Operational Risk Mng- Cyber & Resilience

We're Hiring:Operational Risk Manager Cyber & Resilience

Location: Remote, however Travel to London, Canary Wharf 1x a Month is required

Department: Risk

Hours: Monday - Friday 09:00-17:30

We're looking for anOperational Risk Manager Cyber & Resilience to join our Risk team and provideindependent second line oversight across cyber, technology and operational resilience risks.

This is a key assurance role, offering exposure to senior stakeholders and committees, where you'll combinestrong cyber and information security knowledge withpractical risk management expertise.

You'll act as a trusted subject matter expert, translating complex cyber risks into clear, business focused insight that supports informed decision making.

• Provideindependent review and challenge of first line cyber, resilience and technology risk management activities.
• Oversee cyber risk coverage withinRCSAs, scenario analysis and operational risk assessments.
• Assess control design and effectiveness across areas including:
  • Cyber and information security
  • Cloud and third party technology services
  • Data protection, availability and resilience
• Identifyemerging and interconnected cyber risks, escalating where risk appetite may be threatened.
• Provide second line oversight ofcyber incidents, near misses and control failures, including root cause analysis and remediation.
• Track and validate closure ofsignificant cyber risk issues and audit findings.
• Support the development and monitoring ofrisk indicators, thresholds and tolerances.
• Partner closely with Operational Resilience teams to embed cyber risk into:
  • Important Business Services mapping
  • Impact tolerances
  • Severe but plausible cyber scenarios
• Produce high qualitymanagement information and reporting for senior forums, including executive committees and Board level packs.
• Act as arisk business partner to selected areas, building strong collaborative relationships while maintaining independence.

• Strong experience incyber security, information security or technology risk.
• Experience working in a heavily regulated environment
• Background inRisk, Audit or Compliance, with a solid understanding of risk and control frameworks.
• Ability tocommunicate complex technical topics clearly to non technical stakeholders.
• Confident, organised and detail focused, with the resilience to operate in a changing regulatory and technology landscape.
• Comfortable working independently while contributing to a close knit team.
• Strong working knowledge ofMicrosoft Excel and PowerPoint.
• Professional certifications such asCISA, CRISC, IRM or equivalent.
• Experience working with AI would be an advantage

At Kensington Mortgages, we believe our employees are the heart of our success. We are committed to creating a supportive and flexible work environment that values personal growth, professional development and a healthy work life balance

Our inclusive culture respects and celebrates diversity in all its forms, ensuring that everyone feels welcome, valued and understood. We recognise and appreciate differences in thinking, learning styles, gender, race, identity, ethnic origins and sexual expression.