Job description

  • Location:
    London - 30 Gresham Street
  • Department:
    Risk UK
  • Division:
    IBP Risk & Compliance
  • Employment Type:
    Full time
  • Salary:

2LOD Technology Risk Manager (6487)

IBP Operational Risk (OR) is looking for an individual with a sound understanding of Technology & Information Security Risk to help the OR team adequately monitor and challenge the implementation of the Operational Risk framework within the Technology function, and monitor and challenge whether IBP's Technology & Information Security Risks are within the Board's approved risk appetite.  The role will look at a wide range Technology areas including the roll-out of new and modern technologies.

The role is responsible for oversight of the implementation of the Operational Risk Framework which includes:

  • Risk & Control Self Assessments (RCSA) – providing subject matter expertise to challenge First Line of Defence RCSAs, including inherent risk assessment, control effectiveness, residual risk ratings and summaries, capturing and monitoring of follow up actions, and ensuring appropriate escalation / approval / reporting of risks identified to be out of appetite.
  • Risk Event Reporting – providing guidance and challenge around First Line of Defence operational risk event reports to ensure key details are captured accurately and in a timely manner, including business impact and tracking of appropriate follow up actions.
  • Thematic Assessments – using subject matter expertise to conduct 2LoD ‘targeted' assessments of specific risks, controls, and/or technologies supporting important business services for challenge and reporting purposes.
  • Reporting – providing support to ensure technology risks are appropriately considered for escalation into the risk governance structure.
  • Scenario Analysis – supporting the annual ICAAP process by providing input into scenario selection and participating in workshops with technology and business stakeholders to debate outcomes.
  • Forward Looking Risk – support the Technology Risk community through scanning of emerging themes and horizon risks.
  • Culture – support the broader operational risk community through advocacy of goals and processes, providing training and awareness activities where required.
  • Automated control testing – providing skills and techniques for automated control testing to support second line challenge of Technology & Information Security risks.
  • Training - Promote operational risk awareness and conduct training where required.

Technical knowledge:

  • Do you previous experience in a technology risk management role (any line of defence) or keen interest in moving to such a role?
  • Professional certifications an advantage (e.g. CISSP, CRISC, CISA, CISM) including in related skills such as project management, technology processes
  • Are you familiar with modern technologies? (e.g. Cloud, APIs, DevOps)

Skills and how they are applied

  • Are you comfortable with  challenging risk decisions made by the 1LoD?
  • Comfortable taking ownership of tasks and able to operate autonomously
  • Passionate about technology risk and information security
  • Can you demonstrate competency in operational risk management, stakeholder management, and taking a risk-based approach?


Close map
London - 30 Gresham Street
30 Gresham Street, London, England, GB, EC2V 7QN

Meet the recruiter

Jess Sheehan


We commit to ensure that everyone is fairly assessed during our recruitment process.

Let us know if you need any reasonable adjustments to complete your application.

Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email
Job Alerts
Create an alert subscription based on this Job


Private Medical Cover
Virtual GP
Gym Discounts
Psychologist Service
Annual Leave
Life Assurance