Technology Risk Manager

Job Description

At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , were a customer–obsessed market powerhouse.And we all work together to be brilliant for customers, every single day.A fantastic opportunity has arisen for a Technology Risk Manager to join our Governance, Risk and Compliance team! In this role youll be an IT Risk Subject Matter Expert for the CISO and Technology Services functions, conducting proactive and reactive ITrisk assessments across multiple technology areas, recommending and facilitating appropriate responses and monitoring the delivery of any mitigations. Youll engage with Risk Owners to agree the current Risk Profile and actions to be within appetite as required.What youll be doingIdentify and draw out technology risks through discussions, workshops, relevant meetings, and engagement with projects and programmesIdentify, assess, manage and report on adherence to policy requirements and control effectivenessUndertake technology proactive and reactive risk assessments, or thematic reviews, and formulate recommendations to respond to identified technology risks, issues and eventsManage technology risks, master action plans and events in the group Risk Management SystemIdentify, anticipate and recommend the need for changes to methodologies/approaches in response to changing risk profiles and business needs, through the identification of emerging risks and through continuous assessment of the inherent and residual riskexposureModelling and continuous improvement of the risk profile, through the development of risk measurement methodologiesEngage with the Enterprise Risk team (2LoD), Internal Audit and senior stakeholders across the business to ensure Technology Services and Information Security functions operate within the defined risk appetite and issues are remediated within the specifiedtimelinesProvide strategic risk management advice on disruptive technologies and identify emerging risks associated with advances in technology and digital capabilitiesEnsure agility and continuous integration/deployment by embedding risk management and regulatory compliance into operating environment and organisational cultureEstablish the status of the risk profiles owned senior stakeholders, highlighting any changes in line with risk appetite.What were looking forTechnology risk, information security, or IT Audit backgroundStrong analytical skills, with experience in undertaking risks assessments in a technology environmentExcellent working knowledge of risk management tools, methodologies, control taxonomies and industry standard frameworks (NIST, ISO 27001, COBIT, PCI–DSS, ITIL, TOGAF)Excellent working knowledge of security technologies and processes, including network and application firewalls, host and network intrusion prevention, anti–virus, advanced endpoint protection, cryptography, public key infrastructure and identity managementand federationExperience in infrastructure, application and cyber security architecture, technical risk and vulnerability assessments and/or managing issues identified from penetration testingExperience of working in cloud environment, ideally with platforms such as Microsoft Azure and AWSExperience of third–party relationships and identifying and managing the associated technology and information security risksExperience of threat modelling and assessing the impact of threat scenariosExcellent communication and stakeholder management skills and experience of preparing formal reporting for senior managementOur mixed model way of working offers a best of both worlds approach combining the best parts of home and office–working, offering flexibility for everyone. How much youll be in the office depends on your role, and well consider the flexible workingoptions that work best for you.Read our flexible working approach here .This is a hybrid role based out of our new London Bridge office, and youll need to be in the office c.4–6x a month.What well give you:We recognise we wouldnt be where we are today without our colleagues, thats why we offer excellent benefits designed to suit your lifestyle:50% off home, motor and pet insurance, plus free travel insurance and Green Flag breakdown coverEV car scheme allows all colleagues to lease a brand new electric or plug–in hybrid car in a tax efficient way.Employee discounts and cashbackPlus many more!Direct Line Group is an equal opportunity employer, and we think diversity of background and thinking is a big strength in our people. Were delighted to feature as one of the UKs Top 50 Inclusive Employers and are committed to making our business an inclusiveplace to work, where everyone can be themselves and succeed in their careers.We know youre more than a CV, and the things that make you, you, are what bring potential to our business. We recognise and embrace people that work in different ways so if you need any adjustments to our recruitment process, please speak to the recruitmentteam who will be happy to support you.With well–known brands including Direct Line, Churchill and Green Flag, were proud to be one of the UKs leading general insurers. Weve been helping people carry on with their lives since the 1980s, giving them the peace of mind to focus on the future.After 40 years of innovation were still leading the way, providing evolving products and services that are just what people need. Our business is full of talented individuals, each bringing their own strengths, skills and ideas. We work together, to be brilliantfor millions of customers every single day.Join us, in a career that empowers you to be the best you can be – and to be yourself. Your input matters here. So, whatever you do, well encourage you to own it. To spot opportunities, speak out and make things happen. Our vision is for a world where insuranceis personal, inclusive and a force for good. And you can help us make that a reality. Because when we work together, we can all achieve great things. Together, were one of a kind.