Operational Risk Manager - Information Security

  • Negotiable
  • Dorking, England, United Kingdom
  • Permanent, Full time
  • Shawbrook Bank
  • 22 Aug 17

Shawbrook are currently looking to recruit an Operational Risk Manager to join the existing second line operational risk team. This position will report directly to the Head of Operational Risk and will focus primarily on bringing the Bank's Information Security risks under explicit management of control through the Information Security Framework. This includes design and implementation of Risk Appetite and subject matter expertise on information security

Shawbrook are currently looking to recruit an Operational Risk Manager to join the existing second line operational risk team. This position will report directly to the Head of Operational Risk and will focus primarily on bringing the Bank's Information Security risks under explicit management of control through the Information Security Framework. This includes design and implementation of Risk Appetite and subject matter expertise on information security and risk assessments of the bank's change programmes.

Key responsibilities will include the following:

  • Oversee and challenge the bank's operational risk registers, incident log and loss database.
  • Second line responsibility for the policy & control framework to support effective and proportionate Information Security risk management.
  • Provide oversight, challenge and production of the Bank's Top Risks, management actions, heat maps and KRIs.
  • Support the Head of Operational Risk in the design, development and delivery of key risk scenarios to support the Bank's Total Operational Risk Regulatory Capital requirement and support the delivery of the Bank's ICAAP.
  • Maintain and review Operational Risk policy, procedures and model inventories.
  • Provide effective operational risk oversight of the Bank's key change programmes and business change.

Suitable candidates will have the following experience:

  • Good understanding of business processes and ability to recommend changes to the business, as well as being able to produce documents to specify business requirements where necessary.
  • Strong practical experience of setting a clear and proportionate information security control framework.
  • Previous experience of working in financial services at manager level.
  • Excellent operational risk knowledge including risk event reporting, risk and control assessments and key risk scenarios.