Cyber Risk Oversight Senior Manager

Our Enterprise & Operational (E&O) Risk Team, an independent 2nd line risk function are recruiting for a Senior Manager – Technology, Cyber and Change Risk Oversight.

E&O Risk are a trusted advisor to the 1st line of defence. Our key purpose is to enable the business to make effective risk-based decisions, considering operational objectives and priorities, the regulatory environment and underpinned by robust controls and governance.

As part of the Second Line of Defence this role is accountable for supporting the oversight, challenge and monitoring of Technology, Cyber and Change risk in alignment with the Groups Policies, Control Standards and Risk Appetite.

Key responsibilities of this role include:

• To be the 2LoD representative for Cyber Security, embedding the risk framework to ensure effective risk management.
• Deliver oversight activities according to annual Integrated Risk Oversight Plan for Cyber Risk.
• Responsible for the review and approval of Cyber Risk Policies and Control Standards.
• Providing the measurement, oversight and assurance for Cyber Risk.
• Deliver oversight and challenge over the Cyber security risk management strategy to ensure alignment with regulatory requirements
• Develop and produce reporting on the Cyber Risk Profile to the Risk Committees.
• Collaborate with cross-functional teams to support the identification, assessment, recording and management of the Groups Cyber risks.
• Provide leadership, insight and critical challenge to the resolution of Cyber related Operational Risk Events.
• Develop and communicate risk appetite, risk metrics and tolerance thresholds, providing guidance to business units for informed decision-making.
• To ensure that Cyber Risk inputs to the annual ICAAP process are accurate and a fair representation of the levels of associated risk.
• To provide support and guidance to Business Areas to ensure current and future exposure to Cyber risk is identified, measured, managed, mitigated and reported through the appropriate governance in a timely and accurate manner in line with Risk Management Framework.
• Work collaboratively with the appropriate Risk Business Partners.

The role can operate from either Manchester or at the Head Office campus in Binley, Coventry. A team-led hybrid working arrangement is in place.

For this role you’ll already be a credible leader with a positive, practical and supportive approach to assessing and managing operational risks when engaging with all parties.

To be successful in this role it’s essential you have:

• Leadership or matrix-management experience from a risk background within Financial Services or a regulated environment 
• Led strategic or organisational initiatives focusing on risk assessment and impact
• Proven ability to influence senior stakeholders and their teams including the 1st Line of Defence (LOD) and 2nd LOD, whilst liaising with 3rd LOD counterparts
• Excellent understanding of the principles of cyber risk management, the associated regulatory environment and risk management strategies, policies and frameworks.
• Sound knowledge of Cyber Security frameworks with a good understanding of emerging threats and regulatory changes.
• Effective written and verbal communication with experience of writing reports and communications

Desirable requirements

• Experience of managing teams or colleagues through organisational or cultural change
• Professional certifications such as CISSP, CISM, CCISO or CRISC.
• Knowledge of Technology, Cyber and Change frameworks with a good understanding of emerging threats and regulatory changes.