Operational Risk Manager - Technology - General Insurance

Operations Risk Manager role focused on technology for a Leading Global Insurance Firm. This is a role that reports into the CIO and is responsible for the IT Operational Risk landscape. In their role, the Operational Risk Manager will work closely with the leadership team in the CIO organisation to understand the IT operational risk landscape and manage it accordingly. The individual will also work closely with key senior stakeholders across the firm including Risk and Internal Audit functions to ensure key risks are raised at the appropriate forum and that between the 3 lines of defence there is adequate oversight and coverage of IT risks.

The Operational Risk Manager plays an instrumental role in supporting the technology strategy for the business as the CIO looks into bringing emerging technologies within its remit, adopting a cloud-first strategy and changing the end-to-end technology delivery operating model, all with a sense of driving down the total cost of ownership.

The individual in this role will be able to influence the definition and delivery of the firm's technology strategy by balancing business and technology priorities with risk appetite. The role also involves the following:

• Helping the CIO monitor and proactively manage risks in relation to new technology such as transition to BAU working closely with the service acceptance and service assurance teams.
• Collating an aggregated risk view/landscape of the CIO function including people, processes, 3rd parties and technology risks and raising to the CIO leadership team to ensure they are properly managed
• Supporting the CIO leadership team in making strategic decisions (e.g. when pursuing new strategy or adopting new technologies) by raising potential risks and mitigants to chosen paths
• Coordinating with 2nd and 3rd lines of defence

The Operational Risk manager will work closely with the CIO leadership team to ensure current and future risks to live service (including capacity, resilience, capability, people, etc), IT change delivery, use of 3rd parties amongst others are timely identified prioritised and proactively managed. The individual will also represent the CIO function at relevant forums

Responsibilities:

• Identifying and managing operational risks across the firm's technology landscape, including the CIO organisation and 3rd parties
• Maintaining operational risk logs across all areas of technology and the CIO organisation along with the identification of safeguards to ensure they are mitigated
• Involvement and decision making when individual risk acceptances are submitted to CIO
• Coordinating 2nd and 3rd lline defence functions to ensure risks are raised and understood by the appropriate forum
• Continuously monitoring relevant KRIs to ensure risks remain within appetite
• Driving a risk culture in CIO and across suppliers, influencing them to manage risks accordingly
• Effective articulation of existing and desired risk position