Investec – Where Out of the Ordinary Happens

At Investec, we do things differently. We're a leading international bank and wealth manager built on a culture of curiosity, entrepreneurial spirit and human connection. Ideas are heard, ambition is celebrated, and impact is encouraged. As part of a team that challenges convention and strives for outperformance, you'll help shape bold solutions for clients who expect something more than the ordinary.

Are you ready to lead the 2nd line of defence for technology and information security risk in a multi-region bank, shaping secure cloud architecture and governance? Can you translate complex security risk into clear, actionable guidance for senior stakeholders and the Board?

Join Investec's IBP Operational Risk team as the Head of Technology & Information Security Risk (2LoD), where you'll lead the governance and ongoing evolution of our technology risk framework. You'll oversee risk across on‑prem, cloud, and AI initiatives, ensuring secure, scalable, and cost‑effective architectures that align with regulatory expectations and the Board's risk appetite. You'll partner with senior stakeholders across IT, security, audit, and business lines to embed risk discipline, drive improvements, and uplift the organisation's Tech Risk maturity and posture.

What you'll be doing

• Define, govern and continuously improve the Technology & Information Security Risk framework for IBP, ensuring alignment with regulatory standards and the Board's risk appetite.
• Lead independent risk assessments of technology systems (applications, infrastructure, third parties), including risk articulation, control effectiveness, residual risk, and follow‑up actions.
• Oversee risk reporting tailored to management and Board audiences, ensuring clear escalation pathways and governance
• Provide guidance on risk events, ensuring timely, accurate business impact assessments and robust follow‑up actions
• Review third‑party exit strategies and resiliency plans, evaluating their adequacy for potential disruptions
• Track risk mitigation plans, ensure evidence of closure, and validate remediation only when fit for purpose
• Monitor forward-looking risks and emerging themes to help the Technology community anticipate and respond to changes
• Act as a trusted advisor to the broader community, promoting a strong risk culture and compliance with training initiatives
• Collaboratewith Internal Audit and other risk functions to ensure audit readiness and consistent risk management practices

What we're looking for

• Extensive experience in a financial institution or regulated environment with a strong track record in 2LoD technology risk management
• Demonstrated ability to challenge 1LoD risk decisions and drive risk-based outcomes autonomously
• Deep technical understanding of Cloud, APIs, DevOps, AI, and SDLC; knowledge of Azure/AWS/GCP is advantageous
• Professional certifications such as CISSP, CRISC, CISA, CISM (or equivalent) are preferred
• Excellent stakeholder management, communication, and influencing skills; proven ability to mentor and uplift teams
• Strong analytical capability, risk assessment and governance experience, with a pragmatic, collaborative, and outcomes‑driven mindset

As part of our collaborative & agile culture, our working week is 4 days in the office and one day remote. We believe that being together enables us to live our values and support our clients and communities in an extraordinary way.

Investec offers a range of wellbeing benefits to make our people feel healthier, balanced and more fulfilled in their lives inside and outside of work. You can find a list of our benefits here

Embedded in our culture is a sense of belonging and inclusion. At Investec we want everyone to find it easy to be themselves, and to feel they belong. It's a responsibility we all share and is integral to our purpose and values as an organisation. We believe that innovation thrives when everyone feels respected, included, and empowered to contribute.

We actively seek out diverse talent and foster an inclusive environment, encouraging applications from people of all backgrounds and experiences. Here, you'll find networks, benefits, and development opportunities designed to support your career journey, wherever it may lead.

If this role excites you but you don't meet every requirement, we'd still love to hear from you. Your unique perspective and experience could be exactly what we are looking for.  Get in touch!

At Investec, we're deeply invested in our clients, our colleagues, and our communities. It's more than a mindset; it's how we show up every day.

Be part of something Out of the Ordinary.

Recite Me

We commit to ensure that everyone is fairly assessed during our recruitment process. To assist candidates in completing their application form, Recite Me assistive technology is available on our Careers pages. This can be accessed by clicking on the ‘Accessibility Options' link at the top of the page.

The Recite Me tool includes a screen reader, styling and customisation options, a series of reading aids, a translator and more.

If you have any form of disability or neurodivergent need and require further assistance in completing your application, please contact the Careers team at [email protected] who will be happy to assist.