Head of Technology Risk Oversight & Support

Head of Technology Risk Oversight & Support page is loaded

Head of Technology Risk Oversight & Support

Apply locations Cannon Street Office Kingswood Fields Office

Time type: Full time

Posted on: Posted 14 Days Ago

Job requisition id: J54584

About the Opportunity

Job Type: Permanent

Application Deadline: 28 February 2025

Title: Head of Technology Risk Support & Oversight

Department: Global Risk

Location: UK

Reports To: Head of Non-Financial Risk

Level: Director

We’re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our Non-Financial Risk Oversight team and feel like you’re part of something bigger.

About your team

The Non-Financial Risk Oversight team leads the development, implementation, and enhancement of the firm’s Non-Financial (Operational) Risk Management framework, provides oversight and advice to the firm’s Corporate Enablers (Enterprise Technology, General Counsel, Chief Finance Office, and Chief People Office) and owns the policy for a number of Non-Financial Risk types. The Technology Risk team provides oversight of the information security, cybersecurity, and technology failure risks. In addition, the team also provides hands-on and proactive risk management support to all technology functions across FIL in ensuring that risks, events, and issues are understood, logged, and managed, in accordance with Fidelity’s risk management framework and within Group Risk Appetite.

About your role

The Head of Technology Risk Oversight & Support will be responsible for managing the Technology Risk function that sits in the Global Risk team. With the increasing regulatory focus on technology, cyber, and information security risks, it’s expected that the depth and breadth of coverage required by the team will expand and grow, requiring more in-depth, detailed analysis of core technology solutions and approaches to mitigate associated risks. You will lead the team to extend coverage, oversight, and support, working closely and partnering with all technology teams to further embed an exceptional risk management culture that is fully aligned with the expectations of future regulatory direction. You will bring your extensive industry experience to this role, providing strategic thinking and thoughtful insights and balance on technology and cyber risks to contribute to FIL’s senior management decision making, including providing boards and oversight committees updates and insights. As part of the Global Risk team, you will also contribute as an SME to senior risk colleagues.

Your responsibilities include:

• You will lead the team to provide risk management support and oversight to the technology functions and its senior management, ensuring effective management in accordance with Fidelity’s risk management framework and within Group Risk Appetite.
• You will work closely with Risk, Resilience, and Procurement colleagues to ensure the technology vendor strategy aligns with corporate policy.
• Building on a robust policy basis, you will work closely with all technology teams to drive compliance with regulations, and grant exceptions/waivers/risk acceptances where appropriate, while staying within the Global Risk appetite.
• Working with Technology Compliance, you will support horizon scanning of new regulations and define minimum control requirements for technology policies.
• You will develop effective assurance mechanisms for technology, information security, and cybersecurity risk policies by engaging with the owners of procedures and standards, ensuring relevant KRIs are embedding in technology BAU activities.
• You will closely partner with Technology teams and support their day-to-day risk management activities, including assisting and facilitating with Risk and Control Self-Assessments, proactively identifying issues, chairing and ensuring smooth running of the dedicated Technology risk forum, and assisting with the management of risk events where appropriate.
• Maintaining strong working relationships with Audit and Compliance teams to compare and contrast risk themes and trends to ensure that oversight Risk, Compliance, and Audit functions are as closely aligned as possible and no duplication occurs.

About you

You exhibit true leadership qualities and draw on experience to define an effective operating model and shape an inspiring team. You have a vision on how to protect an organisation from technology failure, information security, and cybersecurity risks and understand how to collaborate with business partners, motivate others, and garner commitment.

Subject Matter Skills/Experience

• Content expertise in technology risk management relating to but not limited to the following disciplines: information security and cybersecurity, technology failure, IT compliance, data quality and governance, architecture, AI, development and testing, resilience and disaster recovery, EUC (End User Computing), third party management.
• 10+ years of technology and/or info/cyber security risk related work experience, preferably in the financial services industry.
• Strong practical experience in operational risk management (including framework design and implementation).
• Ability to quickly grasp new technology concepts, new infrastructure components, and their impact on the overall infrastructure topology.

Interpersonal Skills

• Comfortable in challenging environments, experienced in interacting with and presenting to very senior management and working in a matrixed technology environment.
• Strong analytical and problem-solving skills; someone who can thoroughly grasp complex situations and cut through to the key elements without getting lost in the detail. Pragmatic, balanced, and commercial decision making.
• Excellent communication, collaboration, influencing, and interpersonal skills; ability to convey ideas clearly and succinctly to a broad range of people both verbally and in writing. Can explain risk succinctly and in non-technical terms; demonstrates capacity and skills of ‘winning over’ business stakeholders. Ability to promote and inspire others on Risk topics and to increase the overall awareness of technology risks across the organisation.
• Ability to work under pressure, both individually and in collaboration with others.
• Flexible, approachable, and adaptable, and respond rapidly to changing business needs; able to re-prioritise and organise effectively.
• Dedication to delivering high quality standards and client satisfaction; with the highest personal standards of integrity and confidentiality.

Qualifications

• Bachelor’s Degree minimum in Technology, Engineering, Business, or similar.
• Candidate would preferably have a CISSP or equivalent security certification; other security management certifications such as CISM and C|CISO an advantage.

Feel rewarded

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.