Overview
We’re Kingfisher, a team made up of over 82,000 passionate people who bring Kingfisher - and all our other brands: B&Q, Screwfix, Brico Depot, Castorama and Koctas - to life. We aim to become the leading home improvement company and grow the largest community of home improvers in the world.
At Kingfisher, our customers come from all walks of life, and so do we. We ensure that all colleagues, future colleagues, and applicants are treated equally regardless of age, gender, marital or civil partnership status, colour, ethnic or national origin, culture, religious belief, philosophical belief, political opinion, disability, gender identity, gender expression or sexual orientation.
We are open to flexible and agile working, both of hours and location, offering a blend of working from home and our offices located in London, Southampton & Yeovil. Talk to us about how we can best support you!
The Senior IT & Security Risk Manager will enable visibility and management of risks that have the potential to impact our customers, colleagues, and operations through the implementation of an IT & Security Risk Management Framework that links Group Principal Risks and demonstrates risk reduction.
What's the job?
* Lead the development, implementation, and maintenance of the risk management framework covering Group Tech Risk and broader Cyber Security Risk.
* Oversee risk identification, assessment processes, and monitor potential risks to the organisation and its technology.
* Ensure risk impact is clearly understood and that both strategic and tactical mitigations are considered.
* Collaborate with Banners and technology teams to develop corrective action plans for identified risk and compliance issues.
* Develop and maintain reporting dashboards, providing leadership visibility of the risk posture against cyber and operational risk appetite.
* Adopt and communicate a risk-aware culture across the technology teams.
* Chair and/or attend relevant IT committees to represent risk and provide second-line consultancy.
* Assess outcomes of regulatory or contractual breaches, identifying risk impact and root cause for addressing weaknesses and improving frameworks.
* Manage internal and external audit activities, including planning, facilitation, input to findings, and resulting action plans.
What you'll bring
* Strong expertise in Risk Management and compliance in similar roles.
* Understanding of Enterprise & Security Risk Management within a technology function.
* Experience working with risk across various technologies such as Cloud, networks, software development, and agile/product models.
* Ability to communicate complex and technical issues to diverse audiences in an easily understood, authoritative, and actionable manner.
* Extensive experience managing Risk frameworks and mitigation programmes.
* Demonstrable experience of GDPR, NIST, provision 29 of the FCR, and PCI DSS.
* Experience managing auditors and influencing plans.
* Ability to interface with and gain respect from stakeholders at all levels.
* Proven reporting and presentation skills across a broad audience and at a senior level.
* Experience with GRC tooling, Power BI, Jira, and Confluence is advantageous.
Our Values
Be Customer Focused: constantly improving our customers’ experience
* I listen to my customers.
* I use available data to help make decisions.
Be Human: acting with humanity and care
* I do the right thing.
* I am respectful.
Be Curious: thrive on learning, thinking beyond the obvious
* I build and share new ideas.
* I try new things and share my learnings.
Be Agile: working with trust, pace, and agility
* I have courage to be creative.
* Done is better than perfect; I aim for 80/20.
Be Inclusive: acting inclusively in diverse teams to work together
* I embrace allyship.
* I have self-awareness and a desire to learn.
Be Accountable: championing the plan to deliver results and growth
* I own my actions.
* I understand the Kingfisher plan and how it relates to my role.
At Kingfisher, we value the perspectives that new team members bring, and we want to hear from you. We encourage you to apply for one of our roles even if you do not feel you meet 100% of the requirements.
In return, we offer an inclusive environment, where what you can achieve is limited only by your imagination! We encourage new ideas, actively support experimentation, and strive to build an environment where everyone can be their best self. Find out more about Diversity & Inclusion at Kingfisher.
We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career.
Interested? Great, apply now and help us to Power the Possible.
#LI-BN1
#J-18808-Ljbffr