Working with M&G Prudential as a Head of Technology Risk Oversight & Assurance means becoming part of a brand with a global reputation and an exciting vision: to be the most loved and most successful saving & investments business.
The forthcoming planned de-merger of M&G Prudential from the Prudential Group PLC provides a terrific opportunity to create a truly international and integrated savings and investments firm. A firm built on a rich and long history and with a commitment to an innovative future centred on the needs of customers and clients. There is a genuine opportunity to drive competitive advantage with value creation through the formation of this new organisation.
If you're inspired to join us, and have the necessary qualities, then this could be the opportunity you've been looking for.
The M&G Prudential Risk function is responsible for effectively advising and challenging key stakeholders, identifying risks effectively and proactively, and adding value through providing enhanced business insights to support the delivery of customers' long-term needs.
M&G Prudential Technology Risk provides second line oversight, advice and challenge in relation to the Technology Risks that the Group may be exposed to. In recent years Technology Risk has been, and continues to be a growing industry threat and a focus for regulatory concern. The approach that firms need to take to mitigate those exposures is evolving to meet the ever more sophisticated threats that technology risk presents. This involves investing in our framework and infrastructure and the expertise to ensure the business is adequately identifying technology risks and provide appropriately robust mitigating controls.
In parallel the business has embarked on a digital and technology transformation so that it can meet the customer and adviser demands of today and the future. This transformation will challenge our risk appetite for technology risk. M&G Prudential recognises this growing threat and the need to equip the Risk function with the expertise and gravitas to meet the challenge.
This role will have leadership over the Oversight & Assurance team working under the direction of the Director, Technology Risk, and will manage a team of risk analysts who can operate across M&G Prudential in accordance with the Technology Risk framework. The individual will work closely with other Risk functions within M&G Prudential, as well as developing productive relationships within the operational teams building an understanding of the M&G Prudential risk culture.
Develop and lead a high-performing Technology Risk oversight and assurance team. Provide management and leadership of the M&G Prudential Technology Risk Oversight and Assurance Team ensuring they are staffed by an appropriate number of competent (SME) staff who are sufficiently independent to perform their duties objectively.
Create and maintain the technology risk framework, appetites and tolerances and lead the oversight and testing of incident management and business continuity across all M&G Prudential businesses.
Be the key Technology Risk contact for and in ensuring appropriate training and awareness on the Technology Risk Operation Model, Framework and Policies to both internal and external IT Service providers.
To provide timely, accurate and relevant Technology Risk MI and commentary for designated risk committees and forums.
To lead Technology Risk assurance reviews on internal and external IT, Security and business service providers. Deliver clearly documented assurance reports which are both timely, impactful and commercial.
Undertake specific technology risk assurance reviews where necessary (in line with subject matter expertise). Provide challenge and assessment of potential technology risk including information and cyber security control weaknesses. Provide advanced warning to M&G Prudential management of potential technology and information security (including cyber) control weaknesses.
Monitor and report on progress of remediation plans and corrective actions identified by assurance reviews. Monitor and report (as appropriate) on M&G Prudential technology, cyber plans, projects and programmes. Provide Technology Risk SME support in the selection, management and oversight of strategic and / or critical third party IT service providers.
Support the Director, Technology Risk in providing a forward looking view of technology related risk developments and their implications for the M&G Prudential businesses.
Deputise for the Director Technology Risk where appropriate in key governance committees.
Work with the relevant business areas to ensure the right outcomes for customers. In this respect, the ability to maintain effective and pro-active relationships with key stakeholders at senior and exec level will be key in delivering a robust partnership with the business. Ensure the development of an effective technology risk assurance and oversight plan in conjunction with the business.
Must be resilient and have the ability to work under pressure and cope with competing demands.
You will be:
Taking an active lead in helping each person in your team perform to their best and understand how their work contributes to the achievement of business success.
Evaluating and monitoring collective performance to ensure your team is delivering in support of the strategic priorities of the business.
Producing and managing costs commercially.
Recognising successes around what is delivered and how people approach their work. In this respect the need for timely and relevant delivery of opinions and assurance reports will be key.
Maintaining a consistent approach to managing performance across the business, by following M&G Prudential processes.
Showing your team how to pull together by being a hands-on manager, and always be fair, open and honest.
Identifying what needs to be done and choosing the right people for the job (ensure team is adequately staffed with SME resource).
Giving each person in your team clear accountabilities and stretching work objectives. Must develop a resilience within the team to ensure the ability to work and deliver under pressure and cope with competing demands.
Taking all reasonable steps to ensure the timely and appropriate resolution of control weaknesses, issues and operational failures arising within the business.
Ensuring actions, decisions and processes take account of risk appetite limits and the potential impact on the risk profile of the area, escalating any uncertainties to senior management / Exec Management/Risk function.
Ensuring effective systems of internal control to manage risks and maintain records reflecting compliance with regulatory requirements.
Ensuring the team maintain effective and positive relations with key IT/Security and business management.
You will have:
Commercial knowledge around;
Technology Risk specialist with significant experience in developing a technology risk function, leading/managing system professionals and delivering impactful output.
Significant experience of liaising, influencing and negotiating effectively with internal and external parties at senior management/Executive Committee level and beyond Experience of identifying and anticipating potential concerns for key stakeholders by using multiple strategies and methods to gain support for change Significant experience of managing internal and external stakeholder relationships
Significant experience of developing clear, logical and comprehensive policy and executive papers.
Experience of wide multi-platform operating systems security, architecture, application and database security Expert knowledge of financial services regulatory requirements and standards, which apply to the areas under your control and to you as an individual
Good knowledge of life and pensions products, markets and competitors
Expert knowledge of industry best practice relating to technology risk and good network links with individuals and external bodies
A promoter of risk awareness within the organisation
Understanding of the Statements of Principle and Code of Practice
Able to work collaboratively across the immediate team and broader Risk function Forward looking assessment to objectives and how best to add value from a risk perspective to M&G Prudential
Ability to stand firm, defend risk opinions and decisions whilst being commercially aware
Technical knowledge around;
Significant Technology Risk experience and expertise obtained at a senior level, preferably within Asset Management and Insurance Experience of wide multi-platform operating systems security, architecture, application and database security
Significant experience of the BC, IRP, DP and IT risk spectrum including risk assessment and management. Significant experience of analysing and interpreting complex rules and regulations and applying such knowledge to provide solutions to business problems and issues
Significant experience of using subject matter expertise to interpret complex recommendations and recommend solutions for business stakeholders Detailed knowledge of cyber risk, data risk, crisis / incident management
Detailed knowledge of information security standards and best practices such as ISO27001/> 2, COBIT and ITIL
Detailed knowledge of change management methodology
Detailed knowledge of Technology Risk appetite and oversight, IT strategy and architecture, data protection, IT root cause analysis, and third party oversight Detailed knowledge of Technology Risk and Business Continuity Frameworks
People who work at M&G Prudential agree that ours is a great place to work with a brilliant team spirit. It's also an innovative, high-performing, commercial environment that's totally focused on customers. As an M&G Prudential colleague you'll get all the support you'd expect, including full training and professional development. You'll receive a competitive salary and reward package. And in a fast-changing world, you'll join an organisation that's leading the way in helping customers achieve their long-term financial goals.
M&G Prudential is committed to a diverse and inclusive workplace. Our role as an employer is very simple - to provide the right environment for talented people to do their best work, by respecting, understanding and valuing individual differences.
We welcome applications from individuals who have taken an extended career break, and we are willing to consider flexible working arrangements for all of our roles.
Recruiter: Joseph Scott Location: London
Internal Number: 5667386
About M&G Prudential
eFinancialCareers is a career site specializing in financial services.