Job Details

Risk and Control Manager

Horwich, Greater Manchester, United Kingdom, Permanent

Posted: 1day ago


Risk and Control Manager
Location - Bolton
About Us
TopCashback is the World's most generous cashback company. Having been established in the UK in 2005, we are now the UK market leaders in cashback and still growing rapidly. TopCashback has previously featured as one of the fastest growing private companies in the UK for 3 consecutive years by the Sunday Times Virgin Fast Track 100 and has been awarded Cashback Site of the year 5 times.
Our worldwide membership is in excess of 20 million and growing. TopCashback is an ethical company and lives by the motto "do as you would be done by". We extend this way of operating to all of our members, merchants, and partners as one of our core values.
The Role
This is a brand-new role in a company who is growing both vertically and horizontally with a global footprint. We are continuously expanding and emerging ourselves into new markets and developing new products. This role has autonomy and the chance to help the business continue to be market leaders.
We are looking for a knowledgeable and proactive Risk and Data Manager to guide and develop key risk strategies not only across the business but specifically within the IT department. You will play an important part by making sure that risks and associated actions are identified, followed up and documented, working with, and supporting the relevant owner. You will also ensure that due diligence is carried out where data is stored and that appropriate controls are in place for the storage of this data. Creating, reviewing, and updating processes relating to the storage of data will also be your responsibility.
You will be liaising with Senior Stakeholders and third parties across the business to drive forward improvements and policies. You will be reporting to the CIO and work with teams across the business ensuring that they all follow best practice and policies regarding the use of data. You will work closely with the Infrastructure Architect and the DPO to educate the company and its employees about compliance to enable the business to make informed decisions.
* Create, Maintain & Communicate Policies and Principles around use of data, not least our member data but also third party and employee data.
* Making sure said policies are being followed by liaising with teams, doing spot checks and more formal audits around the storage of data, covering such things as data retention and data deletion.
* You will drive the risk agenda within the business, so would need to be comfortable having open and honest conversations, holding senior managers accountable for progress of actions ensuring Risks and Issues are kept up to date, with new ones added and related actions prioritised, updated and communicated.
* Organise and chair a monthly risk meeting with the directors and DPO to go through any new RED risks/issues or existing risks/issues that need support, focus and action from them or their teams. Highlighted risks and issues from this meeting will be raised at the strategy meeting as part of a standing agenda item.
* Liaising with third parties and ensuring due diligence is carried out where they may store PII data, or are integrating with our services, such that if they had a breach then they could then traverse into our services and get to our data, or if they had a breach where this could this lead to reputational damage to us
* Making sure our cookie policies are in place, up to date and followed, such as controlling how cookies can be added onto our sites as well as aligning our on sites cookie policy with the relevant regulations
* Keep abreast of third-party changes that could impact our use of data, such as cookies, and follow up with relevant stakeholders and area experts to provide a view to the business so a way forward can be agreed
* Support the business by enabling directors to reach balanced and informed decisions with respect to risks to the business that need more investigation and input. You will be empowered to seek help and guidance where needed from across the business to provide this further information which you will document together with any agreed outcome against the risk.
* Provide support, education and training to staff to build risk awareness within the organisation.
* As the business grows and develops, the role could be subject to change with further responsibilities to be agreed
Skills required
* Experience of working with technically minded people in IT Departments and with a good awareness of cybersecurity and data protection best practices.
* Knowledge of security measures and controls, so you are confident in having technical discussions as well as the ability to engage in discussions around operational and commercial aspects
* You will be working with all areas of the business but with a keen interest in the technical / security side of things
* Strong communication skills are key for this role. We need someone who feels comfortable liaising at board level down and working with multiple teams across the business on a regular basis.
* Proactive approach in driving forward improvements and policies
* A strong sense of ownership about your work
* Good eye for detail
* A team play who also has the ability to be a self-starter and working independently
* Be able to work under pressure and deliver a high standard of work
* Pragmatic problem solver
* Keep abreast of third-party changes, trends and news that could impact our use of data, such as cookies, and follow up with relevant stakeholders and area experts to provide a view to the business so a way forward can be agreed
* 23 days Holiday including your Birthday off & 2 Duvet days (Plus loyalty holidays & ability to purchase extra holiday)
* We would normally state the following - "Great working environment with relaxed dress code, Table Tennis Tables, Pool Table, X-box room" But only when we are back in the office. In the meantime we can only offer you a great job in a great and growing company and the table tennis will have to wait a while…
* Life Insurance, Income protection, health cash plan and enhanced maternity/paternity
* Good transport links, free parking plus support for public transport users
* Cycle to Work schemes offered
Due to current Covid restrictions, on-boarding the successful candidate will need to be done 'virtually'. However, we have adapted well to this and have all our employees working safely from home across the globe, we are in a very strong financially secure position - being a profitable owner managed business with no debt - that makes us extremely confident to continue to recruit and expand our operations in all our markets.
At TopCashback, since we began, we have been committed to building a fair, diverse and inclusive company. We believe that diversity and nurturing a culture where we can all be our true selves at work, makes us stronger as a business. We celebrate differences and foster a fair and equal environment for us all to flourish in. After all, we spend most of our time together.
With fairness at heart, we're committed to being an equal opportunity employer regardless of race, ethnicity, gender, sexuality, religion, disability, nationality, age or similar. Whoever you are, whatever walk of life you are from, we'll welcome you to our TopCashback family

Job Details

Horwich, Greater Manchester, United Kingdom