Employer: Broster Buchanan Ltd
Salary:
Date Added: 25/04/2024
- Group Technology and Change Risk Management (ISO27001, NIST)
- Enterprise Risk Management Framework, KRI’s
- Information Security Risk Management
TECHNOLOGY & CHANGE RISK LEAD (Bournemouth, Stockport or London) Hybrid – 2 days in office per week
Our client is in the Financial Services sector and this role supports the CRO in ensuring the successful application of their Enterprise Risk Management Framework, and specialist support in regard to managing Technology and Change risks, and the promotion of a positive risk culture across the Businesses, meeting the needs of the business, customers and regulators.
You will lead the delivery of business partnering and Risk Management practices in Technology and Change risks. Encourage technology and change controls and risk management as well as provide ‘2nd Line of Defence’ activity and administration of the various risk reporting processes across the businesses.
Independently assess the systems and controls in place to manage the risk profile. Facilitate the improvement of assurance processes (End User Applications, IT Controls Frameworks, Internal and External Audit guidance) supporting the maturing of risk and control profiles.
ROLE
The role will be expected to work with and manage stakeholders across the business at all levels including ExCo, Senior Management and ‘Risk Delegates’ as well as promoting good risk management practices across the more junior levels of the organisation through the Risk and Compliance Team.
Group Technology and Change Risk management
- Oversee reporting of IT Strategy and Cyber risks, conduct IT Risk Assessments for Business and Technology Services
- Oversee the Information Security Risk management and understand the monitoring of Cloud and Web platforms
- Ensure business is aligned with industry Frameworks such ISO27001/2, NIST and ITIL
ERM Framework, Risk Reporting and Monitoring
- Support embedding of the ERM Framework, with a focus on Technology and Change Risks. Promote and embed best practice in managing risk, and the impact that this will have on business activity and processes
- Oversee ‘1st Line’ business management in the maintaining risk registers and capturing the systems and controls in place to manage risk, including facilitation of risk and control workshops
- Independently assess and challenge the risk and control registers and work with the business to improve their integration and information gathering, allowing the business (in particular the 3rd Line of defence) to disseminate business, risk and compliance activities
- Support monitoring and reporting of Technology and change risk appetites, through supporting the development and maintenance of Key Risk Indicators
- Implement and manage process for the company policy framework
- Oversee risk appetites and develop and maintain Key Risk Indicators
- Oversee and challenge the business on live incident management issues and request full root cause reviews
- Supporting operational resilience testing plans and reporting
Assurance
- Lead and provide ‘2nd Line’ support/challenge/assurance to the relevant areas of business or functional areas of responsibility where required
- These may take the form of general controls review and testing, or ‘deep dives’ of a more technical nature
SKILLS
- Experience of working within financial services for at least three years in a senior risk role
- Working with front line business units in implementing and enhancing risk management frameworks through risk and control workshops
- An understanding of risk frameworks, risk reporting and setting of risk appetites
- Experience of leading, motivating, planning, organising and managing teams (or virtual teams) towards delivery of objectives within scope, budget, quality and time
- Technology risk experience, including embedding and challenging technology controls and infosecurity
You will be rewarded with a competitive base salary and performance bonus as well as a great pension and other benefits.
Application Deadline: 26/05/2024
Contract Type: Permanent
Submitted Applications: 0