A Fin Tech business located in London is seeking a senior risk manager to join the Risk and Assurance team to support the development and embedding of a strong risk management and operational resilience culture across the organisation. Reporting to the Director of Risk and Assurance, you will contribute to the identification, assessment, and management of risks that could impact important business service
Overview
Develop and maintain a business continuity policy and recovery plan and procedure in accordance with IS0 22301. Ensure disaster recovery procedures/plans are incorporated into the business continuity plan.
Conduct business impact assessments for/with various departments and functions, analysing potential business impact of unpredictable business interruptions such as cyber attacks, security breach, privacy incidents
Create and facilitate incident response simulations to ensure business readiness for disasters/unexpected events
Collaborate with engineering, IT and cyber security teams to ensure incident response plans are fit for purpose and in line with the incident response policy, and communicated effectively.
Highlight risks and areas for improvement after each exercise/incident, and ensure issues are captured, completed, and reviewed for mitigation
Maintain and enhance the Supplier Risk Management Framework, including defined risk appetite, governance structures, and supporting policies and procedures.
Maintain and continuously improve supplier risk scoring models to effectively evaluate supplier performance and risk exposure.
Oversee the identification, assessment, and ongoing monitoring of supplier risks, including financial, operational, regulatory, cybersecurity, geopolitical, and ESG (Environmental, Social, and Governance) risks
Produce management reports, risk updates, and governance materials for senior management, risk committees, and external stakeholders, providing assurance to auditors and clients
Experience Required
5-7 years of work experience in the practice of operational resilience and risk management
Experience running multiple, high-priority projects and advancing complex projects
Knowledge and experience of industry frameworks such as IS0 27001 and ISO 22301 desirable