Job Description
Senior Operational Risk Manager for IT and Cyber Risk required for tier one bank. The role will be focused on cloud and emerging technologies risk. You will be supporting the Head of Cyber and New Technology Operational Risk in developing, implementing, and embedding the operational risk framework tools and methodologies enabling the bank to effectively identify and report on operational risk exposures and relevant mitigating activities. You will maintain effective 2LoD oversight of the controls environment and ensuring the relevant regulatory requirements and expectations are met. You will also provide in-depth understanding of the technology and risk around: IT management, Information Security and Cyber and new technologies prevailing in the retail banking digital transformation space.
Responsibilities:

• Supporting Technology Risk / Technology Resilience management
• Supporting Operational Risk management
• Advising on regulatory requirements
• To deliver oversight, advisory and guidance on new technologies risk.
• To support as needed the digital/technology transformation of the bank from a technical risk management perspective.
• To develop effective and collaborative relationships with all 1LoD and Group key stakeholders.
• To maintain oversight of IT and Cyber Risk Management risk across the bank
• Support the Head of Cyber and New Technologies Operational Risk to bring together an holistic picture of the technology risk across the banks and to enhance the risk management framework and tools to better capture and report on technology risk.
• To maintain up-to-date in-depth industry and technical expertise in the areas of focus.

Key experience:

• Risk identification methods/tools - questionnaire, workshops, interviews
• Risk assessment - Inherent/ Residual basis; Impact Types; Risk likelihood
• Risk response options
• Control concepts and documentation - objectives, types, accountability, resource, process, evidence
• Risk reporting - data analysis, key messages
• Incident & Loss concepts, root cause analysis, future prevention
• Awareness of business environment
• Risk analysis - aggregation, concentrations, root cause Role Profile Confidential
• Identification of connected events
• Scenario concepts and development
• Risk identification methods/tools - desktop analysis, SWOT, PESTLE
• High level cost benefit analysis Project Management principles Compliance - regulations, governance, ethics, competence Monitoring options, including indicators Risk appetite framework Committee operation and effectiveness reviews
• Internal Governance concepts
• Risk culture concepts

As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC qualified. You will have expert knowledge of IT & Cyber risk with a strong understanding of emerging technology. You will also have a proven track record in a similar role. Financial Services or highly regulated industries experience is highly preferable.