Technology Risk & Resilience Manager
Location: London or Dublin (Hybrid)
Overview
A global financial services organisation is looking for an experienced Technology Risk & Resilience Manager to join its second line risk function. This role provides independent oversight and challenge across IT, information security, and third-party technology risk, ensuring alignment with regulatory expectations and internal risk frameworks.
Key Responsibilities
Second Line Oversight & Frameworks
-
Provide independent oversight of the Technology Risk framework (IT & Information Security)
-
Ensure alignment with operational risk and resilience frameworks
-
Define and support governance between first and second line responsibilities
-
Challenge mapping of applications, infrastructure, and third-party services to business services
Risk Assessment & Challenge
-
Review and challenge risk identification across applications, infrastructure, security, and third parties
-
Assess risk registers, controls, and remediation activities
-
Challenge risk ratings and residual risk positions where required
Operational Resilience
-
Support integration of technology risk into resilience frameworks
-
Review incident classification, impact assessments, and reporting
-
Contribute to resilience testing and scenario analysis
-
Ensure alignment with regulatory expectations around service mapping and incident thresholds
Third-Party Risk
-
Oversee technology-related third-party risk exposure
-
Assess vendor dependency and concentration risk
-
Ensure alignment with broader third-party risk frameworks
Change & Control Oversight
-
Provide oversight on BAU IT change and transformation initiatives
-
Review changes impacting critical or client-facing systems
-
Conduct thematic reviews of incidents, audit findings, and control gaps
Governance & Reporting
-
Prepare and review risk reports and committee papers
-
Support regulatory and internal reporting requirements
-
Translate technical risks into clear business insights
-
Support risk appetite monitoring and reporting
Stakeholder Engagement
-
Work closely with senior stakeholders across technology, risk, and business teams
-
Engage confidently with senior leadership (CIO/CISO/CTO level)
-
Support embedding of risk and resilience practices across the organisation
Requirements
Experience
-
10+ years in technology risk, IT risk, or cyber risk
-
Experience in a second line / oversight role
-
Strong background in regulated environments (ideally financial services)
-
Experience across technology risk, information security, third-party risk, and resilience
Technical Knowledge
-
Familiarity with frameworks such as NIST, ISO 27001/27002, COBIT
-
Understanding of regulatory expectations around operational resilience and ICT risk
-
Knowledge of IT architecture, applications, and infrastructure risk
Skills
-
Strong stakeholder management and communication skills
-
Ability to challenge and influence senior stakeholders
-
Strong analytical and problem-solving ability
-
Ability to translate technical concepts into business language
Qualifications
-
Degree in technology, business, or related field
-
Certifications such as CRISC, CISSP, or CISM are beneficial
Nice to Have
-
Experience in asset management, fund services, or banking
-
Exposure to multi-jurisdictional regulatory environments
-
Experience with Power BI, Tableau, or similar tools
-
Strong Excel and reporting capability
