This job is with Beazley, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ business community. Please do not contact the recruiter directly. General Job Title: Senior Risk Manager - Technology & Cyber Risk Division: Risk Management Reports To: Head of Operational Risk Key Relationships: Internally: Risk and Compliance, IT Security and Cyber Risk, Third Party Risk, Internal Audit Externally: Regulators. Job Summary: The role will support a broad range of technology and cyber risk management activities, with a particular focus on Operational Risk and Third Party Risk. This role is most likely to suit an experienced technology or cyber risk professional with significant experience in the first line, Risk Management or Internal Audit. Key Responsibilities Risk management framework Provide oversight and challenge of Beazley’s first line processes around technology and cyber risk, including areas such as IT and cyber security, business continuity, IT resilience, digital risk and operational transformation, capital modelling and business planning. Produce risk reporting and opinions, including deep-dive reviews on hot topics influencing Beazley’s technology and cyber risk profile, to support reporting to internal and external stakeholders. Support the delivery of the ORSA, including business plan reviews, stress and scenario testing, and assessing capital adequacy and key and emerging technology, cyber and operational risks. Support the first line in developing risk management capabilities and facilitate the delivery of certain key submissions (e.g. CBES, IST). Support with the development of the wider risk management framework. General At Beazley we are committed to doing the right thing because it is the right thing to do. It is important that within all your interactions both internally and externally you adhere to this principle through adoption of Beazley’s core values and behaviours – PIED and Being Beazley. Adopt the Beazley culture of professionalism, integrity, effectiveness and dynamic attitude that contributes to an internal environment of teamwork and promotes a positive brand image and experience to our external customers. Comply with Beazley procedures, policies and regulations including the code of conduct which incorporates the PRA and FCA Conduct Rules. Undertake training on Beazley policies and procedures as delivered by your line manager, Culture and People or assurance teams (compliance, risk, internal audit) either directly, via e-learning or the learning management system. Display business ethics that uphold the interests of all our customers. Ensure all interactions with customers are focused on delivering a fair outcome, including having the right products for their needs. Comply with any specific responsibilities necessary for your role as outlined by your line manager, Culture and People or assurance teams (compliance, risk, internal audit) and ensure you keep up to date with developments in these areas. This may include, amongst others, Beazley’s underwriting control standards, Beazley’s claims control standards, other Beazley standards and customer relationship management. Carry out additional responsibilities as individually notified, either through your objectives or through the learning management system. These may include membership of any Beazley committees or working groups. Personal Specification: Education and Qualifications A university degree in a relevant field or an equivalent combination of education, training, and experience with security frameworks and industry standards. Professional risk management or practioner qualifications are desirable but not required e.g. IRMCert (Institute of Risk Management) PCIRM (Practioner Certificate in Information Risk Management) MBCI (Member of the Business Continuity Institute) Institute of Internal Auditors CISA (USA Cyber Defence Agency) CRISC (Certified in Risk and Information Systems Control) CISSP (Certified Information Systems Security Professional] Skills and Abilities Methodical approach to problem solving, with a high attention to detail. Ability to act pragmatically in the face of new challenges and exercise sound judgements based on overall business needs. Excellent interpersonal, communication skills, and ability to tailor communication to both technical and non-technical audiences. Ability to prepare comprehensive well written reports for internal and external stakeholders. Proven project management and organisational skills with track record of delivering projects to strict deadlines. Results oriented, with the energy and determination to succeed in a fast-paced environment Advanced proficiency in using Microsoft Office. Familiarity with latest trends in technology architecture, data privacy and cyber security. Knowledge and Experience Experience of working as an IT or cyber risk professional would be a significant advantage, with knowledge of Solvency II requirements, risk management and actuarial principles. Experience of providing challenge across any of the following areas would be an advantage: IT and cyber security, business continuity, IT resilience, third party risk, digital risk and operational transformation, capital modelling and business planning. Experience in providing risk challenge to the first line and producing and presenting risk analysis to internal and external stakeholders. Interest in gaining a deeper understanding of operational risk management in the Lloyds’ / London Market. Knowledge of relevant industry standards and best practice would be advantageous including: ISO 27001 - International standard for an Information Security Management System (ISMS) ISO 22301 - International standard for Business Continuity Systems (BCMS) NIST (National Institute for Standards and Technology) COBIT (Control Objectives for Information and Related Technologies) ITIL (Information Technology Infrastructure Library) Aptitude and Disposition Outcome focussed, self-motivated, agile and flexible. Technically innovative, a problem solver and solution builder. Professional approach to interact successfully with colleagues. Able to work with multi-cultural and multi-location teams. Ability to work closely in a team environment and develop productive working relationships. Willingness to learn and achievement drive. Competencies Information seeking Problem solving Technical expert Time management Influencing others Quality focused Initiative Customer focused Analytical thinking Team working.