IT Systems & Security Risk Specialist Senior Manager

End Date

Flexible Working Options

Job Description Summary

Job Description

Experience level- 16 to 25

What you'll need!

The ability to demonstrate the following skills & behaviours:

1. Experience in developing, maturing, or contributing to Enterprise Risk Management Frameworks (ERMF), including setting risk appetite, and defining control objectives.

2. Considered a deep subject matter expert with a strong depth of understanding of the latest Operational Risk frameworks and technology being used across financial and non-financial services to enable them to lead a specialist risk centre of excellence, and experience shaping and driving the strategy and implementation of Technical and Security Risk Management Frameworks.

3. Detailed knowledge of key technology, security, operational and supplier risk domains, ideally ones facing regulated financial services groups, with a proven ability to translate complex risk insights into clear actionable advice.

4. Experience in effectively interpreting new operational risk regulations and emerging technology innovations (inc. AI, Digital Ledger Technology, Quantum, Cloud, 3rd-party concentration risk) with foresight and practical judgement.

5. Assimilating different sources of data and complex information to effectively problem-solve and make relevant conclusions and recommendations.

6. Having deep knowledge of relevant laws, regulations and industry best-practice and using that knowledge to establish the risk appetite, policies, control objectives and performance indicators across the technology and security landscape, and demonstrates ability to interpret new operational risk regulation, emerging risks and technology innovations with forethinking to anticipate the impact of changes on the Group and act accordingly.

7. Effective communication skills to build partnerships and work collaboratively with others, including Risk Owner, Control Owner and Control Office to meet shared objective.

8. Demonstrated ability to influence, challenge and guide senior decision-makers—balancing commercial outcomes, customer impact and risk appetite, and being confident to “call it” where necessary.

9. A strategic risk leader who can set direction, drive clarity of purpose, and shape how technology, security and supplier risks are managed across the organisation.

10. A strong people leader with experience in developing and performance-managing specialist talent, fostering a culture of accountability, learning and continuous improvement. Skilled at building high-trust partnerships with cross-functional teams (Technology, Security, Procurement, Ops Risk, Audit, Controls, CCOR), enabling open challenge and productive collaboration.

11. Ability to design and embed automated risk assessment and continuous control monitoring, using data-led and ‘as-code’ approaches (such as machine learning, risk quantification, and predictive analytics).

12. Detailed knowledge of the key technology and security risks facing a financial services group, with a proven ability to assess and manage risk and threats (e.g. using FMEA, ISMS, MITRE ATT&CK, PASTA/STRIDE/DREAD frameworks and methodologies), set policy and manage compliance, design controls, provide assurance oversight and challenge, and offer advice balancing risk and reward.

13. Expertise in Technology and Security, covering key areas such as Strategy, Architecture, Governance & Capability, Policy & Risk Framework, Information Protection, IT Asset Management, Identity & Access Management, Physical Protection, Vulnerability Management, 3rd Party/Supplier, Event & Incident Management, Network & Infrastructure Security, IT Problem Management, IT Performance & Capacity, Back Up, Restore & DR Proving, IT Reliable Engineering & Reliability & Redundancy, and IT Change Management.

What you'll be doing!

Working under the direction of our RFB UK Operational Risk specialists, the role will provide the following services: