Data Governance Risk Officer

  • Market Rate
  • London, England, United Kingdom
  • Permanent, Full time
  • Saxton Leigh
  • 22 Feb 18 2018-02-22

Our client, a leading international bank, are seeking an experienced Data Governance Risk officer to join the team in London.


Our client is a leading international bank based in the City of London. They are looking for a Data Governance Risk Officer to provide support to the business.


  • Perform a current-state analysis to assess the Bank’s existing information security (IS) control environment (considering all aspects of technology IS, data assets, and cyber risks and resilience controls);
  • Identify the current controls aligned to these risks and highlight potential control gaps;
  • Develop a strategy for enhancement to manage those risks in line with the Bank’s agreed risk appetite.
  • Design and implement a governance framework to capture strong cyber resilience, information security, data security and data protection.
  • Provide Bank-wide supervisory oversight, management reporting, and policy for the existing IS, data, and cyber control framework.  Act as a point of liaison with Head Office. 
  • Undertake ongoing monitoring of key data and IS risks.  Meeting this objective will include developing appropriate policy, procedures, and similar guidance material to support the efficient operation of key controls; develop and deliver stakeholder training, enhance management reporting information, present performance and escalated issues to senior management where necessary.
  • Fulfil the Data Protection Officer role in line with the requirements of current and incoming Data Protection Regulations (GDPR).  This will include assessing the effectiveness of current company data and records management control and developing enhancement action plans where these may be required.
  • Build a profile of the Bank’s cyber threats and associated controls and provide Management with recommendations to enhance key cyber controls.



  • Practical experience in a senior role in a similar European financial services organization with responsibility for Data Protection, Data Governance, and/or Information Security;
  • Good working knowledge of current and changing cyber threats and mitigating control strategies with demonstrable experience of working with or advising on a cyber control activity or change project;
  • Practical understanding of key aspects of UK data and information protection regulations (GDPR) and best practices. This should extend to insights on applicability of key regulatory obligations to different business activities and how regulatory impact and gap analysis work is undertaken in a multi-product banking business;
  • Excellent communication skills are critical to ensure risk and control understanding is embedded throughout the business.