This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.
Job Description
Summary
As a Technology Risk Senior Lead within the First Line of Defense for M&S Digital and Technology (D&T), you will lead Technology Risk Management within the D&T Risk, Audit, and Compliance function, reporting directly to the Head of Risk, Audit, and Compliance. Your core responsibility will involve managing Technology Risk processes across D&T's Products and Platforms. Your primary objective is to ensure that both individual and aggregated Technology Risks are thoroughly identified, assessed, clearly understood, and effectively managed, with robust strategies in place for mitigating both strategic and tactical risks.
You will work closely with the D&T Products and Platforms teams to identify and assess Technology Risks, encompassing Operational, Transformational, Regulatory, and Emerging Risks, and document the findings in the M&S GRC (Governance, Risk Management, and Compliance) platform. Your role is pivotal in ensuring that our Technology Risk Framework operates within regulatory requirements and best practice standards, maintaining the integrity and resilience of M&S's Technology systems.
What you'll do
* Take the lead in implementing the Risk Assurance Framework across all D&T Product and Platforms.
* Conduct and oversee Risk identification and assessments processes to identify and analyze potential risks to Technology Operations.
* Develop comprehensive risk mitigation plans in response to identified Risks and control weaknesses.
* Support the development and maintenance of Technology Risk Dashboards and reports that provide an executive overview of the Technology risk landscape, including key risk indicators, mitigation progress, and emerging risks.
* Lead and develop a team of Technology risk professionals, fostering a culture of continuous improvement, innovation, and risk-aware decision-making.
Who you are
* Strong experience of IT Risk and Technology Controls Frameworks and the application of Technology Risk best practices and Risk Standards (ISO 31000, ITIL, Cobit 5, IS27001 COSO, NIST 800-53, SOX etc)
* A track record as an experienced Risk and control practitioner in managing digital/technology controls (experience in managing Cloud and Data technology controls is highly desirable)
* High-level analytical approach to complex technical and business problems
* Proven track record in technology control identification and management
* ITGC controls experience preferable
Everyone's welcome
We are ambitious about the future of retail. We're disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We're transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.
We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.
If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don't hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.
#J-18808-Ljbffr