Risk Analyst –Technology & Cyber

Risk Analyst – Technology & Cyber
London, Glasgow, Leeds, Birmingham – Hybrid working (2 days per week in the office)

Let’s make the most of your talent

At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement, we’re a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day.

From Upstream Risk, Regulatory Advice and Compliance Management Information to Privacy and Data Protection, our Risk and Compliance teams keep us one step ahead, always. With links to every part of the business, and the responsibility for keeping people safe and compliant with all regulatory, claims, and underwriting controls, we’ve got opportunities to develop your skills no matter your specialisation.

What you’ll do

We are seeking a Technology & Cyber Risk Analyst to join our Second Line of Defence (2LOD) team. This role will support the oversight, challenge, and assurance of the technology and cybersecurity risks across the organisation, ensuring effective risk management practices in line with regulatory expectations and best practices.

You will support Risk oversight and challenge of Group and business area risk profiles, through:

• Utilisation of the Group risk management system, Workiva, to provide thorough analysis of risk actions, events, controls, metrics and management information for review by the Head of Area.
• Work with the business to ensure the completeness and accuracy of risk information contained within Workiva, including its compliance with the Enterprise Risk Strategy & Framework (ERMF) and Risk Management Process Minimum Standard(s).
• Maintain and drive forward continuous improvements to key 2LoD risk documentation to support decision making including the Aggregated Risk Profile and 2LoD Opinion process.
• Review and challenge controls and actions to ensure appropriateness to address any gaps identified.
• Conduct thematic and deep-dive reviews across the risk universe (as required) to provide assurance that Group-level risks are appropriately articulated and rated, with appropriate addressing actions (where necessary).
• Regular engagement with wider Risk teams to understand any compliance, regulatory or financial themes affecting business area risk profiles.
• Provide active support in the management and oversight of DLG’s Risk Appetite.
• Production of monthly reporting on Risk areas to the Operational Risk Committee (ORC), including provision of an aggregated view of Risk Profile as well as any notable Events and Actions for discussion and review (with support of the broader Risk team).
• Assist in the review, challenge and finalisation of papers for presentation at various committee and governance forums.
• Work collaboratively with the Risk Framework team to facilitate activities (where required) and provide insight to central Enterprise Risk Management processes such as the Risk & Control Self-assessment Process, and Emerging Risk process.
• Promote a strong risk and control culture and general awareness of risk management within DLG.

What we are looking for

• Experience in technology risk, cybersecurity, IT audit or risk management - preferably within financial services or regulated industries.
• Understanding of technology and cyber frameworks (e.g., COBIT, NIST, ISO 27001, ITIL).
• Ability to interpret complex technical risk issues and present them clearly to stakeholders.
• Strong numeracy, analytical and research skills.
• Strong planning and organisational skills.
• Awareness of the balance between risk, control and growth.
• Self-motivated, able to generate new ideas, and solve problems.
• Experience of conducting thematic risk assurance assessments.
• Experience of GRC systems would be beneficial.

What we’ll give you in return:

We wouldn’t be where we are today without our people and the wide variety of perspectives and life experiences they bring. That’s why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Core benefits include:

• 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover.
• Up to 10% annual bonus.
• 25 days holiday (rising by 1 each year to 28) + bank holidays and option to buy or sell up to 5 days.
• Additional optional Health and Dental insurance.
• EV car scheme allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way.
• Buy as you earn share scheme.
• Employee discounts and cashback.

Ways of Working

Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here.

There’s no-one else like you. No-one with the exact same mix of strengths, quirks, skills and thoughts. That’s why you could belong here. As part of a team of brilliant individuals, in a place that empowers you to be the best you can be. We’re proud of who we are, of what we do, and what every single one of us brings. Join us. Help us keep innovating and putting customers at the heart of everything. To be an insurance company of the future. When we work together, we can all achieve great things. Inspiring, challenging, and supporting each other to aim higher.

Together we’re one of a kind.

#LI-Hybrid

#LI-AG1

Want a career at Direct Line Group? Click here and view jobs you may be interested in and connect with Direct Line Group employees and recruiters.