Head of Technology Risk Oversight & Support

Title: Head of Technology Risk Support & Oversight 

Department: Global Risk   

Location: UK 

Reports To: Head of Non-Financial Risk    

Level: Director 

We’re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our Non-Financial Risk Oversight team and feel like you’re part of something bigger. 

About your team 

The Non-Financial Risk Oversight team leads the development, implementation, and enhancement of the firm’s Non-Financial (Operational) Risk Management framework, provides oversight and advice to the firm’s Corporate Enablers (Enterprise Technology, General Counsel, Chief Finance Office, and Chief People Office) and owns the policy for a number of Non-Financial Risk types. The Technology Risk team provides oversight of the information security, cybersecurity and technology failure risks. In addition, the team also provides hands-on and proactive risk management support to all technology functions across FIL in ensuring that risks, events and issues are understood, logged and managed, in accordance with Fidelity’s risk management framework and within Group Risk Appetite.   

About your role  

The Head of Technology Risk Oversight & Support will be responsible for managing the Technology Risk function that sits in the Global Risk team. With the increasing regulatory focus on technology, cyber and information security risks, it’s expected that the depth and breadth of coverage required by the team will expand and grow, requiring more in-depth, detailed analysis of core technology solutions and approaches to mitigate associated risks. You will lead the team to extend coverage, oversight and support, working closely and partnering with all technology teams to further embed an exceptional risk management culture that is fully aligned with the expectations of future regulatory direction.  You will bring your extensive industry experience to this role, providing strategic thinking and thoughtful insights and balance on technology and cyber risks to contribute to FIL’s senior management decision making, including providing boards and oversight committees updates and insights. As part of the Global Risk team, you will also contribute as an SME to senior risk colleagues. 

Your responsibilities include: 

• You will lead the team to provide risk management support and oversight to the technology functions and its senior management, ensuring effective management in accordance with Fidelity’s risk management framework and within Group Risk Appetite. This will form an integral part of the delivery of Global Risk’s value proposition and will seek to further embed an exceptional risk management culture within the business. 

• You will work closely with Risk, Resilience and Procurement colleagues to ensure the technology vendor strategy aligns with corporate policy. 

• Building on a robust policy basis you will work closely with all technology teams to drive compliance with regulations, and grant exceptions / waivers / risk acceptances where appropriate, while staying within the Global Risk appetite 

• Working with Technology Compliance, you will support horizon scanning of new regulations and define minimum control requirements for technology policies. 

• You will develop effective assurance mechanisms for technology, information security and cybersecurity risk policies by engaging with the owners of procedures and standards, ensuring relevant KRIs are embedding in technology BAU activities. 

• You will closely partner with Technology teams and support their day-to-day risk management activities. This will include but is not limited to, assisting and facilitating with Risk and Control Self-Assessments, proactively identifying issues, chairing and ensuring smooth running of the dedicated Technology risk forum, and assisting with the management of risk events where appropriate.  

• Maintaining strong working relationships with Audit and Compliance teams to compare and contrast risk themes and trends to ensure that oversight Risk, Compliance and Audit functions are as closely aligned as possible and no duplication occurs. 

About you 

You exhibit true leadership qualities and draw on experience to define an effective operating model and shape an inspiring team. You have a vision on how to protect an organisation from technology failure, information security and cybersecurity risks and understand how to collaborate with business partners, motivate others and to garner commitment.  

 
Subject Matter Skills/Experience 

• Content expertise in technology risk management relating to but not limited to the following disciplines:  information security and cyber security, technology failure, IT compliance, data quality and governance, architecture, AI, development and testing, resilience and disaster recovery, EUC (End User Computing), third party management 

• 10+ years of technology and or info/cyber security risk related work experience, preferably in the financial services industry  

• Strong practical experience in operational risk management (inc. framework design and implementation) 

• Ability to quickly grasp new technology concepts, new infrastructure components and their impact on the overall infrastructure topology. 

Interpersonal Skills 

• Comfortable in challenging environments, experienced in interacting with and presenting to very senior management and working in a matrixed technology environment.  

• Strong analytical and problem-solving skills; someone who can thoroughly grasp complex situations and cut through to the key elements without getting lost in the ‘detail’. Pragmatic, balanced and commercial decision making. 

• Excellent communication, collaboration, influencing and interpersonal skills; ability to convey ideas clearly and succinctly to a broad range of people both verbally and in writing. Can explain risk succinctly and in non-technical terms; demonstrates capacity and skills of ‘winning over’ business stakeholders. Ability to promote and to inspire others on Risk topics and to increase the overall awareness of technology risks across the organisation. 

• Ability to work under pressure, both individually and in collaboration with others. 

• Flexible, approachable and adaptable, and respond rapidly to changing business needs; able to re-prioritise and organise effectively. 

• Dedication to delivering high quality standards and client satisfaction; with the highest personal standards of integrity and confidentiality. 

Qualifications 

• Bachelor’s Degree minimum in Technology, Engineering, Business, or similar 

• Candidate would preferably have a CISSP or equivalent security certification; other security management certifications such as CISM and C|CISO an advantage. 

Feel rewarded 

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com. 

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.