Director of Technology and Cyber Risk

The Audit and Risk Recruitment Company (ARRC)* are working with a Global Technology and Fintech giant to help identify a Director of Technology and Cyber Risk.

The team sits within non - financial risk with a focus on technology, cyber, operational risk, business continuity and data analytics.

Reporting directly into the Head of Operational Risk and Resilience, this is a leading second line position, being responsible for all major stakeholder engagement, and providing assurance across with an emphasis on technology and cyber security.

The Director of Technology and Cyber risk will also be responsible for managing and leading policy reviews, dealing with all regulatory requests, with a focus on assessing risk within new technologies (with a particular emphasis on Cloud technology)

The role will suit a senior manager or director (10 years+) with a background in IT risk, IT Audit and / or operational risk, who is well versed in working within a UK financial services regulated environment.

The Director will supervise, technically review, and execute technology risk reviews and will also be expected to build positive business partnerships with senior technology stakeholders and provide strong leadership, coaching and management to motivate and nurture talent, maintaining a high performing and credible team.

Key responsibilities

• Provide leadership on Technology and Cyber risk second activities
• Ensure the business adheres to 3 Lines of Defence model
• Ensure that Technology and Cyber risks are identified, owned, measured, monitored, managed and reported to ensure that informed decisions can be taken
• Ensure identified issues have clear remediated plans
• Providing challenge to the business and technology department on the risks associated with their BAU and change activities
• Conducts deep dives, scenarios analysis and testing as appropriate
• Provide management information for Technology and Cyber risks to support resilience MI for Boards and other committees
• Adhere to internal governance processes: committee reporting and attendance, project management governance, etc
• Strengthen risk culture by increasing awareness of risk values and standards

Background requirements

• 10 years + experience within IT Risk, IT Audit or Operational Risk
• Significant experience of working within a UK regulated environment
• Knowledge of risk management for critical IT infrastructure, information security and Cyber risk, and a good background knowledge and work experience of operational risk and control frameworks
• Excellent communication / influencing skills and gravitas when dealing with stakeholders

The Audit & Risk Recruitment Company - Experts in Audit and Risk Recruitment.