Senior Technology & Change Risk Manager - 2LOD - Banking

Senior Technology & Change Risk Manager - 2LOD - Banking

Excellent opportunity opens for an experienced Technology & Change Risk Manager to join a leading International Bank's London office in a crucial role. Risk is the independent risk control function within the Bank and acts as the second line of defence (2LOD) providing independent oversight and control across the Bank's principle risks i.e. credit, financial and operational risk.

The Technology and Change Risk Team has responsibility for risk oversight of Bank's IT Risk, Data Risk, Information Security, Change Management, Operational Resilience and Intra-Group Risk within the Bank. Reporting to Head of Tech & Change Risk, the role will require to work closely with the Operational Risk Team and Enterprise Risk team to ensure the overarching Operational Risk Management Framework (ORMF) and Risk Management Framework (RMF) is effective at managing Technology and Change Risks.

Risk Advisory and Guidance

• Act as a 'critical friend' and 'trusted advisor' to the Business and Technology leadership teams by providing advice/guidance on topical matters to ensure risk considerations are incorporated into business decision making and key design decision early in the process.
• Dive deep into a business or technical topics and interpret complex multiple disciplinary topics and distil Business-IT risks/challenges/ issues into tangible actions and help shape practical solutions with the business to address them.
• Support Senior Management Functions (SMFs), their direct reports and Compliance team in shaping the regulatory engagements related to Material Change, Material Suppliers and Operational Resilience topics and providing robust challenge on the response and commitment to ensure that they are practical, proportionate and reasonable.
• Proactively monitor and interpret evolving UK and EU Financial Services Regulations and industry best practices an help 1LOD in interpretation of existing/ new regulations and requirements and its implications.

Independent Risk Oversight

• Reporting to Head of Tech & Change Risk, the role will require to work closely with the Operational Risk Team and Enterprise Risk team to ensure the overarching Operational Risk Management Framework (ORMF) and Risk Management Framework (RMF) is effective and consistent at managing Technology and Change Risks.
• Develop annual plan and Own end to end delivery and presentation of various types of reviews - thematic, deep dives, risk opinions, controls testing, quality assurance activities.

Annual Regulatory Returns:

• Payment Scheme Attestations: Participate and or lead the review /challenge of annual 1LOD outcomes of Payment Scheme Attestations like CHAPS, LINK, SCA-RTS and Cyber Resilience Questionnaire (COUEST), as per capacity in the team.
• Operational Resilience and Operational Continuity in Resolution (OCIR): Review/challenge the outcomes of annual self assessments and regulatory returns and provide robust challenge of responses and commitments made to regulators on the action plans.

Change Oversight and Change Assurance (covering IT and Business Change):

• Lead 2LOD Change Assurance & Oversight of major technology and business change programme typically involving replacing legacy platforms/systems with modern technologies and involving process changes and third party suppliers.
• Ownership of development and presentation of high quality, independent 2nd Line risk reports and MI on Technology and Change and presenting to Portfolio and Project level Steering Arrangements, Bank's Material Change Committee, Management and Board Risk Committee, where required.
• Lead in design, implementation and overseeing embedding of change related frameworks and use of effective risk management practices to deliver improvements to 1st line change risk management

About You:

• Prior experience of working in highly regulated environments and understanding of PRA, FCA, ICO and BoE priorities as well relevant EU regulations.
• Solid experience in technology, operational, or change risk management within financial services or a regulated environment.
• Strong understanding of technology and change risk concepts, including cyber risk, resilience, and governance frameworks.
• Knowledge, understanding and application of risk and control environments in Shared Responsibility Model setup with Public Cloud Providers (IaaS, PaaS and SaaS)
• Professional qualifications (e.g., CISA, CRISC, CISSP, PRINCE2, or equivalent) desirable but not essential.

Interested? Please Apply!

Risk Tech Risk Technology Risk IT Risk Change Risk Transformation Risk Operational Risk 2LOD Second Line of Defence Bank Banking Challenger Bank Financial Services PRA FCA ICO BOE ORMF RMF RCSA Regulatory