Operational Risk Partner - Tech

Key information:

  • Title: Risk Partner (IT & Product)
  • Salary: £85 - £100k + strong bonus
  • Either hybrid or remote depending on preference (1 x pm touch point in office as minimum)
  • Proven experience in high growth fintech or payments firm ideal

Role Summary

We are seeking a commercially minded, Second Line Risk Partner to join our Group Risk & Compliance function. In this hands-on role, you will be responsible for safeguarding the group by providing expert advice, overseeing regulatory change, and embedding a robust risk culture across the IT and Product functional lines.

You will act as a specialist advisor to ensure that technological innovation—including Cloud, Third-Party integrations, and AI adoption—remains within the firm's defined risk appetite. This role combines high-level risk oversight with the practical requirement to support regulatory returns.

Key Relationships

  • Internal: Head of Risk & Compliance; CFO; Executive Leadership; Operations; Change/Transformation; Legal; Procurement; Finance.
  • Direct Reports: None (Individual Contributor/Partnering role).

Key Accountabilities

Second Line Oversight & Advisory

  • Provide independent review and constructive challenge of the cyber risk profile and control environment.
  • Assess changes to the technology platform and product roadmap to identify impacts on the group's risk profile.
  • Engage early in the SDLC (Software Development Life Cycle) and procurement processes to provide "risk by design" guidance for new product features and vendor contracts.
  • Contribute to the enhancement of the Technology Risk Framework, ensuring it meets evolving regulatory expectations for fintech and payment firms.

Risk Framework & RCSA Management

  • Lead the Risk & Control Self-Assessment (RCSA) process for IT and Product, ensuring precise articulation of inherent vs. residual risks.
  • Facilitate workshops to evaluate control design and effectiveness within Finance and Operational functions.
  • Develop and maintain Risk Dashboards and Key Risk Indicators (KRIs) to provide visibility to the Board and Executive Committees.

Monitoring, Assurance & Regulation

  • Stay current with FCA, ICO, and industry standards to ensure adherence to all applicable laws.
  • Perform risk-based "deep dives" into core technology domains: Cloud/Third-Party, Data Protection, Continuity/Resilience, and Generative AI adoption.
  • Design and execute assurance programs and controls testing.
  • Oversee Incident & Issue Management, performing root cause analysis (RCA) to ensure learnings are translated into actionable improvements.

Skills & Experience:

Professional Background

  • Experience: At least 5 years of 2nd line risk management experience specifically within a Payments, or Fintech environment.
  • Technical Knowledge: Strong understanding of technology and cyber risk from a 2nd line perspective, resilience, IT controls, and governance frameworks.
  • Regulatory Knowledge: Deep understanding of FCA regulation for payment firms and the UK regulatory landscape (including GDPR/ICO expectations).

Core Competencies

  • Commercial Insight: Ability to integrate risk frameworks with sharp business acumen, enabling scalable growth rather than just acting as a "blocker."
  • Analytical Rigor: Proven ability to translate complex technical risk issues into actionable business insights and high-quality reports
  • Influence: Excellent communication skills with the ability to challenge senior stakeholders (Product/IT heads) constructively.

Qualifications

  • A professional qualification in Risk Management (e.g., IRM, CRISC, CISM) is highly desirable.
Apply Now
Apply Now

Job Details

Company
JSS
Location
England, United Kingdom
Posted