Technology Risk & Controls Testing Manager

Job Description

End dateFriday 07 July 2023 Salary range£57,078 - £63,420 We support agile workingClick here for more information on agile working options. Agile Working OptionsOther Agile Working Arrangements / Open to Discussion Job descriptionJOB TITLE: Technology Risk & Controls Testing Manager SALARY: £61,641 to £71,915 LOCATION(S): Bristol, Leeds, Halifax, Manchester, Chester, Birmingham, Edinburgh HOURS: Full-time WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our office sites. About this opportunity We love to do things differently in COO Risk Services! We encourage our colleagues to be ambitious, challenge existing practices and come up with new and innovative ideas. Our vision is to be the Leading UK Financial Services 1st Line Risk Function. We work in close collaboration with the Chief Operating Office (COO) and its business teams to help identify, report and mitigate key business risks. Our key priority is to help runthe bank safely and compliantly. Were committed to achieving this vision through a clear focus on the provision of expert risk advice and guidance, through creating an optimised control environment, through investing in and developing our people and through adopting new technology solutionsto improve our effectiveness. We’re looking for a Technology Risk & Controls Testing Manager to join our team and to be bold when helping to shape our strategy and approach to testing. Youll challenge the status quo, and play a key role in enhancing the quality and effectiveness of theCOO control landscape, championing ideas on how we can do things differently. As a Technology Risk & Controls Testing Manager in the COO Risk Services team, you’ll :

• Support the evolution and maturing of our control testing strategy and ways of working by raising and progressing new insights and solutions.
• Collaborate with a team of testing colleagues to perform risk-based controls testing activities (in areas such as Incident Management, Disaster Recovery, Vulnerability Management, Cryptography, Network Security and Privileged Access Management), both cloud-basedand on-premise.
• Evaluate and assess control effectiveness in mitigating associated risks in an accurate, complete and clear way.
• Take ownership for delivering timely, high-quality testing of assigned controls and updating senior audiences about the progress, outcomes and insights arising from testing.
• Work with technology-aligned colleagues to evaluate their remediation activities and provide challenge in a collaborative and pragmatic manner.
• Adopt a continuous improvement mentality, seeking opportunities to provide greater assurance over the effectiveness of risk and control management in an efficient and robust manner, promoting and employing greater use of data analytics to achieve this.
• Analyse and knit together a range of data sources, providing business and technology leaders with a comprehensive view control performance.

Why Lloyds Banking Group Like the modern Britain we serve, we’re evolving. Investing billions in our people, data and tech to transform the way we meet the ever-changing needs of our 26 million customers. We’re growing with purpose. Join us on our journey and you will too... What you’ll need You’ll have significant experience and knowledge in having tested technology, and cyber security controls, both in the cloud and on-premise, as well as:

• At least 5 years of relevant financial services technology experience or IT Internal / External Audit, or experience in a technology risk consulting practice. Whilst financial services experience is desirable, well consider experience gained in other industriessuch as telecommunications or other complex multi-nationals.
• Demonstrable experience in applying different control testing methodologies (e.g., use of CAATs, sampling).
• Solid understanding of the risk and controls inherent in various technologies (e.g., mainframe) and cloud service and deployment models.
• Specialised in testing of at least one technology or cyber security process (e.g., Network Security, Anti-Malware, Cryptography, Vulnerability Management, Access Management).
• Deep technical data analysis skills with experience of data interpretation, joining the dots across multiple data sources and translating these into practical insights.
• Experience of working on design and implementation of control automation and continuous monitoring initiatives.
• Ability to build relationships with key stakeholders, to expertly leverage your subject matter knowledge to influence control improvements.
• Experience in coaching and upskilling others, for example sharing your knowledge and insight into testing controls in the cloud.
• Experience of designing new and enhanced technology controls.

And any experience of these would be really useful: A good grasp of Information Technology Assurance Frameworks (COBIT, ISO27001, ITIL, NIST etc.) and current and emerging technology trends. Similarly, if youre qualified in CISA and have any additional qualifications (e.g., CISSP/CISM and CRISC ) these would be beneficial. About working for us Our focus is to ensure were inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it’s why we especially welcome applications from under-represented groups. We’re disability confident. So if you’d like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes:

A generous pension contribution of up to 15%

An annual bonus award, subject to Group performance

Share schemes including free shares

Benefits you can adapt to your lifestyle, such as discounted shopping 30 days’ holiday, with bank holidays o