Senior Risk Manager Cyber and Resilience

Nationwide Building Society
53000.00 - 81000.00 GBP Annual
20 Sep 2017
15 Oct 2017
Contract Type
Full Time


We need:
  • Senior Risk Manager Cyber and Resilience
  • Salary range from GBP53,000 - GBP81,000
  • Full time, permanent contract
  • Send in your application by 31st of October

We are moving into the next chapter of our Society's history with a refreshed strategy, which allows us to leverage the benefits of mutuality and adapt to the ever-changing needs of our members. An organisation where we make a difference to our members' and colleagues' lives, driven by a desire to do the right thing, in the right way.Our mutuality and brand purpose 'Building Society Nationwide' defines and differentiates us. Our reputation as a good employer reflects the very special culture and ethos of Nationwide, which is encapsulated in our values.

As a modern mutual, we are always striving to better ourselves to deliver an excellent service for all our members; services relevant to the digital age but with the continuing personal touch.

In this Senior Risk Manager position, you will help us not only to preserve the value of the Society but also to create new value. You will be working in Operational Risk Oversight within the Second Line of Defence, supporting the business and the board in making risk-informed decisions. Your team leads in the oversight of risk and controls for Cyber, IT Operations Delivery, Security, Resilience, and Business Continuity, ensuring that we meet both member and regulatory expectations for service delivery.

This is an important and exciting job that provides the unique opportunity both to stress test the risk environment for capital modelling and to challenge control effectiveness, to join the team that pulls together Board Risk Appetite for Cyber and Resilience, and to operate across the full spectrum of digital services, providing the board with assurance that the Society is Safe, Secure and Sustainable.

Who we're looking for

As a minimum the successful applicant will need to demonstrate:
  • Experience of Operational Risk within a large FTSE 100 organisation or equivalent public sector area.
  • Strong leadership, influencing and communication skills (written and oral) with the confidence to engage senior leadership and to maintain effective working relationships.
  • Personal drive and initiative combined with the ability to work effectively within a team, building collaboration and delivering results.
  • A commitment to building their own career and to develop themselves as a leader and risk professional, but equally to mentor and coach others within the Society.
  • Experience in leading or providing risk oversight of: IT, Cyber and Resilience Operations, or Security, Enterprise Architecture, or in delivering major IT/Cyber Programmes and Projects.
  • Experience in incident response, incident management and incident recovery; with a willingness to support such activity from a risk perspective.

What you'll be doing

This role is suited to an applicant with either a proven track record in IT/Cyber related operational risk, or Cyber Security and Resilience professionals who are looking to broaden their careers into Risk.

You will work closely with the First (Business Areas) and Third (Audit) Lines of Defence, with exposure to Heads of Function and Directors. Specific responsibilities will include:
  • Providing Risk Oversight on the effective management of:
  • Cyber Security
  • Resilience (Response, Recovery and Business Continuity)
  • IT (from design to operation and through change)
  • IT, Cyber and Resilience Programmes and Projects
  • Security and Business Protection
  • Coordinating and managing the delivery of associated risk and control assessments; providing evidence-based opinion and challenge where necessary.
  • Maintaining an understanding of the Society's enterprise and Strategy to help assure both operational effectiveness and efficiency.
  • Challenging First Line management information, papers and activity, face-to-face and in writing for submission to executive committees and boards
  • Stressing the risk environment, conducting and leading in-depth risk reviews, and helping First Line to develop and deliver actions to close issues and minimise risk.
  • Raising awareness of the Society's operational risk exposure and leading on the development of Board Risk Appetite for Service Availability, Service Recovery and Business Continuity.
  • Supporting the scenario analysis used for Capital Modelling.
  • Working closely with IT Operations, Delivery and Security, across all associated disciplines.
  • Maintaining a strong internal and external network and keeping up-to-date with the latest digital technology and approaches to operational risk management.
  • Maintaining a knowledge of risk trends across the sector that could be used to inform Oversight activity.