Business Unit: Risk Management
Salary: up to circa £80k depending on experience
Location: Close to Glasgow or Newcastle is ideal but we're flexible
Contract Type: Permanent
Disrupt the status quo. It’s a simple statement that tells you everything about our ambition. It’s about thinking what money could be, instead of what it’s always been. Thinking this way gives us so many opportunities to make our customers happier. We’re not like other banks – and we want you to help us be even more exceptional.
It’s never been more important for Virgin Money to protect the security and stability of our technology estate, and to ensure we continue to keep our information, data and assets safe. We have an exciting opportunity for an experienced Manager to join the 2nd line providing risk oversight of Cyber & Information Security Risk.
We require a highly motivated, innovative and talented Manager who is looking for a role that provides plenty of variety and challenge. You’ll be responsible for monitoring, evaluating and challenging the ability of 1st line management to identify, manage and report cyber and information security and cloud risks in line with both internal standards and regulatory requirements. Work with them to embed an effective risk culture, including providing relevant training and education as necessary. You will lead Risk Management SME input and advice on cyber and information security risk across the Bank by building effective relationships with key stakeholders in the cyber and information security teams in 1st line as well as other areas of the Bank and external bodies as necessary.
Day to day you’ll:
• Support business management in embedding a risk culture and risk management practices that are customer focused and help to deliver our vision for making you happier about money.
• Be a respected authority on cyber, information security and cloud Risk to influence and guide RLT, ELT and LT on any weaknesses in the control environment and areas requiring additional investment or focus in the fast-changing cyber landscape.
• Oversee the business in the development and ongoing controls for remote or flexible working environments.
• Lead Risk Management SME input and advice on cyber and information security risk for new initiatives and change programmes across the Bank.
• Build and maintain relationships with key stakeholders in the cyber and information security teams in 1st line as well as other areas of the Bank and external bodies as necessary, ensuring that our frameworks keep up to date with industry and external environments.
• Support the business in embedding the framework for, and deliver oversight of, cloud strategy, governance, controls and outsource to cloud;
• Provide oversight and support the Risk Assurance team in Risk to deliver SME reviews and thematic deep dives, using the agreed methodology.
• Oversee the maintenance and development of best practice cyber and information security risk management procedures to ensure effective risk oversight.
• Monitor the performance of cyber and information security controls across the Bank and provide early warning of risk adverse risk trends and emerging risks. Produce consistent and accurate reports for senior leaders and the Executive.
• Support the Senior Manager Digital, Technology and Security Risk in external reporting to the LT and Regulators.
• Advise and oversee the implementation of Cyber and Information Security related RAS metrics and provide ongoing oversight of thresholds and limits highlighting any areas of concern.
• Support the completion of stress and scenario testing as related to cyber and information security risk topics.
The role sits in the Risk area that also oversees Operational Risk, Operational Resilience, Payment Risk, Change Risk and People Risk and works closely with these areas.
There are a few essentials you need to bring:
• A relevant degree or professional qualification, alongside experience in a cyber or information security discipline within Financial Services;
• Understanding of risk management processes and practices and the 3 lines of defence model in place;
• Experience in producing high quality reports for a variety of stakeholders, ensuring key messages are presented clearly and appropriately for the audience;
• Confidence in communicating;
• Senior Stakeholder management experience;
• Understanding of project management; and
• Experience of working as part of a team, and at times leading a team, and an ability to work with teams across different locations.
RED HOT Rewards
• A generous holiday package and the option to buy more!
• Private Medical Insurance - with the option to extend to family members.
• Pension! A market leading pension – we’ll top up your contributions too.
• Flexible benefits – customise your rewards to work for you!
Inclusion at Virgin Money
Inclusion is at the heart of everything we do here at Virgin Money. It’s good for you, it’s good for us and it’s amazing for our customers. We know that great minds don’t think alike, so we rely on your diverse thoughts, feelings, beliefs and backgrounds to be the best we can possibly be. Got any questions about this or need some support with your application? We’d love to hear from you so get in touch with our friendly team at firstname.lastname@example.org or HRUKRecruitment@cybg.com
Point to note…
At the minute, depending on which team you are joining, lots of us are working from home. This is something that may change over time, and if so, we will come together in one of our hub locations, giving you the chance to meet your new colleagues in person. We will of course, make sure you have the IT equipment to access our systems and to interact digitally with your new team and colleagues, but we thought it best to let you know this in advance, so you can make sure you are set up to work safely and productively. If you have any questions on this let us know!
Now the legal bit…
If we offer you a job and you accept, there are some checks we need to complete before you can start with us. This will include a credit and criminal record check, as well as providing 3 years' worth of satisfactory references.