Job Purpose
As a Technology Risk Senior Lead within the First Line of Defence (1LOD) for M&S Digital and Technology (D&T), you will lead Technology Risk Management within the D&T Risk, Audit, and Compliance function, reporting directly to the Head of Risk, Audit, and Compliance. Your core responsibility will involve managing Technology Risk processes across D&T's Products and Platforms. Your primary objective is to ensure that both individual and aggregated Technology Risks are thoroughly identified, assessed, clearly understood, and effectively managed, with robust strategies in place for mitigating both strategic and tactical risks.
You will work closely with the D&T Products and Platforms teams to identify and assess Technology Risks, encompassing Operational, Transformational, Regulatory, and Emerging Risks, and detail the findings in the M&S GRC (Governance, Risk Management, and Compliance) platform. Your role is pivotal in ensuring that our Technology Risk Framework operates wi,
Summary
Job purpose
As a Technology Risk Senior Lead within the First Line of Defence (1LOD) for M&S Digital and Technology (D&T), you will lead Technology Risk Management within the D&T Risk, Audit, and Compliance function, reporting directly to the Head of Risk, Audit, and Compliance. Your core responsibility will involve managing Technology Risk processes across D&T's Products and Platforms. Your primary objective is to ensure that both individual and aggregated Technology Risks are thoroughly identified, assessed, clearly understood, and effectively managed, with robust strategies in place for mitigating both strategic and tactical risks.
You will work closely with the D&T Products and Platforms teams to identify and assess Technology Risks, encompassing Operational, Transformational, Regulatory, and Emerging Risks, and detail the findings in the M&S GRC (Governance, Risk Management, and Compliance) platform. Your role is pivotal in ensuring that our Technology Risk Framework operates wi
All the details
What's In It For You
Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day. We're an inclusive, dynamic, exciting, and ever evolving business built on doing the right thing and bringing outstanding quality, value, service to every customer, whenever, wherever and however they want to shop with us.
Here are some of the benefits we offer that make working for M&S just that little bit more special…
After completing your probationary period, you'll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
Competitive holiday entitlement with the potential to buy extra holiday days
Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
A generous Defined Contribution Pension Scheme and Life Assurance.
A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.
What you'll do
Take the lead in implementing the Risk Assurance Framework across all D&T Product and Platforms.
Conduct and coordinate Risk identification and assessments processes to identify and analyse potential risks to Technology Operations.
Develop comprehensive risk mitigation plans in response to identified Risks and control weaknesses.
Support the development and maintenance of Technology Risk Dashboards and reports that provide an executive overview of the Technology risk landscape, including key risk indicators, mitigation progress, and emerging risks.
Lead and develop a team of Technology risk professionals, encouraging a culture of continuous improvement, innovation, and risk-aware decision-making.
Who You Are
Strong experience of IT Risk and Technology Controls Frameworks and the application of Technology Risk standard processes and Risk Standards (ISO 31000, ITIL, Cobit 5, IS27001 COSO, NIST 800-53, SOX etc)
A track record as an experienced Risk and control practitioner in leading digital/technology controls (experience in managing Cloud and Data technology controls is highly desirable)
High-level analytical approach to sophisticated technical and business problems
Proven track record in technology control identification and management
ITGC controls experience preferable
Everyone's welcome
We are ambitious about the future of retail. We're disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We're transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.
We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.
If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don't hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.
#hybridrole