Job Details

Click here to become a registered jobseeker.

Head of Technology Risk Oversight & Assurance

London, United Kingdom, £ £ 80000.00-100000.00 Annual Annual, Permanent


The employer is a leading financial services provider.

  • Develop and lead a high-performing Technology Risk oversight and assurance team. Provide management and leadership of the company Technology Risk Oversight and Assurance Team ensuring they are staffed by an appropriate number of competent (SME) staff who are sufficiently independent to perform their duties objectively. ​
  • Create and maintain the technology risk framework, appetites and tolerances and lead the oversight and testing of incident management and business continuity across all the company businesses.
  • Be the key Technology Risk contact for and in ensuring appropriate training and awareness on the Technology Risk Operation Model, Framework and Policies to both internal and external IT Service providers.
  • To provide timely, accurate and relevant Technology Risk MI and commentary for designated risk committees and forums.
  • To lead Technology Risk assurance reviews on internal and external IT, Security and business service providers. Deliver clearly documented assurance reports which are both timely, impactful and commercial.
  • Undertake specific technology risk assurance reviews where necessary (in line with subject matter expertise). Provide challenge and assessment of potential technology risk including information and cyber security control weaknesses. Provide advanced warning to the companys management of potential technology and information security (including cyber) control weaknesses.
  • Monitor and report on progress of remediation plans and corrective actions identified by assurance reviews. Monitor and report (as appropriate) on the companys technology, cyber plans, projects and programmes.
  • Provide Technology Risk SME support in the selection, management and oversight of strategic and / or critical third party IT service providers.
  • Support the Director, Technology Risk in providing a forward looking view of technology related risk developments and their implications for the companys businesses.
  • Deputise for the Director Technology Risk where appropriate in key governance committees.
  • Work with the relevant business areas to ensure the right outcomes for customers. In this respect, the ability to maintain effective and pro-active relationships with key stakeholders at senior and exec level will be key in delivering a robust partnership with the business. Ensure the development of an effective technology risk assurance and oversight plan in conjunction with the business.
  • Must be resilient and have the ability to work under pressure and cope with competing demands.
  • Taking an active lead in helping each person in your team perform to their best and ​
  • understand how their work contributes to the achievement of business success
  • Evaluating and monitoring collective performance to ensure your team is delivering in
  • support of the strategic priorities of the business.
  • Producing and managing costs commercially.
  • Recognising successes around what is delivered and how people approach their work. In this respect the need for timely and relevant delivery of opinions and assurance reports will be key.
  • Maintaining a consistent approach to managing performance across the business, by
  • following the company processes.
  • Showing your team how to pull together by being a hands-on manager, and always be
  • fair, open and honest.
  • Identifying what needs to be done and choosing the right people for the job (ensure team is adequately staffed with SME resource).
  • Giving each person in your team clear accountabilities and stretching work objectives. Must develop a resilience within the team to ensure the ability to work and deliver under pressure and cope with competing demands.
  • Taking all reasonable steps to ensure the timely and appropriate resolution of control
  • weaknesses, issues and operational failures arising within the business.
  • Ensuring actions, decisions and processes take account of risk appetite limits and the
  • potential impact on the risk profile of the area, escalating any uncertainties to senior
  • management / Exec Management/Risk function.
  • Ensuring effective systems of internal control to manage risks and maintain records
  • reflecting compliance with regulatory requirements.
  • Ensuring the team maintain effective and positive relations with key IT/Security and business management.
  • You will have:
    Commercial knowledge around;
  • Technology Risk specialist with significant experience in developing a technology risk function, leading/managing system professionals and delivering impactful output.
  • Significant experience of liaising, influencing and negotiating effectively with
  • internal and external parties at senior management/Executive Committee level and beyond
  • Experience of identifying and anticipating potential concerns for key stakeholders
  • by using multiple strategies and methods to gain support for change
  • Significant experience of managing internal and external stakeholder relationships
  • Significant experience of developing clear, logical and comprehensive policy and executive papers.
  • Experience of wide multi-platform operating systems security, architecture,
  • application and database security
  • Expert knowledge of financial services regulatory requirements and standards, which apply to the areas under your control and to you as an individual
  • Good knowledge of life and pensions products, markets and competitors
  • Expert knowledge of industry best practice relating to technology risk and good network links with individuals and external bodies
  • A promoter of risk awareness within the organisation
  • Understanding of the Statements of Principle and Code of Practice
  • Able to work collaboratively across the immediate team and broader Risk
  • function
  • Forward looking assessment to objectives and how best to add value from a risk
  • perspective to M&G Prudential
  • Ability to stand firm, defend risk opinions and decisions whilst being commercially aware
  • Technical knowledge around;
  • Significant Technology Risk experience and expertise obtained at a senior level,
  • preferably within Asset Management and Insurance
  • Experience of wide multi-platform operating systems security, architecture,
  • application and database security
  • Significant experience of the BC, IRP, DP and IT risk spectrum including risk
  • assessment and management. Significant experience of analysing and
  • interpreting complex rules and regulations and applying such knowledge to
  • provide solutions to business problems and issues
  • Significant experience of using subject matter expertise to interpret complex
  • recommendations and recommend solutions for business stakeholders
  • Detailed knowledge of cyber risk, data risk, crisis / incident management
  • Detailed knowledge of information security standards and best practices such as
  • ISO27001/> 2, COBIT and ITIL
  • Detailed knowledge of change management methodology
  • Detailed knowledge of Technology Risk appetite and oversight, IT strategy and
  • architecture, data protection, IT root cause analysis, and third party oversight
  • Detailed knowledge of Technology Risk and Business Continuity Frameworks

Job Details

Not Specified
London, United Kingdom
£ £ 80000.00-100000.00 Annual Annual