Technology & Cyber Risk Manager

Technology & Cyber Risk Manager - Financial Services Client - Hybrid - Competitive Package

A global financial services client is looking for a Technology & Cyber Risk Manager to join its 2nd line Risk function in London on a permanent, full-time basis. You will be supporting the Head of Technology & Change Risk in the development, maintenance and oversight of the technology, information security / cyber, change and data risk frameworks and associated risks, ensuring adequate controls and risk reporting.

• Develop and evaluate the overall technology and cyber risk landscape and the potential impact on the Group's operational resilience.
• Design and establish robust 2nd line monitoring, oversight and assurance processes, working closely with Risk Management colleagues.
• Provide risk guidance and support to 1st line teams and assist Technology and other functions in identifying, assessing, treating, monitoring and reporting technology and resilience risks.
• Support delivery and implementation of the wider Enterprise Risk Management Framework (ERMF).
• Facilitate delivery of technology risk and operational resilience elements of the ERMF with 2nd line colleagues.
• Work with 1st, 2nd and 3rd line teams to ensure technology risks are identified, assessed, reported and managed appropriately.
• Develop and maintain reporting of technology, cyber, data and change KRIs aligned to risk appetite.
• Lead 2nd line oversight of internal technology incidents and actively contribute to post-incident reviews.
• Develop and implement the Technology Risk & Control Self-Assessment process with cross-functional teams.
• Participate in key technology projects and change initiatives, conducting risk and control assessments and bringing proactive risk focus to delivery.
• Support maturity projects to enhance operational resilience risk management.
• Produce technology risk reports for management and relevant Risk, Audit and Technology Governance Committees.
• Help ensure consistency of the technology risk programme with group policies and procedures and maintain related policies and processes.

• Experience in IT/Technology/Information Security risk management and/or IT Audit, or in closely related activities within the financial industry.
• Understanding and experience of complex technology systems and industry operational resilience regulations.
• Strong understanding of current and emerging technology risks.
• Experience in a technical role delivering or operating technology systems is desirable but not essential.
• Experience executing technology risk oversight for change activities is desirable but not essential.
• Experience with in an exchange and/or clearing house is desirable but not essential.

• ITIL Foundation, CISA, CISM, CISSP, CRISC or equivalent IT/Technology/Information Security qualification is desirable but not essential.
• Risk Management qualification is desirable but not essential.

Please apply here with your updated CV outlining your relevant technology and cyber risk experience.