Technology and Information Risk Manager
- Recruiter
- BCT Resourcing
- Location
- City of London, London
- Salary
- £45,000 - £65,000 per annum
- Posted
- 14 Feb 2016
- Closes
- 13 Mar 2016
- Ref
- 1228195
- Sectors
- Banking & Financial Services, IT
- Contract Type
- Permanent
- Hours
- Full Time
Position: Technology and Information Risk Manager
Location: London
Our client is a UK based online financial services provider. They are a FTSE 100 listed business boasting year on year growth and they seek high calibre, similar minded, hungry professionals to build on their success. The role as Technology and Information Risk Manager will be to help the business to identify, assess and manage technology and information risks that may cause exposures beyond the businesses risk appetite or tolerances or impact meeting their strategy.
Main duties:
* Carrying out themed technology risk assessments to identify and assess risks with the business; for example on network architecture / design, system resiliency, change control, capacity planning etc all in the context of whether they remain suitable to meet our business strategy and risk profile
* Carrying out a regular enterprise-wide information risk review with specific focus on identifying the threat landscape, control environment, regulatory requirements and keeping abreast of new threats, regulations and industry standards
* Contributing to risk assessments in progress within the wider risk team as a subject matter expert on technology and information risk
* Carrying out sample testing of key controls where appropriate
* Reviewing business and IT strategic plans to identify and assess potential risks
* Tracking the progress of core action plans within IT e.g. cyber risk programme, architectural change programme, PCI DSS maintenance etc
* Developing and tracking technology and information key risk indicators to track whether risks are improving or deteriorating
* Reviewing and approving key policies such as the Information Security Management Framework
* Assisting the business with investigating and managing security incidents, specifically reviewing whether exposures can be mitigated, regulatory and customer interests are assessed and that broader risks are considered
* Keeping up to date with industry and regulatory requirements for technology, information risks, data protection and liaising with the business as necessary
* Logging and tracking risks, recommendations and issues as necessary
Key skills/Experience:
* Minimum of 5 years of relevant experience covering technology and information risk
* 5 years financial services experience, retail banking or management consultancy highly desirable
* Some experience of working with senior management including Directors, operational and technical staff desirable
* Professional qualifications such as CISM, CISSP, ISO27001, CISA, ITIL desirable
* Analytical thinking, ability to analyse business processes/strategy and apply broad analysis
* Ability to diagnose opportunities for improvement and risk management
* Fast learner and interest in technology, information security and data protection compliance
* Ability to plan and organise in line with business strategy and operations
Location: London
Our client is a UK based online financial services provider. They are a FTSE 100 listed business boasting year on year growth and they seek high calibre, similar minded, hungry professionals to build on their success. The role as Technology and Information Risk Manager will be to help the business to identify, assess and manage technology and information risks that may cause exposures beyond the businesses risk appetite or tolerances or impact meeting their strategy.
Main duties:
* Carrying out themed technology risk assessments to identify and assess risks with the business; for example on network architecture / design, system resiliency, change control, capacity planning etc all in the context of whether they remain suitable to meet our business strategy and risk profile
* Carrying out a regular enterprise-wide information risk review with specific focus on identifying the threat landscape, control environment, regulatory requirements and keeping abreast of new threats, regulations and industry standards
* Contributing to risk assessments in progress within the wider risk team as a subject matter expert on technology and information risk
* Carrying out sample testing of key controls where appropriate
* Reviewing business and IT strategic plans to identify and assess potential risks
* Tracking the progress of core action plans within IT e.g. cyber risk programme, architectural change programme, PCI DSS maintenance etc
* Developing and tracking technology and information key risk indicators to track whether risks are improving or deteriorating
* Reviewing and approving key policies such as the Information Security Management Framework
* Assisting the business with investigating and managing security incidents, specifically reviewing whether exposures can be mitigated, regulatory and customer interests are assessed and that broader risks are considered
* Keeping up to date with industry and regulatory requirements for technology, information risks, data protection and liaising with the business as necessary
* Logging and tracking risks, recommendations and issues as necessary
Key skills/Experience:
* Minimum of 5 years of relevant experience covering technology and information risk
* 5 years financial services experience, retail banking or management consultancy highly desirable
* Some experience of working with senior management including Directors, operational and technical staff desirable
* Professional qualifications such as CISM, CISSP, ISO27001, CISA, ITIL desirable
* Analytical thinking, ability to analyse business processes/strategy and apply broad analysis
* Ability to diagnose opportunities for improvement and risk management
* Fast learner and interest in technology, information security and data protection compliance
* Ability to plan and organise in line with business strategy and operations