IT Risk & Controls Manager

This is an exciting opportunity to join Shawbrooks CTO function as a key member of the Technology Risk & Governance team. Reporting directly to the Director of Technology Risk & Governance you will lead the first-line IT Risk & Controls function shaping how technology risk is identified managed and embedded across the Bank.

This role offers real scope to innovate optimise and automate the way we manage technology risk. Youll have the freedom to challenge the status quo simplify complex processes and introduce creative solutions that strengthen control effectiveness and drive continuous improvement.

Leading a small capable team you will act as a trusted advisor to senior technology leadersbalancing oversight with practical hands-on delivery. Youll play a pivotal role in ensuring Shawbrooks technology control environment remains robust well-documented and aligned with the Banks risk appetite regulatory expectations and operational resilience objectives.

This is an opportunity for an experienced IT risk professional who thrives in a collaborative forward-thinking environmentsomeone who can combine structure with curiosity and influence change through insight not instruction.

Risk and Control Oversight

• Lead the first-line IT Risk & Controls function providing proactive oversight support and challenge on all aspects of technology risk management.
• Manage the Technology Risk Register within the Banks GRC platform (AuditBoard) ensuring risks controls events and issues are accurately recorded and regularly reviewed.
• Facilitate the twice-yearly Risk and Control Self-Assessment (RCSA) process ensuring a robust and evidence-based evaluation of control design and operating effectiveness.
• Coordinate and maintain control testing plans supporting design and operational effectiveness reviews across all technology domains.
• Ensure timely logging and management of risk events control gaps and policy non-compliance issues.

Governance and Reporting

• Own and manage the monthly Technology Risk Committeesetting the agenda curating management information and ensuring action tracking and escalation are effective.
• Support the preparation of technology input to Group risk forums and produce MI and thematic analysis for the CTO and CRO functions on key risk themes performance trends and control maturity.

Assurance and Audit Coordination

• Act as the central coordination point for technology-related audits reviews and regulatory returns (e.g. REP018 SWIFT KPMG assurance).
• Track audit findings and management actions to completion ensuring evidence is captured and remediation progress is monitored in AuditBoard.
• Support lessons-learned reviews following incidents or near-misses ensuring improvement actions are defined and embedded.

Optimisation and Continuous Improvement

• Drive automation and data-led insights across risk management processessimplifying reporting and enhancing transparency.
• Partner with control owners to identify opportunities to streamline evidence collection improve efficiency and strengthen control outcomes.
• Build and mentor a small team fostering a culture of accountability curiosity and proactive problem solving within the first line.

Qualifications :

• Significant experience in IT risk management or controls assurance within a financial services or similarly regulated environment.
• Strong understanding of technology and cyber risk concepts including control frameworks (e.g. NIST COBIT ISO27001).
• Proven experience in using GRC tools (AuditBoard or equivalent) to manage risks controls and issues.
• Experience in automation of risk and control monitoring and MI production using tooling such as Power Automate Power BI AI LLMs etc.
• Familiarity with RCSA processes risk event management and risk appetite monitoring.
• Strong analytical and communication skillsable to translate complex risk data into clear concise insights for senior stakeholders.

Additional Information :

Your Wellbeing - We take your health and well-being very seriously by providing a range of benefits to give you and your family peace of mind. These include:

• Market leading family friendly policies such as access to our Maternity Adoption and Paternity policies from Day 1 of your employment
• Free access to Headspace a mindfulness & meditation digital health app
• Free access to Peppy digital health app that offers personalised support through fertility treatment becoming a parent or menopause
• EAP (Employee Assistance Programme) - Offering you support on a wide range of subjects including financial concerns mental wellbeing and more general queries around family work housing and health
• Cycle to work scheme
• Discounts on gym membership
• Contributory pension scheme & death in service

Your Lifestyle - Its important you strike the right balance between your work and personal life. We provide benefits to support you when at work and when youre enjoying your leisure time.

• Minimum of 25 days holiday per year
• Option to buy or sell holiday days through our flexi-holiday scheme
• Discounts on gym membership nationwide
• Access to discounts on a range of high street and online brands
• Community support and charitable giving

Your Contribution - Were focused on rewarding those that go the extra mile in helping us achieve our goals.

• Participation in our annual discretionary bonus scheme designed to reward your contribution to our success
• Proudly Shawbrook recognition scheme focused on recognising our role models and thanking our colleagues for a job well done

Remote Work :

No

Employment Type :

Full-time