IT Risk

This is an exciting opportunity to join Shawbrooks CTO function as a key member of the Technology Risk & Governance team. Reporting directly to the Director of Technology Risk & Governance you will lead the first-line IT Risk & Controls function shaping how technology risk is identified managed and embedded across the Bank.This role offers real scope to innovate optimise and automate the way we manage technology risk. Youll have the freedom to challenge the status quo simplify complex processes and introduce creative solutions that strengthen control effectiveness and drive continuous improvement.Leading a small capable team you will act as a trusted advisor to senior technology leadersbalancing oversight with practical hands-on delivery. Youll play a pivotal role in ensuring Shawbrooks technology control environment remains robust well-documented and aligned with the Banks risk appetite regulatory expectations and operational resilience objectives.This is an opportunity for an experienced IT risk professional who thrives in a collaborative forward-thinking environmentsomeone who can combine structure with curiosity and influence change through insight not instruction.Risk and Control OversightLead the first-line IT Risk & Controls function providing proactive oversight support and challenge on all aspects of technology risk management.Manage the Technology Risk Register within the Banks GRC platform (AuditBoard) ensuring risks controls events and issues are accurately recorded and regularly reviewed.Facilitate the twice-yearly Risk and Control Self-Assessment (RCSA) process ensuring a robust and evidence-based evaluation of control design and operating effectiveness.Coordinate and maintain control testing plans supporting design and operational effectiveness reviews across all technology domains.Ensure timely logging and management of risk events control gaps and policy non-compliance issues.Governance and ReportingOwn and manage the monthly Technology Risk Committeesetting the agenda curating management information and ensuring action tracking and escalation are effective.Support the preparation of technology input to Group risk forums and produce MI and thematic analysis for the CTO and CRO functions on key risk themes performance trends and control maturity.Assurance and Audit CoordinationAct as the central coordination point for technology-related audits reviews and regulatory returns (e.g. REP018 SWIFT KPMG assurance).Track audit findings and management actions to completion ensuring evidence is captured and remediation progress is monitored in AuditBoard.Support lessons-learned reviews following incidents or near-misses ensuring improvement actions are defined and embedded.Optimisation and Continuous ImprovementDrive automation and data-led insights across risk management processessimplifying reporting and enhancing transparency.Partner with control owners to identify opportunities to streamline evidence collection improve efficiency and strengthen control outcomes.Build and mentor a small team fostering a culture of accountability curiosity and proactive problem solving within the first line.Qualifications : Significant experience in IT risk management or controls assurance within a financial services or similarly regulated environment.Strong understanding of technology and cyber risk concepts including control frameworks (e.g. NIST COBIT ISO27001).Proven experience in using GRC tools (AuditBoard or equivalent) to manage risks controls and issues.Experience in automation of risk and control monitoring and MI production using tooling such as Power Automate Power BI AI LLMs etc.Familiarity with RCSA processes risk event management and risk appetite monitoring.Strong analytical and communication skillsable to translate complex risk data into clear concise insights for senior stakeholders.Additional Information : Your Wellbeing - We take your health and well-being very seriously by providing a range of benefits to give you and your family peace of mind. These include:Market leading family friendly policies such as access to our Maternity Adoption and Paternity policies from Day 1 of your employmentFree access to Headspace a mindfulness & meditation digital health appFree access to Peppy digital health app that offers personalised support through fertility treatment becoming a parent or menopauseEAP (Employee Assistance Programme) - Offering you support on a wide range of subjects including financial concerns mental wellbeing and more general queries around family work housing and healthCycle to work schemeDiscounts on gym membershipContributory pension scheme & death in serviceYour Lifestyle - Its important you strike the right balance between your work and personal life. We provide benefits to support you when at work and when youre enjoying your leisure time.Minimum of 25 days holiday per yearOption to buy or sell holiday days through our flexi-holiday schemeDiscounts on gym membership nationwideAccess to discounts on a range of high street and online brandsCommunity support and charitable givingYour Contribution - Were focused on rewarding those that go the extra mile in helping us achieve our goals.Participation in our annual discretionary bonus scheme designed to reward your contribution to our successProudly Shawbrook recognition scheme focused on recognising our role models and thanking our colleagues for a job well doneRemote Work : NoEmployment Type : Full-time Key Skills Arm,Risk Management,Financial Services,Cybersecurity,COSO,PCI,Root cause Analysis,COBIT,NIST Standards,SOX,Information Security,RMF Experience: years Vacancy: 1