Technology Risk Manager
- Company: Direct Line
- Location: Bromley
- Closing Date: 11 December 2020
If you have a disability we will try our best to make reasonable adjustments to remove any barriers to this post in the application / interview process due to a disability.
What we are looking for:
At Direct Line Group, we continue to unleash the power of technology to disrupt the insurance market and our Information Security, Risk and Assurance team is at the heart of this! Working to provide the kind of experience and services that wow our customers, we are delivering a set of ambitious plans to transform our technology for the future, evolving the systems, platforms and infrastructure that our people use day-to-day.
Do you have a background in technology risk/information security/IT Audit? Would you be comfortable deputising for the Head of Technology Resilience and Risk when required? We are hiring for a Technology Risk Manager to be our IT Risk SME for the CISO and Technology Services functions, conducting IT risk assessments across multiple technology areas and recommending and facilitating appropriate responses.
If you possess strong analytical skills with experience in undertaking risk assessments, identification, modelling and reporting in a technology and change environment, then we would love to hear from you!
Who you'll be working with:
Working alongside the Technology Risk Analysts, Technology Risk Consultants and Technology Risk Managers, you will sit within the Technology Resilience and Risk Squad within the Security and Resilience Chapter.
We are moving into Agile ways of working. This comes with immense potential to learn, develop your skills as you initially see us through a very exciting time of change. You will be valued and looked to for inspiration, with clear goals and autonomy as well as leadership focus being part of your daily role.
What you'll be doing:
Deliver ongoing oversight of BAU, change and vendor technology risk exposure and recommend strategies for managing operational, change and vendor risks to ensure that risks are effectively managed in line with group standards, regulatory requirements and risk appetite.
Undertake technology risk assessments and review existing top risks, risk correlations and emerging risks to formulate risk recommendations within reports for senior stakeholders
Define and continuously improve the risk profile and reporting, including the development of quantitative risk measurement methodologies
Identify opportunities for continuous improvement within technology risk products, services and processes
Engage with the Enterprise Risk team (2LoD), Internal Audit and senior stakeholders across the business to ensure Technology Services and Information Security functions operate within the defined risk appetite and issues are remediated within the specified timelines
What you'll need:
Experience in infrastructure, application and cyber security architecture, and assessments of change and vendor technology risk exposure
Experience of working within a cloud environment and Agile/DevOps methodologies
Superb communication and stakeholder management skills and experience of preparing formal reporting for senior management
What we'll give you:
Come join us and you'll find yourself in the middle of one of the most on-the-go teams in the business, with autonomy and exposure to industry leaders on huge household brand names. We're always encouraging internal development and you'll have access to loads of learning opportunities, events and conferences to build your industry knowledge.