Senior Manager Security Risk Specialist

We're on an exciting journey and there couldn't be a better time to join us. We're putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! We're looking for a Senior Security Risk Specialist to support the leading and development of its risk specialist centre of excellence, to support robust risk management in alignment with the Group's Enterprise Risk Management Framework (ERMF). This will include giving our senior leaders and Risk Owners of the Group businesses advice on their risk decisions, safely, and at pace. To assure our Group's strategic transformation on this scale we need you to have a breadth and depth of knowledge in current tech, and we want you to be passionate about its application and how we manage its risk; prepare to disrupt the norm in the pursuit of the best possible customer and staff experience. You should have people at your heart; we strive for excellent customer experience but to achieve this we focus on our people - building a culture around continued learning and support so everyone can feel bold to share new ideas and solutions. You'll have deep operational risk knowledge and provide thought leadership, insight and oversight that supports the implementation of the second line of defence and executes its roles and responsibilities. You'll lead our approach to implementing risk policy, appetite, and control objectives to enable the delivery of customer, regulatory and business strategic outcomes. You'll also be providing pragmatic advice to support informed key risk decisions and trade-offs (balancing commerciality and risk appetite), being bold to 'call it', and influence senior decision makers. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions in our people, data, and tech to transform the way we meet the ever-changing needs of our 26 million customers. We're growing with purpose. Join us on our journey and you will too.

• Detailed knowledge of the key security risks facing a financial services group, with a proven ability to assess and manage security risk and threats (e.g. using ISMS, MITRE ATT&CK, PASTA/STRIDE/DREAD frameworks and methodologies), set policy and manage compliance, design controls, provide assurance oversight and challenge, and offer advice balancing risk and reward.
• Experienced in the domains of information, cyber and physical security, with applied knowledge across key elements including identity and access management, data security, threat and vulnerability management, security architecture and design, security engineering and application development (inc. DevSecOps), cloud services and shared responsibility models (inc. native and microservices architecture), infrastructure security, people security, cryptography, security operations, and physical and environmental security. Demonstrable curiosity and understanding of the emerging technologies shaping the risk landscape (inc. AI, Digital Ledger Technology, Quantum).
• Considered a deep subject matter expert with a strong depth of understanding of the latest Operational Risk frameworks and technology being used across financial and non-financial services to enable them to lead a specialist risk centre of excellence.
• Demonstrates good and timely decision making that keeps the organisation moving forward and skilfully balances difficult trade-offs with the ability to understand business strategy and opportunity risks. Has examples where they have assimilated different sources of data and complex information to effectively problem solve and make relevant conclusions and recommendations.
• Demonstrates ability to interpret new operational risk regulation, emerging risks and technology innovations with forethinking to anticipate the impact of changes on the Group and act accordingly.
• Has acted as a Risk Specialist business partner, using strong communication skills to build partnerships and work collaboratively with others, including Risk Owner, Control Owner and Control Office to meet shared objectives.
• Able to work effectively with all other lines of defence and understands the different but complimentary roles. Seen as the primary Operational Risk specialist and expert across the Group to help deliver against aligned customer, business and strategic outcomes.
• Has examples of building effective, ongoing data-led Operational Risk control objectives working with others, including external regulators.
• Inspires others by gaining followership and commitment to future action through personal integrity and collaboration, demonstrating an inclusive approach. Coaches to go faster by demonstrating commitment to create an environment that builds teams with skills aligned to our Group Strategy and Purpose creating new and better ways for the organisation to change at pace.
  
  Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity, or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it's why we especially welcome applications from under-represented groups. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know.
We also offer a wide-ranging benefits package, which includes:
• A generous pension contribution of up to 15%
• An annual performance-related bonus
• Share schemes including free shares
• Benefits you can adapt to your lifestyle, such as discounted shopping
• Up to 30 days holiday, with bank holidays on top
• A range of wellbeing initiatives and generous parental leave policies.
Want to do amazing work, that's interesting and makes a difference to millions of people? Join our journey.