1st Line Operational Risk Manager - Information Security
Posted 25 days ago
- London, Greater London
- Any
- External
- Expires In 2 months
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion
for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Title and Summary1st Line Operational Risk Manager - Information SecurityInformation Security Risk Manger, 1st Line Operational Risk Management Our PurposeWe work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion
for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Title and Summary1st Line Operational Risk Manager - Information SecurityInformation Security Risk Manger, 1st Line Operational Risk ManagementJob Description SummaryBackgroundThe company• Vocalink Limited (VLL) is a technology driven payments company with a unique and unrivalled position within the UK domestic payments industry.• VLL has 4 core service offerings which it delivers in a highly resilient, secure and seamless way, namely:1. Bacs - which processes 90+% of UK government benefits, 90% of UK salaries and 70% of household bills (Bacs);2. FPS - the world’s first 24*7*365 real time payment system;3. LINK - UK’s ATM network that connects to over 53,000 cash machines; and4. ICS – an image based clearing system for cheques processing (ICS).• Due to these responsibilities and its strategic importance to the UK economy, VLL is designated as a Critical National Infrastructure (CNI) and is regulated by the Bank of England.• VLL is also an integral member of the Mastercard Group and with it the benefits of financial security, economies of scale as well as access to innovative technologies and a global talent base.The Team• VLL, in line with its industry peers operates a 3 Lines of Defence(3LOD) risk management model.• This role is within the 1st Line Risk and Control Team, which itself was established at the start of 2023. The Team, whilst being in the 1st Line of Defence (1LOD), sits in between VLL’s 1LOD functions and its 2nd Line of Defence (2LOD) functions such as Risk and Compliance.• The Team acts as a critical friend and risk partner to the 1LOD and as its champion and central point of liaison in risk interactions with the 2LOD. The Team supports the embedding of robust risk management practices into BAU operations, help implement VLL’s risk transformation agenda and promote a risk awareness and a proactive risk culture.• This is an exciting opportunity to join a growing team whose remits covers the breadth of VLL’s operation with exposure to senior stakeholders across the organisation.Role overview• Advise 1LOD functions on the application of operational risk management practices and changes to their day-to-day activities.• Monitor compliance to the firm’s risk management policies and processes as well as support the implementation and embedding of operational risk change initiatives across the 1LOD functions.• Consolidate and review key risk information so that the team can meet its reporting commitments to appropriate governance forums, key stakeholders and 2LOD functions.Responsibilities of the role• Provide risk advice to 1LOD functions by leveraging understanding of the firm’s management policies and processes as well as applicable industry best practices.• Support the development and/or implementation of applicable procedures to enable effective 1LOD adoption of the firm’s risk management policies and processes.• Support risk assurance activities conducted on the 1LOD through the provision of required information and explanation.• Support the senior members of the team to conduct ad hoc risk assessments and deep dive root cause analysis on priority risk areas or areas of material control deficiencies.• Support the effective running of formal risk governance committees and informal forums and working groups.• Promote collaborative working relationships with stakeholders at all levels of the organisational hierarchy (function, entity and group).Relevant experience• Experience of implementing recognised industry standards such as security (e.g. CRI, ISO27001) and operational resilience / BCM (e.g. ISO 22301) and IT (e.g. ITIL). [Preferred]• Experience of managing or partaking in the RCSA process ideally in a financial services, IT or payments context. [Preferred]• Experience of working in 1st or 2nd line risk teams or within 3rd line Internal Audit functions within a financial services environment. [Preferred]• Experience of working in any of the following disciplines, not necessarily in a financial services environment: Technology (e.g. incident/change/problem management), Cyber Security (e.g SOC, vulnerability mgmt. etc), or Operational Resilience (e.g. Third party management, scenario analysis etc).• Experience of applying operational risk frameworks and using of GRC solution.• Experience of working on cross-functional initiatives to design and implement best practice risk management practices.• Experience of working on complex cross-functional strategic initiatives, projects and teams.• Experience in delivering presentations and engaging with a wide group of stakeholders.Relevant skills• Excellent communication skills (both written and oral)• Attention to detail with strong reporting and presentation skills• Ability to self-start, problem solve and work under pressure• Adept use of MS Word, Excel and PowerPoint• Basic use of PowerBI, Tableau, Domo, Access database or other reporting tools• Basic understanding of database management and SQLCorporate Security ResponsibilityAll activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:Abide by Mastercard’s security policies and practices;Ensure the confidentiality and integrity of the information being accessed;Report any suspected information security violation or breach, andComplete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Title and Summary1st Line Operational Risk Manager - Information SecurityInformation Security Risk Manger, 1st Line Operational Risk Management Our PurposeWe work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion
for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Title and Summary1st Line Operational Risk Manager - Information SecurityInformation Security Risk Manger, 1st Line Operational Risk ManagementJob Description SummaryBackgroundThe company• Vocalink Limited (VLL) is a technology driven payments company with a unique and unrivalled position within the UK domestic payments industry.• VLL has 4 core service offerings which it delivers in a highly resilient, secure and seamless way, namely:1. Bacs - which processes 90+% of UK government benefits, 90% of UK salaries and 70% of household bills (Bacs);2. FPS - the world’s first 24*7*365 real time payment system;3. LINK - UK’s ATM network that connects to over 53,000 cash machines; and4. ICS – an image based clearing system for cheques processing (ICS).• Due to these responsibilities and its strategic importance to the UK economy, VLL is designated as a Critical National Infrastructure (CNI) and is regulated by the Bank of England.• VLL is also an integral member of the Mastercard Group and with it the benefits of financial security, economies of scale as well as access to innovative technologies and a global talent base.The Team• VLL, in line with its industry peers operates a 3 Lines of Defence(3LOD) risk management model.• This role is within the 1st Line Risk and Control Team, which itself was established at the start of 2023. The Team, whilst being in the 1st Line of Defence (1LOD), sits in between VLL’s 1LOD functions and its 2nd Line of Defence (2LOD) functions such as Risk and Compliance.• The Team acts as a critical friend and risk partner to the 1LOD and as its champion and central point of liaison in risk interactions with the 2LOD. The Team supports the embedding of robust risk management practices into BAU operations, help implement VLL’s risk transformation agenda and promote a risk awareness and a proactive risk culture.• This is an exciting opportunity to join a growing team whose remits covers the breadth of VLL’s operation with exposure to senior stakeholders across the organisation.Role overview• Advise 1LOD functions on the application of operational risk management practices and changes to their day-to-day activities.• Monitor compliance to the firm’s risk management policies and processes as well as support the implementation and embedding of operational risk change initiatives across the 1LOD functions.• Consolidate and review key risk information so that the team can meet its reporting commitments to appropriate governance forums, key stakeholders and 2LOD functions.Responsibilities of the role• Provide risk advice to 1LOD functions by leveraging understanding of the firm’s management policies and processes as well as applicable industry best practices.• Support the development and/or implementation of applicable procedures to enable effective 1LOD adoption of the firm’s risk management policies and processes.• Support risk assurance activities conducted on the 1LOD through the provision of required information and explanation.• Support the senior members of the team to conduct ad hoc risk assessments and deep dive root cause analysis on priority risk areas or areas of material control deficiencies.• Support the effective running of formal risk governance committees and informal forums and working groups.• Promote collaborative working relationships with stakeholders at all levels of the organisational hierarchy (function, entity and group).Relevant experience• Experience of implementing recognised industry standards such as security (e.g. CRI, ISO27001) and operational resilience / BCM (e.g. ISO 22301) and IT (e.g. ITIL). [Preferred]• Experience of managing or partaking in the RCSA process ideally in a financial services, IT or payments context. [Preferred]• Experience of working in 1st or 2nd line risk teams or within 3rd line Internal Audit functions within a financial services environment. [Preferred]• Experience of working in any of the following disciplines, not necessarily in a financial services environment: Technology (e.g. incident/change/problem management), Cyber Security (e.g SOC, vulnerability mgmt. etc), or Operational Resilience (e.g. Third party management, scenario analysis etc).• Experience of applying operational risk frameworks and using of GRC solution.• Experience of working on cross-functional initiatives to design and implement best practice risk management practices.• Experience of working on complex cross-functional strategic initiatives, projects and teams.• Experience in delivering presentations and engaging with a wide group of stakeholders.Relevant skills• Excellent communication skills (both written and oral)• Attention to detail with strong reporting and presentation skills• Ability to self-start, problem solve and work under pressure• Adept use of MS Word, Excel and PowerPoint• Basic use of PowerBI, Tableau, Domo, Access database or other reporting tools• Basic understanding of database management and SQLCorporate Security ResponsibilityAll activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:Abide by Mastercard’s security policies and practices;Ensure the confidentiality and integrity of the information being accessed;Report any suspected information security violation or breach, andComplete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
