Technology Risk Manager

Sorry, this advert is now closed. Click here to view our live vacancies.
We are working with one of our key clients to hire a Technology Risk Manager.  This is a fantastic opportunity to join a leading brand in Financial Services as they focus their efforts on building their Technology Risk capabilities.
The role will be reporting to the Head of Technology Risk Assurance and will lead a newly formed team responsible for the co-ordination, development, and operation of an enhanced Risk framework for Technology (including security). Working closely with domain and subject matter experts, the team will ensure that Technology risk is effectively monitored and managed across the organisation.
A key task will be to develop and embed the target operating model for Technology Risk across the organisation and building a centre of excellence for Technology Risk Management.
The Manager will act as a key interface for technology risk across with the Technology Leaderships team and wider IT and business teams ensuring that Technology risks are identified and effectively managed. The role holder will also work to embed risk quantification throughout IT and lead the risk input to relevant committees.
The Manager will also provide specialist security risk guidance both internally to the team and more widely across the IT function and business as required.
Who We are Looking For
Our client is a people-led organisation, so applicants will have a customer focus, but will also be able to engage with colleagues, win hearts and minds and bring them along on the journey.
You will have a knowledge of how large-scale business work and how risk impacts every area.  Knowledge of IT audit and assurance is useful, but this is not a black and white, box-ticking role, flexibility and agility is required.
You will have experience of managing a small team and may have a background in Business Information Security.
Work-life balance is important, so any flexibility required around your working day can be accommodated.  The majority of work can be based at home, but there is a requirement to attend the Cardiff office at least once a month, so travel to there shouldn’t be too complicated a journey.
  • Developing a centre of excellence and best practice in risk management.
  • Embedding Technology Risk Target Operating Model.
  • Supporting the development/setting of risk appetite.
  • Ensuring Risk is effectively monitored and managed across IT.
  • Providing Technology Risk Leadership.
  • Developing and monitoring Technology Risk Appetite.
  • Working closely with 2LoD and 3LoD teams to provide risk assurance as required.
  • Defining Risk management strategy.
  • Security risk leadership and pragmatic guidance/advice.
  • Risk leadership and stakeholder management at all levels.
  • Embedding IT/Cyber risk quantification across IT.
  • Providing appropriate risk reporting to committees at various levels.
  • Coaching and mentoring users in risk identification and assessment.
  • Monitoring risk trends, areas of concern and developing mitigation plans with stakeholders.
  • Defining/enhancing IT/Cyber Risk processes and embedding across the business.
  • Risk challenge as appropriate.
Skills and Experience
  • Experience of building/leading a team/function, setting strategic direction and embedding risk practises.
  • Financial Services experience.
  • Subject Matter expertise – Have a deep knowledge of Cyber/Information Security allowing you to be recognised as an expert within the business.
  • Stakeholder management – dealing with stakeholders at all levels gaining commitment for risk initiatives and commitment to drive improvements.
  • Initiative and pro-activity – Take effective and informed decisions using own initiative and based upon a sound understanding of the business issues and challenges of the business.
  • Ability to provide pragmatic, proportionate advice on security risk management.
  • Communication – Clear and appropriate communication for employees at all levels with the ability to discuss technical subjects with both technical and non-technical audiences. Ability to articulate and pitch governance advice, often at a technical level, directly to key customer stakeholders.
  • Planning and Organising – Develop clear, efficient, and logical approaches to tackle issues and problems in a logical, step-by-step way. Ability to effectively collaborate and work independently in a fast-growing organisation.
  • Customer focus – An understanding of customer priorities and a desire to support their expectations.
7 December 2023