Technology Risk Manager

This is a fantastic opportunity to join a fast-paced, growing bank with a reputation for doing things differently. We don't want another cog in the machine, we're looking for self-starters and bold thinkers who want to pave their own career. OakNorth's Risk team provides guidance and oversight for technology and cyber related risks across the OakNorth Bank plc Group. In a nutshell this exciting and high-performing role, will play a pivotal part in ensuring OakNorth's adherence to security related regulatory requirements aligned to global standards and frameworks, and bring enhanced risk visibility, automation, and continuous assurance mechanisms across technology and security domains. Are you ready to step up to the challenge? The Role *

• Advance the Technology and Cyber Risk capability: The individual will provides oversight, review and challenge of the cyber risk profile and cyber control environment. Contribute towards the development/enhancement of technology risk framework and ensure alignment with evolving regulatory expectations and adoption of newer technologies and architecture patterns.
• Perform risk-based deep-dives: Perform risk based deep dives to identify and understand technology and cyber security related risk drivers and work in partnership with the First Line(s) to identify key programmes/tasks to address these. This is expected across core technology risk domains of resilience and continuity, cloud and third-party, data governance and protection, generative AI and broader AI adoption, and technology delivery and change.
• Cyber risk reporting: Ensure precise articulation of inherent and residual risks, along with comprehensive evaluation of control effectiveness. Provide oversight of issue management, Key Risk Indicators (KRIs), and adherence to policy requirements. Additionally, review KRIs and other risk telemetry to identify emerging themes, cyber risk trends, and potential control deficiencies.
• Proactive risk engagement and early intervention: Engage early during solution design, procurement, and PoC phases to assess technology and cyber risks. Continuously evolve domain focus areas to reflect changes in the threat landscape and regulatory environment(s) across operating geographies.
• Strong focus on automation: Help in building continuous assurance programmes, automate control testing, and feed results directly into established enterprise risk frameworks to support reporting and regulatory requirements.
• Stakeholder Management: Regular effective stakeholder management is key, this will include teams like Cyber security, Engineering, Product, and Internal Audit.

• 4-6 years, experience in regulated financial or fintech environments, or with technology risk focused consulting firms preferred.
• A deep understanding of IT security and technology risks principles, with specific focus of operating in a cloud-native and SaaS heavy environment is essential for this role.
• Demonstrated experience with cyber risk frameworks and a solid understanding of best practices within a well-managed cyber environment.
• Effective communication with both internal and external stakeholders.
• Experience with cloud platforms' risk management, cloud security, and compliance, including domains of Identity and Access Management, Infrastructure and Data security, Detection and Incident Response, and Governance.

• A wide range of voices heard to the benefit of all
• Teams that are clearly happy, engaged, and laugh together
• Perceivable safety to have an opinion or ask a question
• No egos - people listen to and learn from others at all levels, with strong opinions held loosely

What makes working here better *

• This is a truly hybrid role, offering engineers the flexibility to work from home while also providing opportunities to collaborate in person with the team when it adds value. There's no fixed requirement for days in the office, instead, we focus on creating space for engineers to engage meaningfully, whether that's in-person for whiteboarding sessions or remote for deep focus work.
• Work-life balance - 25 days holiday (plus bank holidays) each year, and enhanced family leave allowances.
• Competitive salary & equity - We want people to have a serious stake in the business.
• Good kit - Your choice of the best laptop, running macOS or Ubuntu.
• Team socials - The opportunity to get to know each other outside of work.
• Company socials - A chance to catch up and meet new colleagues weekly over informal office breakfasts and dinners on OakNorth - or at our free barista bar every day.
• Commuter support - We offer the cycle to work & EV scheme.

At OakNorth, we're on a mission to empower the UK's most ambitious businesses. Since 2015, we've lent over $18 billion across the UK and US, helped create more than 58,000 new homes and 36,000 new jobs, and supported hundreds of thousands of personal savers - all while fuelling the UK economy.