Senior Risk Professional - Operational, Technology and Outsourcing
We are seeking a seasoned risk professional to join our team. The successful candidate will be responsible for providing independent oversight, challenge, and advisory support on the effectiveness of our operational, technology, and outsourcing risk management practices.
The ideal candidate will have a deep understanding of operational resilience and digital banking operations, with strong ICT, Security, and Third Party risk management expertise. They will be proactive and strategic in their approach, with excellent analytical, problem-solving, and project management skills.
Key Responsibilities:
* Acting as the second line subject matter expert (SME) for operational risk, ICT and security risk (including cyber), and third-party/outsourcing risk.
* Providing effective oversight and challenge of first line risk and control self-assessments (RCSA), incident management and reporting, issue remediation and risk mitigation processes.
* Supporting the ongoing development and maintenance of our Operational Risk Management Framework (ORMF), policies, standards, and associated ICT, Security, and Third Party Risk Management policies and risk appetite metrics.
* Conducting second line assurance reviews and risk deep dives into critical operational and technology areas, providing actionable recommendations and insights.
* Reviewing and challenging the design and effectiveness of controls over key technology systems, digital infrastructure, and outsourced service providers.
* Providing second line input into our technology and security strategies, business continuity planning, and third-party onboarding processes.
* Overseeing the implementation and testing of the Digital Operational Resilience Act (DORA) in the EU and ensuring compliance with applicable local regulatory standards.
* Partnering with supplier operations, legal, and technology and information security teams to assess third-party risk throughout the outsourcing lifecycle.
* Preparing operational, technology, and third-party risk reports and providing updates to relevant governance forums, including risk committees and senior management.
Requirements:
* 10+ years' experience in operational risk, technology risk, or related roles in financial services, ideally within a digital or challenger bank.
* A deep knowledge of risk management practices, regulatory expectations, and industry standards related to operational, ICT, and outsourcing risk.
* A strong understanding of digital banking technology, including cloud computing, cybersecurity, fintech integrations, and data management.
* Experience in evaluating and challenging risk and control environments, particularly in high-growth or fast-changing environments.
* A proven ability to navigate complex stakeholder landscapes and influence decision-making at senior levels.
* A detailed understanding of regulatory requirements such as EBA Guidelines on ICT & Security Risk Management, EBA Guidelines on outsourcing arrangements, DORA, Central Bank of Ireland Guidance on Operational Resilience, General Data Protection Regulation (GDPR), Payment Service Directive (PSD2/PSD3).
* Experience conducting Business Impact Assessments (BIA) and scenario testing.
* Strong analytical, problem-solving, and project management skills.
* Excellent stakeholder management and communication skills, with the ability to influence senior leadership.
* Experience working with regulators and managing regulatory engagements.