Head of Technology Risk Programmes
This role can be based in either Manchester or Ewloe.
About MSM Group
Are you looking for a company that inspires passion, courage and imagination?
Through our four leading brands, MoneySuperMarket.com, MoneySuperMarket Go, MoneySavingExpert.com and TravelSupermarket.com, we are committed to helping all UK households to save money.
We provide a place for consumers and providers to come together. We always put our customers first ensuring all our services, websites and mobile apps are best in class, easy to use and transparent.
Find out more about us by clicking here!
Why Join the Technology Team?
The Technology team plays a crucial part in shaping the future of personal finance and changing the way in which people save money and purchase financial products. MoneySuperMarket is an innovative business that evolves rapidly with consistent growth but in a highly regulated environment.
As a result, the Head of Technology Risk will be a key part of the Technology leadership team. Reporting to the CIO, this role is responsible for owning and driving ongoing improvements to how we manage our risk and relevant controls within Technology and challenging and influencing at executive and board level, which requires extensive knowledge of technology risk but also someone that is qualified to lead and execute on a large and complex programme with many moving parts and priorities.
Put simply, we want someone who has the desire to take a leading role in improving how we work and how we deliver a safe trading and operating environment for our customers in a rapidly changing, innovative and challenging market sector.
What will I be doing?
You will drive a programme of continuous improvement through a portfolio of complex Technology Risk and Security Programmes, including;
- Cyber Security. Ensuring the MSM Group operates with the highest of standards in relation to Cyber Security.
- GDPR. Ensuring that our data driven business maintains the right relationships with our customers through compliance to GDPR legislation.
- Software Engineering. Evolving and maturing the risk based control framework the Group operates through Agile Product Engineering.
- Maturing the technology Risk Framework through the implementation and adoption of industry recognised benchmarks. Designing target state processes and implementing remediation plans to meet the designed state.
- Driving the formalisation of risk remediation through the application of an audit mentality. Ensuring the remediation of Technology Risk is adequately governed, delivered and reported up to Board level.
What skills and experience do I need?
- You are a ‘doer’ who will own and drive the necessary improvements through to fruition, co-ordinating virtual teams across the Group to deliver real change in our working practices.
- You have demonstrable, practical experience of managing Technology risk through the development and application of Risk & Control frameworks.
- You have demonstrable Cyber experience (though are not required to be a technical subject matter expert), with the ability to discuss and influence Cyber solutions and options.
- You have a strong pedigree of leading, planning and executing complex, high-stakes, Risk and Security focused programmes.
- You have an ‘Auditor mind-set’, with a strong track record of identifying risks and issues, managing stakeholders and mobilising resources to drive remediation activities through to successful closure. You are confident in exerting independence and challenge across the organisation.
- You have the ability to comfortably exert senior-level influence, with the ability to present and report to the Executive team and Board.
- You have experience of operating in a regulated environment and are familiar with current legislation relevant to Technology Risk, including GDPR.
- You believe that effective Risk Management creates competitive advantage and you are passionate about driving cultural, commercial and operational change to drive successful outcomes.
Nice to have:
- You may have experience in a business regulated by the Financial Conduct Authority (FCA) or the Prudential Regulation Authority (PRA).
- You may have experience of working in a direct-to-consumer business.
- You may have experience working in a Digital / e-commerce business.
Background checks are part of the hiring process