Value Stream IT Governance Lead

Were on the hunt for an experienced IT Governance Lead for a newly created role within our IT Governance team. This position known as Value Stream IT Governance Lead will play a pivotal role within the IT Governance team.

Youll be responsible for driving IT governance security and technology risk management across the value stream. Youll embed in a value stream and will play a key part in ensuring that all technology and business initiatives within the value streams comply with technology & governance frameworks standards and policies. As the IT Governance Lead youll act as a link between the Value Steams and the Security IT Governance and Tech & Data risk team and will be the first point of contact within the value stream to provide contextual advice and undertake relevant activities in stream.

We value flexible working arrangements so you can choose to work remotely or maybe you live within a commutable distance from one of our offices in Salford Quays Manchester Haywards Heath West Sussex or Guernsey and want to work in the office occasionally.

Core skills were looking for to succeed in the role:

• Strong communication and collaboration skills with excellent reporting skills.

• Ability to analyse security and technology risks.

• Stakeholder management skills.

• Ability to work across multiple teams.

Whats involved:

• Youll lead and oversee IT Security & technology risk governance within value streams ensuring compliance with internal standards policies guardrails etc.

• Youll ensure value stream initiatives and ongoing activities follow appropriate governance processes.

• Youll provide guidance on risk including assessments mitigation strategies and acceptance processes within existing frameworks.

• Youll monitor review and report on technology and security risk across the value stream providing direction on managing risk and minimizing vulnerabilities.

• Youll collaborate with the IT Governance & Information Security teams to highlight assess and mitigate changing or emerging risks within the value stream.

• Youll assist in ensuring that security and other controls are embedded within the value streams development deployment and run lifecycles including assessing monitoring and providing advice on value stream epics features etc.

• Youll escalate and assist in the management of incidents security events and the establishment of root causes as required.

• Youll assist in the triage and distribution of vulnerability & Pen Test findings and associated actions as required.

• Youll undertake cross-value stream control testing and other assurance as needed.

• Youll be responsible for monitoring helping prioritize and reporting on 1st/2nd/3rd line actions within the value stream.

• Youll undertake standard IT Governance & Risk and Security activities in value stream such as 3rd party risk assessments and due diligence.

• Youll support all in-value stream 1st/2nd/3rd line reviews audits etc.

• Youll undertake specific IT Governance and Security reporting activities as required.

• Youll act as the eyes and ears and champion within the value stream bridging between value stream stakeholders and the IT Governance and Security teams managing concerns escalations etc.

• Youll engage provide training and promote awareness with value stream leaders and teams to ensure IT governance risk and security requirements are clearly understood and followed.

• Youll identify opportunities for governance process improvements within value streams and drive initiatives to improve governance risk management and security maturity.

• Youll help foster a culture of accountability ensuring value stream leaders and teams adhere to technology and security standards and are committed to appropriate and proportionate risk management.

• Youll comply with the requirements and act in accordance with the Group Code of Conduct and Fitness and Propriety policies at all times.

• Youll ensure compliance with Company Policies Values and guidelines and other relevant standards/ regulations at all times.

Experience and Knowledge

• Strong knowledge of IT & Security governance policies and requirements.

• Conducting risk assessments control testing and other assurance activities.

• Identifying assessing and mitigating technology and security risks.

• Strong communication and collaboration skills with excellent reporting skills.

• Technical experience and knowledge of security principles & controls.

• Knowledge of cloud security principles and DevOps governance.

• Experience in financial services or other regulated industries.

• Knowledge of Azure cloud security principles and DevOps.

• Knowledge of ISO 27001 COBIT and similar frameworks.

Skills

• Strong communication and collaboration skills with excellent reporting skills.

• Ability to analyse security and technology risks.

• Stakeholder management skills.

• Ability to work across multiple teams.

Behaviours

• Ask questions explore new solutions and drive continuous improvement.

• Proactively identify risks and governance issues early and take initiative to address them.

• Collaborate effectively across teams building strong relationships to embed governance principles and influence outcomes.

• Take ownership and responsibility for in value stream governance ensuring teams meet security and compliance standards.

• Thrive in a fast-paced DevOps environment balancing agility with governance requirements and practical solutions.

• Clear communication and explain governance and security concepts in a way that both technical and business teams can understand.

This is just the start. Imagine where you could end up! The journeys yours