Skip to main content

IT Risk Oversight Manager

Req ID:
Information Technology
Remote position - 
Abbots Bromley

New ways of working

Here at Direct Line Group, we recognise the importance of flexibility, not only in our personal lives but also in the way we work. Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone.

We’ve ditched the daily commute for a virtual first approach. If you do come into the office, there are exciting workspaces and zones you can use, depending on the type of work you are doing

How much you’ll be in the office depends on your role, and we’ll consider the flexible working options that work best for you. Please get in touch with the team to discuss.

We currently have an exciting opportunity for a IT Risk Oversight Manager to join our Bromley based Operational Risk team, on a full-time and permanent basis.

Please note: This is a predominantly home based role, with occasional travel to our Bromley office for key meetings.

The Purpose of the Role:

As an IT Risk Oversight Manager you will be responsible for the management of 2LOD oversight of the Chief Information Officer (CIO) directorate, which includes both the Technology and the Chief Information Security Office (CISO) functions, and the assessment of the effectiveness of the associated 1LOD risk management and control systems.    

Who you’ll be working with:

This is a 2nd Line of Defence (2LOD) role within our Risk team which will give you the opportunity to get a holistic view of Technology Risk across the whole of Direct Line Group.​

What you’ll be doing:

Provide 2LOD advice, oversight and challenge to the CIO, focusing on technology and cyber security activities, to support the Group achieving its strategy, in a balanced and controlled way, whilst maintaining good customer outcomes.

Champion the delivery of technology change in a systemic and controlled manner, to avoid adverse operational, regulatory or financial impact, whilst supporting a business that capitalises on creating value, growth and better customer experience, through innovation, digitisation and optimising data.

Provide a nimble, efficient and risk-based 2LOD oversight model of technology and cyber risks, including outcomes delivered via an Agile operating model and those initiatives more traditionally/centrally managed. 

Identify the Group’s top risks in relation to technology and cyber exposures and design/deliver an assurance plan that provides sufficient coverage of these risks, including a mix of embedded assurance and formal risk opinions, health-checks and deep dives.  

Manage the oversight of DLG Group exposure against its Technology & Cyber Risk Appetite.

Ensure risk is considered in 1LOD decision-making and that Risk Owners/Exec understand the impact of activities on their control environment and their risk profile.

Provide oversight of the business application of specific technology and cyber standards, including providing challenge to the business on compliance with and effectiveness of such.

Identify opportunities for improvement and gain comfort that the selection/delivery of activities is managed appropriately to protect the customer/shareholder needs, as well as strategic benefit for DLG. 

Develop and maintain external and internal contacts to identify, evaluate and assess evolving Technology threats, opportunities, and best practice.

Provide a view on 1LOD risk culture and risk behaviours relating to the CIO functions, taking action to drive a risk positive mindset and enable ongoing development of 1LOD risk management through engaged, open and honest conversations, to support finding the right solution.

Promote a strong, but simple, risk and control culture.  That supports innovation, whilst building a sustainable foundation.  

Maintain effective working relationships with relevant 1LOD, 2LOD and 3LOD areas to promote innovation, collaboration, alignment, simplicity and support, to achieve the Group’s key priorities.

Support and develop direct reports, to enable a high performing team, of engaged and capable individuals, that deliver tangible and value-add outcomes.     

What we are looking for:

  • Dynamic and flexible

  • Strong awareness of the balance between risk, control and growth

  • Can translate complex technical terms into simple business language

  • Self-motivated and able to generate new ideas    

  • Strong Stakeholder Engagement skills

  • Strong experience in technology transformation and delivering at pace 

  • Strong awareness Technology & Cyber risk management best practice  

  • Experience of data and digital transformations

  • Experience of conducting thematic risk assurance assessments

  • Strong report writing skills and an ability to present complex subjects simply

  • Financial Services experience preferable

  • Experience of eGRC systems beneficial

What we’ll give you:

Join us and you’ll find yourself in the middle of one of the most on-the-go teams in the business, working with industry to oversee risks and protect the business. We’re always encouraging internal development and you’ll have access to loads of learning opportunities, events and conferences to build your industry knowledge.

#LI-PK1 #LI-Hybrid

Be the first to know

Sign up for job alerts

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Abbots Bromley, England, United KingdomRemove

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.