Senior Delivery Manager

Computacenter seeking confident and experienced Enterprise Risk Lead who is accountable for leading the Enterprise Risk function managing and mitigating risks associated with the organization's IT operations and projects. This role involves developing and implementing risk management strategies to ensure the security, integrity, and resilience of IT systems and processes. The Enterprise Risk Manager will work closely with various stakeholders to align risk management practices with the organization's strategic objectives.

• Enterprise Risk Management Expert - Proficiency in understanding of Risk Frameworks such as ISO 31000, NIST, and COBIT.
• Risk Assessment: Ability to identify, assess, and prioritize risks using various methodologies and tools.
• In-depth knowledge of IT systems, networks, and infrastructure.
• Strong understanding of cybersecurity principles, threats, and mitigation strategies.
• Ability to analyse complex data sets to identify trends, patterns, and potential risks.
• Strong problem-solving skills to develop effective risk mitigation strategies.
• Proficiency in preparing clear and concise risk reports for senior management and stakeholders.
• Excellent interpersonal skills to collaborate with various departments and communicate risk-related information effectively.
• Understanding of relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA).
• Ability to develop and implement risk management policies and procedures.
• Ability to align risk management practices with the organization's strategic objectives.
• Proactive in identifying potential risks and implementing preventive measures.
• Ability to adapt to changing business environments and emerging risks.
• Continuous Improvement: Commitment to continuous improvement and staying updated with the latest risk management trends and technologies
• Keen attention to detail to ensure accurate risk assessments and reporting
• Regulatory Knowledge: In-depth understanding of relevant regulations and compliance requirements
• Be quality and process improvement driven - practices where appropriate
• Continuous Improvement: Monitor and review the effectiveness of risk management practices. Identify opportunities for improvement and implement changes to enhance the risk management framework

• Establish, Maintain, Operate and Continually Improve the Enterprise Risk Management Framework (~ 70%)
• Define, own and maintain the enterprise risk management framework, process and policy to align with CC Group Risk framework & cyber security risk.
• Policy Development: Create and maintain IT risk management policies, procedures, and guidelines. Ensure compliance with industry standards and regulatory requirements.
• Develop capability strategies identifying and enhance processes where automation has the potential to improve efficiency
• Risk Identification and Assessment: Identify and assess risks related to IT operations, projects, and systems. Conduct regular risk assessments and develop risk profiles.
• Risk Mitigation: Develop and implement risk mitigation strategies and controls to minimize the impact of identified risks. Ensure that risk mitigation plans are effectively executed.
• Monitor and continuously enhance the Risk management process in line with the Target Operating Model (TOM) - define and educate key stakeholders and support them in identifying, detailing and managing risks across the department.
• Creatively apply knowledge of risk management strategies, frameworks and processes to support internal operations and the wider impact / knock-on effects to our customers.
• Balance the risk narrative to highlight effective controls as well as control gaps
• Build risk culture and sensitivity to opportunity risks as well as operational risks
• Align work with internal associated risk management policies and processes, and with external regulatory requirements and market
• Support of the IT business continuity process and disaster recovery processes, and the associated risks
• Monthly reporting is delivered against KRIs for the Risk Management Group, aligned to the balanced scorecard.
• Change approval governance processes are followed.

Team Leadership (~ 10%)

• Provide direct support to the Head of Performance Management, and lead the Enterprise Risk team, offering guidance & coaching.
• Training and Awareness: Develop and deliver training programs to enhance risk awareness and promote a risk-aware culture within the organization.
• Establish clear team goals that align with our mission, ensuring the team is well-equipped with the skills and resources to achieve our objectives.
• Be an ambassador for the enterprise risk in the extended leadership team, encouraging teamwork, problem solving and sharing ideas.
• Support team members in skills development, being a trusted advisor both internally within the GRC function and to other departments.
• Maintain professional development activities to ensure skills and credibility remains current and up to date.

• CRISC (Certified in Risk and Information Systems Control),
• CERA (Chartered Enterprise Risk Analyst)
• CISM (Certified Information Security Manager),
• CISSP (Certified Information Systems Security Professional),
• PMP (Project Management Professional).