On a broad scale, our Bank is currently enhancing its technology and paving the way to a more digital future, which means this is an exciting time to join the IT Governance, Risk and Compliance team (GRC).
For the IT GRC, this creates opportunity to work across the business and support the journey to build a risk management framework.
Working across IT, Data and Cyber systems and processes in both the UK and India, we provide assurance that our technology and information security strategies are robust, secure and compliant, plus aligned with the business.
About Us
The OSB Group is a FTSE 250 specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market.
Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia.
Alongside our passion for our products and customers, we're passionate about our people and want to continue building a collaborative and engaging environment. Being dedicated to Diversity, Equity and Inclusion, we encourage differences and recognise that individuals from diverse backgrounds and experiences can bring valuable insights and enhance the way we work.
What you will be doing
The IT Risk & Controls Manager will report directly to the Group Head of IT Governance Risk and Compliance and play a key role in the execution of RCSA processes and activities; delivering risk and control management services and working with stakeholders across the IT Department and business to ensure the risk posture and performance of IT, Data and Cyber services across the group are effective and fit for purpose.
Working within the IT Governance, Risk and Compliance team (GRC), the IT Risk & Controls Manager will play an essential role in delivering and supporting risk management services which ensure that our IT, Data and Cyber systems and processes are robust, secure, and compliant with all relevant legislation and regulations.
This position will be responsible for delivering against the IT GRC framework and supporting the continual improvement, which drives the key objective to provide assurance that technology & information security strategies are aligned with business.
Responsibilities include:
* Driving the development, maintenance, and ongoing enhancement of RCSA, Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs)
* Providing end-to-end accountability across IT functions for Risk and Control Management in line with expected standards, legislation and regulation
* Working with the first line SME teams to implement controls to mitigate operational risks and drive the move towards automated controls
* Providing expertise to support the first line risk owners in the development of appropriate Key Risk Indicators and metrics to ensure alignment and embedment of OSB’s risk appetite framework
* Representing the IT GRC team as a key subject matter expert for all items relating to IT, Data & Cyber Risk Management across various meetings
* Assisting in developing and delivering the IT Risk & Control Roadmap to drive risk maturity embedding both risk and control practices and culture
In return for your commitment
We offer a base salary, dependent on experience, between £60,000 - £75,000 and a competitive benefits package including:
* Discretionary annual bonus opportunity of up to 15%
* 28 days annual leave plus bank holidays
* Access to Private Medical Insurance and Medical Cash Plan
* Maternity & Adoption Leave – Occupational Maternity/Adoption Pay provided at 100% of salary for the first 26 weeks.
* Paternity Leave – 8 weeks of paid leave to be taken within 12 months of birth or adoption.
* Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase/sell schemes, Employee Perk Portals, Payroll giving and Save as you Earn scheme.
Could you be the one?
To be successful, you must demonstrate the following:
* Strong and demonstrable previous experience of delivering IT, Data & Cyber risk management activities which support an IT Risk Management Frameworks is essential. This should include a combination of conceptual thinking and practical implementation
* Strong technical understanding of risk management, including experience in risk and control frameworks within a regulated industry
* Strong and demonstrable experience in the development of Key Risk Indicators and the application of Risk and Control Frameworks
* An IT GRC industry qualification in support of risk management, such as CRISC, CISM or CISA
We also believe that your career and how you progress is as unique as your individual personality. We continually support our people so they can become the best version of themselves.
What to do next
If this sounds like you, please apply now! For internal applications please visit the internal careers page to apply.
Alternatively, if you wish to have an informal and confidential chat please get in touch. Contact details can be found on our careers page.
If shortlisted from your initial application we operate a personalised recruitment process. Interviews are a two-way street, we aim for them to be relevant and conversational to get the best out of you!
OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally. We embrace equal opportunities and are opposed to discrimination on any grounds.
#J-18808-Ljbffr