Technology, Resilience, Security & Risk Manager
Role overview: We are pleased to offer a sought‑after opportunity to join our friendly and long‑serving Technology, Resilience and Security (TRS) team based out of our Northwich Centre of Excellence. The role will focus on maturing TrinityBridge’s Governance and alignment with industry‑standard frameworks, ensuring our ability to resiliently safeguard our clients, our people, and their assets. The role contributes to the ongoing development and evolution of the enterprise‑wide technology, resilience, and security governance strategy, ensuring alignment with business objectives, strategy and regulatory requirements. This colleague will sit on the TRS leadership team and will be responsible for line 1.5 operational risk outcomes for the CISO and Head of Enterprise Technology. The role currently has no direct reports.
Key responsibilities
Governance
* Own, chair and shape the future of the Cyber and Resilience Risk committee (CRC) and sub‑CRC‑monthly forums. The colleague will uphold the CRC terms of reference and ensure reporting against strategy and risk appetite by bringing to life the information with engaging data packs and presentations.
* Hands‑on responsibility for the governance lifecycle of TrinityBridge’s TRS policy and standards, monthly risk reporting and KRIs/KPIs, and Risk and Control Registers.
* Develop and maintain TRS risk appetite statements, MI, KPIs and KRIs in conjunction with the Operational Risk team, to ensure TrinityBridge reports with clarity on operation within the agreed tolerance.
* Produce full gap analysis reports on areas of improvement and risk, to support risk and cost reduction and strategy delivery, recommending thorough mitigation plans including justification for options considered.
* Independent review of problem management, incident management and KRIs to provide proposals and recommendations on continuous improvement and optimal performance of the enterprise function.
* Ownership of TRS risk assessment of third and fourth parties through the established third‑party management team.
* Monitor emerging regulatory requirements and ensure governance frameworks are updated accordingly.
Programme delivery
* Work closely with the TRS leadership team to ensure timely and accurate reporting of programme risks.
* Ensure TRS Governance is adhered to throughout business as usual (BAU) operation and business change, utilising the mature operational processes already in place.
* Act as an interface between business change and TRS leadership where deviations to process and risk acceptances may be necessary.
Communication, Reporting & Culture
* Responsible for TrinityBridge’s strong cyber and information security culture, acting as an expert on cyber and information security for the business.
* Independently able to produce comprehensive write‑ups of current risks and threats as they develop, producing expedient updates as situations change and span different threat vectors.
* Proactively report upwards on emerging cyber and data risks and threats, providing a view through a business lens on potential impacts.
People
* Operate with respect, diversity and inclusion principles as a key tenet of your role.
* Develop a culture of continuous improvement and appraisal as a foundation for excellent organisational performance, including operating within the firm’s people policies and processes.
* Build and develop relationships with organisation‑wide peers.
Regulatory responsibilities | Compliance/T&C
* Ability to demonstrate an understanding of the regulatory framework relevant to the role, whilst practising effective risk management taking account of outcomes for clients.
* Understand, follow and demonstrate compliance with all relevant internal and external rules, regulations and procedures that apply to the conduct of the business. Follow principles and rules of the Financial Conduct Authority (FCA) and the internal requirements set out in the Compliance Manual, local and Group Compliance and Risk policies.
About you | Qualifications, skills and strengths
Essential
* A genuine passion for creating engaging, professional risk reporting and presentations. The interview process will ask for an assessment of this skill.
* Experience in working in risk management roles with sole responsibility for risk areas.
* Whilst being hands‑on technical is not required, a fundamental understanding of Cyber/Information Security, resilience and technical risk is required.
* Pragmatic and able to work collaboratively to find solutions.
* Excellent writing comprehension and ability, with a drive to improve existing documents and processes.
* Excellent verbal communication skills, operating with empathy and psychological safety.
* Able to clearly articulate how stakeholders comply with requirements/expectations set by regulators, auditors, organisational risk appetite, senior management and the board.
* Experience in gathering, analysing and structuring data using Microsoft and AI tools.
* Experience in the development and production of dashboards and reports, including MI, KPIs and KRIs.
* Ability to work independently within a defined remit, managing schedule and multiple objectives.
* Ability to collaborate effectively with colleagues at all organisational levels.
Desirable
* Working as a cyber security and technology risk manager at a financial services organisation.
* Possess a working understanding of industry standard frameworks and concepts such ISO27001, SOC Type I & II, ITIL, COBIT, Agile, NIST, DSIT, CMMI, DORA.
* CISM or business analysis certification or qualification.
Equal Opportunities
As an employer, TrinityBridge is committed to equality and valuing diversity within its workforce. We provide equality of opportunity and will aim to ensure that no employee’s or candidates are subject to discrimination on grounds of any characteristics including but not withstanding gender, gender identity, marital status, sexual orientation, race, colour, nationality, religion, age, disability, working pattern, caring responsibilities, political beliefs.
#J-18808-Ljbffr