Job Title: Risk Manager Job Location(s): Scotland - Perth/Glasgow/Eurocentral/AberdeenHybrid Working: 2-3 days ideally in the officeDescription:Main Purpose of JobDrive the adoption of risk management framework. Work collaboratively with management to define, communicate and measure key risk and controls for IT and OT risks to be maintained in line with business risk appetite. Provide assurance on the effectiveness of controls and confirm compliance with obligations. Provide key management information to enable the Leadership to make decisions.Key AccountabilitiesSupport the implementation and operation of the IT Governance, Risk and Compliance framework.Implement and manage the IT risk management framework.Facilitating risk reviews to identify, quantify and mitigate IT & OT risks.Regular stakeholder engagement providing advice and guidance on risk management.Provide assurance on the adequacy of IT & OT controls to manage risk, provide recommendations and monitor progress to ensure controls are improved and effective.Coordinate timely and appropriate actions to be taken in response to audit actions. Support the formulation of delivery plans to address root cause and monitor progress.Involvement in risk mitigation projects as required.Oversight of the progress of audit actions.Monitor and report compliance with relevant policies, standards, procedures, legislation and regulation.Regular liaison with the Cyber Risk, Operational Technology, Information Security team and Risk & Assurance teams across the business and Group.Ensure accurate, timely and relevant reporting on IT & OT Risks to various Risk Boards and Committees.EducationEducated to a degree level or above or at least 3 years’ relevant experienceExperienceExperience of delivering IT risk, compliance or assurance activities (or equivalent role)Experience of OT Systems, Cyber and Engineering risk managementExperience of designing or reviewing IT/OT processes and their controls and performing risk assessmentsExperience engaging with a wide range of stakeholdersFocus on continuous improvementBusiness KnowledgeUnderstanding of client's strategy, structure and governance frameworkWorking knowledge of IT and operational risk, IT and enterprise architecture, IT strategy and IT outsourcing, service management and deliveryWorking knowledge of audit and assurance methodsFull IT project lifecycle experienceIndustry standards, regulation and legislation knowledgeUnderstanding of continuous improvement methodologiesFunctional and Technical SkillsGood knowledge of IT governance frameworks such as COBIT 5, ITIL, ISO31000, 27005, 38500 and their interactionsAbility to perform Risk/Return analysisAbility to work in matrix environmentsQuality managementWorks in compliance with Business Principles, Policies and StandardsCommunication and Personal AttributesAbility to engage effectively with all stakeholders (internal and external)Fluent communicator, both written and orally, with high attention to detailStrong organisation skillsNegotiation and influencing skillsMaintain objectivity and impartialityPlanning, communication and presentation skillsFlexibility to adapt and compromiseAbility to carry out self-led learningProblem Solving, Analysis and ReasoningAble to use multiple problem solving methodologiesAdept at identifying appropriate workaroundsExperience in resolving complex problemsAccountability and Financial DimensionsAccountable for own workNo direct or indirect responsibility for budgets or other financial measures.
Job Title
Risk Manager