Technology Risk Lead - Business Applications
30 June 2019 Please note, this vacancy will close at 00:01am on the specified closing date rather than 11:59pm. Please ensure all applications are received before 00.01am on the specified closing date. Salary Range
£78,150 - £104,200 We support agile working - click here for more information on agile working options. Agile Working Options
Other Agile Working Arrangements / Open to Discussion Job Description Summary
Lead the formulation and delivery of strategies, policies and processes to identify risks; challenge and advise the business to mitigate and control risks in accordance with the risk appetite. Influence key senior stakeholders, deputise for senior colleagues and contribute to broader strategic planning and business decision-making by providing insight, control and thought leadership
In COO Business Risk we help to deliver the Group's vision by executing day to day risk, control and monitoring related activities, focusing on Operational, Compliance and Conduct Risk. We are a first line of defence control function, responsible for establishing and maintaining an effective control framework, ensuring each business area is measuring, monitoring and controlling risks within their areas of accountability.
A key part of how we keep the Group safe is by embedding a strong risk and control culture across the business. The COO Business Risk Function supports Group CIO and Group Transformation colleagues in the identification and management of risks and issues, ensuring that they are compliant with Group Policies, Regulatory Standards and maintain control of their business in an effective manner. The world is constantly changing and organisations have to adapt and respond to new risks and heightened regulatory interest in areas such as IT Resilience, Cyber Security, Codes of Conduct, new technologies, etc. Key Role Specifics:
Leadership / Management
- Responsible for independent IT risk assessment activities and complex reviews/analyses to provide reliable, independent evaluation of risk management effectiveness and agree management actions with senior IT / business stakeholders to address issues highlighted.
- Prepares and interprets, with insight and information from multiple sources, recommendations for action, which also provide a basis for delivering challenging guidance and advice to influence decisions and behaviours in assigned business areas.
- Establishes and builds strong relationships across COO Business Risk and Group CIO with both senior stakeholders and the teams to influence and challenge key business decisions and support successful development and delivery of business objectives.
- Leading the formulation and delivery of strategies, processes and realistic scenarios to identify risks; with the ability to challenge and advise the business to mitigate and control risks in accordance with the risk appetite.
- Understands the business context of the COO Business Risk team, it strategies and supports the formation of a forward view of risk based on an expert understanding technology risk.
- Proactively manage, develop and maintain intra-group relationships across the Three Lines of Defence, e.g. Group Risk, Group Audit, to optimise results in areas of common interest.
- Recognised by peers as a highly capable IT subject matter expert - ability to be sole representative for the area and provide leadership of operational risk and IT Management.
- Specific knowledge covering the breadth and depth of technology risk with experience to lead across a variety of key risk areas impacting the business, from strategic, operational and change perspectives.
- Responsible for ensuring that programme impact of the IT Risk & Control Framework is clearly understood, ensuring we remain resilient and secure as a Group.
- Influence key senior stakeholders and contribute to broader strategic planning and business decision-making by providing insight, control and thought leadership.
- Role models the LBG Values and Behaviours and demonstrates visible leadership in their area of expertise which inspires and challenges others, e.g. at Risk Committee(s), leading working group discussions with senior stakeholders.
- Remains positive, calm and resilient under pressure, takes clear responsibility and leads and supports the team/function in determining priorities and continuing to deliver expected business outcomes.
- Builds a team of technology risk subject matter experts (SME) and develops capability to perform comprehensive and/or complex risk and control reviews.
- Maintains a strong focus on quality and inspires delivery of insightful and progressive risk and controls activities relevant to the business areas supported.
- Develops clear strategies and plans for the team aligned to business priorities and works with their team to translate this into meaningful goals and commitments to improve risk management.
- Performance manages and builds trust with their team ensuring all colleagues understand their role, have appropriate training to develop competency and are coached to maintain a high performing team.
- A focus on quality activities by both self and through others, having strong influencing, attention to detail and determination to achieve on time results to achieve best results for the Group and our customers.
- Encourage others in the business to promote innovation as an opportunity for business performance.
- Actively promote inclusion in the business, ensuring people show awareness, appreciation and respect for colleagues across the Group.
- Strong performance management understanding and background.
- Stands up and accepts responsibility during challenging times, with an aim to resolve any difficulties being faced.
Communication & Stakeholder Management
- Strong practical experience of leading delivery in a relevant technology / technology risk function covering a variety of key skill areas, including some or all of the following:
- Digital architecture, cloud technologies, DevOps, software engineering, agile and waterfall methodologies and approaches, 3rd party supplier governance, IT resilience, incident management.
- Demonstrates a good understanding of application architecture, roadmap development and key technology risk areas and builds LBG specific and industry knowledge on an ongoing basis in order to talk confidently and competently with business area Band G level and above.
- Leads specific significant risk mitigation initiatives or represents COO Business Risk at governance bodies for major business risk reduction / remediation initiatives that deliver a tangible improvement to the Division's technology risk profile.
- Maintains understanding and provides counsel to the business area at a senior level on internal risk themes, external risk trends and regulatory requirements to support business risk management and controls development.
- Provides risk insight into the business area risk governance and development of business area strategy and medium term planning, ensuring the LBG Risk Management Framework requirements are met.
- Supports the business in defining relevant risk scenarios and business area risk appetite, aligned to Board Risk Appetite, to ensure that risk management is effective, and technical controls are in place that are automated where possible.
- Leads risk projects or represent COO Business Risk in corporate projects with an impact across a whole division.
- Understand activities and responsibilities of peers internally, in the same industry and similar external sectors, ensuring that knowledge and network of these areas is maintained and kept up to date.
Organisational and Environmental Awareness
- A strong proven ability to create and deliver high quality outputs in appropriate business format (both verbal/written) highlighting key and challenging messages in a clear and concise way for use at senior executive level or by external parties (e.g. Regulators, Risk Committees).
- Engages senior stakeholders to influence and challenge key business decisions and support successful development and delivery of business objectives - leads or attends appropriate risk forums and committees.
- Proactive in developing relationships and building alliances across difference parts of the business, seeking common ground to align and deliver on objectives.
- Able to assess the impact of change on products, systems, processes and people.
- Developing relationships with peers and key IT industry communities', leveraging contacts where appropriate.
- Has clear organisational awareness and established network to allow for seamless cross functional working to improve processes and mitigate bureaucracy.
- A willingness to self-reflect and take an external view of how the team and organisation can make improvements for better ways of working to support colleagues and customers.
- Ability to plan for and anticipate forthcoming changes affecting the IT Risk landscape, taking account of both internal and external factors.
- Can deliver on the need for planning and ensuring we provide good value for the business, using the Groups resources responsibly and speaking up when this is not the case.
- Facilitate deep dive risk reviews - and ensure, legal, regulatory and professional compliance
- Make decisions that contribute to the business bottom line performance and able to manage others to embed this.
At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we're building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.
- Communicates and explains change effectively. Plans and implements changes, gaining commitment and understanding - minimising disruption to service.
- Emphasise and drive efficiency across the organisation, developing an agile mindset and culture that ensures others play their parts in processes and improvements.
- Able to identify and remove roadblocks for the team, bringing forward new ideas and seeing them implemented successfully within the business area.
- Able to prioritise own work load correctly to manage tasks requiring a high level of proficiency and detail.
- Taking an agile approach adapting to change and responding to different priorities and ways of working, continually willing and able to adapt and lead transformation changes.
- Identifies opportunities for change champions to deliver continuous improvement to systems and processes in an agile and efficient way.