring the resolution (both reactive and proactive) of issues within the IT Controls remit, including the classification, prioritization and initiation of action, documentation of root causes, and implementation of remedies to prevent future incidents/reoccurrence.
• Maintaining an in-depth knowledge of necessary technical specialists within own area of responsibility and to provide expert advice regarding them.

• Five to ten years’ experience in a Technology Controls, IT Risk or similar role.
• Supporting industry level qualifications such as CISA or CRISC.
• Previous experience leading high performance IT teams.
• Knowledge of relevant US, international and domestic legislation applicable to the IT Risk environment within the Groups operating jurisdictions (e.g. SOX, data protection, and cyber related topics).
• Experience with Business Continuity Planning within the context of IT Risk
• Awareness of the principles, processes and practices associated with consultancy within the technology environment.
• Proven track record of delivering similar capabilities.
• Effectively delegate tasks, responsibilities, and authorities, as well as directing other to undertake specific tasks.
• Willingness to travel to other offices to a level necessary to perform the role effectively.
• Goal oriented with a strategic focus on agreed objectives, deliverables, and strategies.