Risk Manager

Kendleshire
1 week ago
Create job alert

Risk Manager - this is a 50/50 split of Work from home and in office .

Our client based in Bristol at Emersons Green near the junction of the M4 and M32 ( so commutable from Bristol ,Bath ,Chippenham, Swindon etc ) are experts in the Financial Compliance industry; focussing mainly on the Motor Trade and Travel . They have one of the UK's largest regulatory networks with many retail sites ( Network Members ) across the UK benefiting from a range of Finance and Insurance services.

By providing Appointed Representative status, they shoulder the burden of compliance ( of being Directly Authorised by the Financial Conduct Authority (FCA) ) so their customers can concentrate on running their day to day businesses .

Purpose of the role:

Our client operate a three lines of defence model of risk management. The Risk function acts as the second line of defence, ensuring that the first line controls are effective. The Risk function is also responsible for completing 2nd line reviews on other business departments that focus on the risk of customer detriment, managing the incidents and breaches process, horizon scanning, controlling the network risk assessment, overseeing the network member onboarding process and handling regulated complaints.

Key Deliverables:

Responsible for;

Managerial Support:

•Supporting the CRO by actively managing the knowledge and competence of the Risk Department by

providing training and support to all team members through side-by-side training and the provision of

supporting documentation for internal procedures.

•Ensuring the department’s CPD logs remain up to date.

•Deputising for the CRO on agreed tasks.

•Assisting the CRO in completion of Departmental reports

Risk Register:

•Ensure the Risk register is maintained and appropriate actions set in agreement with relevant stakeholders

•Assist the CRO in compiling Risk Reports for Risk Committee and/or Board as required

Incidents:

•Managing Incident oversight, both those identified through reviews completed by the Risk department and

those reported by other departments, ensuring remedial action is completed to mitigate the risk of the

incident occurring again in the future.

•Undertaking work to assess the risks posed by non-compliant Network members, assisting in the production

of a formal risk rated remedial action plan to cover any compliance failures.

Complaint Handling:

•Ensuring the Department respond to regulated complaints, fairly and promptly, in accordance with the FCA

rules within the DISP section of the FCA handbook.

•Ensuring the Department handle complaints in-line with the ITC Standard Operating Procedure.

•Accurately maintaining the complaint system and related reports for FCA reporting purposes.

•Ensuring a root cause analysis is completed for individual complaints to identify trends and making

recommendations to the CRO for remedial action.

Second Line Reviews:

•Ensuring the Department undertake a second line risk-based monitoring function which focuses on assurance over the first line activities of call monitoring, website reviews, financial promotion reviews, product reviews, consumer credit rates and terms reviews, Pay Plan reviews, returns checks and network member audits.

Onboarding of new Network Members:

•Signing off an initial review of the onboarding risk assessment document, ensuring this document has been completed comprehensively and any areas of risk have an appropriate action set against them.

•Signing off a final review of the onboarding risk assessment document, ensuring all actions set during the

initial review have been completed.

•Notifying the CRO of concerns over final reviews as appropriate to agree any remedial action within companies risk

Appetite.

•Keying applications for Appointed Representatives and Approved Persons to the FCA in line with ITC’s policies.

Thematic Reviews:

•Supporting the Risk Department in delivering thematic reviews on departmental areas and processes, as required.

Horizon Scanning:

•Completing Horizon Scanning reviews of regulatory publications as published and maintaining a log of these

publications for any agreed actions with the CRO.

•Composing summary documents of any relevant publications, as directed by the CRO.

Network Risk Assessment:

Internal•Supporting the Risk department by regularly reviewing the Network Risk Assessment and investigating any areas of concern, completing suitable justifications.

Standard Operating Procedures:

•Supporting the Risk department maintaining selected departmental Standard Operating Procedures to ensure the processes followed reflect the documented procedures.

Control Environment:

•Where required, working with the first line to address any weaknesses in the control environment.

Other:

•Understand and compliantly work within regulation such as the Data Protection Act 2018, Public Interest

Disclosure Act 1998.

•Ensure personal training and competency requirements are in line and up to date with company policy.

•Adhere to all company policies and procedures, including Health & Safety, Equal Opportunities, Data

Protection, Code of Conduct and Information Security.

All activities to be handled in accordance with the relevant Standard Operating Procedure.

Critical Competencies:

•5 years’ experience of working within a Risk or Compliance role.

•Adhere to the ethos of Consumer Duty in all work activity.

•Completion of the company’s Compliance Training program.

•Good investigative and analytical skills including the ability to analyse processes and procedures against requirements and desired outcomes.

•Ability to be able to critically review, and make judgements on, the compliance of written and oral

communications against defined criteria.

•Good organisational skills and ability to proactively manage workload.

•Good written, oral communication and presentation skills.

Desirable Skills and Experience:

•Experience of a retail insurance environment.

•Experience of working with/for finance providers.

•Experience of working within a risk related role.

•Understanding of the Motor and Travel industry sectors.

•Understanding of how to use the FCA Handbook, and knowledge of the FCA requirements DISP, PRIN, SYSC,

ICOBS, SUP and CONC.

•Excellent computer skills.

•Being able to work as part of a team.

•Some regulatory related qualifications such as CII, ICA, IFS

Other significant Role Requirements:

•Comply at all times with companies principles, commitments and codes of practice.

•Must achieve and maintain the Critical Competencies listed above.

•Ensure awareness of, and adopt any changes in, regulatory practice.

•Maintain a log of personal continuing professional development (CPD) and ensure a minimum of 35 hours a year is completed.

•Report all failures to comply with requirements immediately to

•Hours of work: The position is full time, permanent. 37.5 hrs per week. Mon-Fri. Core benefits include;

  • Flexi-time: Employees can accrue a maximum of 2 days TOIL (time off in lieu) per calendar month.

  • Holiday: 25 days per calendar year increasing to 28 days. (1 additional day per full year worked).

  • Birthday: Birthday day off (following completion of a 6-month probationary period).

  • Pension: Employer contributory pension of 3% (after 3-month deferment period). Employee contribution 5%.

  • Health Care: Once an employee reaches 1 year of service, they will be entitled to join the company’s private health care scheme.

  • Holiday Buy Back: up to a maximum of 5 days are allowed per calendar year.

  • Memberships: Relevant and agreed professional business-related memberships will be paid.

  • Community/Charity work: Paid time off to do pre agreed community/charity work –up to 5 days per year.

    Training and Development

    We pride ourselves on offering continuous training & development along with career progression opportunities for all employees. Appropriate training will be provided as the role demands ensuring the individual is set-up for success.

    A truly diverse place to work

    Co. celebrates the diversity of our people and we welcome applications from everyone. We believe that having a culture of inclusion is essential in delivering good results. Attracting, retaining, and developing a diverse workforce where employees feel valued, respected and empowered allows people to reach their full potential. As a business this diversity helps us to better reflect and understand our customers’ needs to allow us to drive better outcomes. As an organisation, we respect and adheres to Equal Opportunities legislation and the Equality Act 2010

Related Jobs

View all jobs

Security Risk Manager - R0253471, Reading

Security Risk Manager (12 month FTC)

Cyber SEcurity Risk Manager - London/Hybrid

Third Party Risk Manager

Risk & Compliance Manager

Risk Compliance Manager

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers Jobs

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.

Careers

Navigating Cybersecurity Career Fairs Like a Pro: Preparing Your Pitch, Questions to Ask, and Follow-Up Strategies to Stand Out

In a world where digital threats are escalating and online infrastructure underpins nearly every aspect of our personal and professional lives, cybersecurity has swiftly become one of the most sought-after career fields. Demand for skilled cybersecurity professionals outstrips supply, both in the UK and globally. From ethical hackers and penetration testers to governance, risk, and compliance (GRC) specialists, the opportunities are extensive—and lucrative. Amidst this surge in demand, cybersecurity career fairs provide an invaluable chance to meet potential employers face-to-face, gain industry insights, and make connections that can accelerate your career trajectory. Unlike applying to countless jobs online, these events bring companies, security leaders, and aspiring candidates together under one roof. When approached with the right strategy, a single conversation at a cybersecurity fair can open the door to your dream job. In this comprehensive guide, we’ll explore how to prepare thoroughly, engage confidently, and follow up effectively after a cybersecurity career fair. By incorporating these insights into your approach, you’ll stand out from the crowd and maximise your chances of securing the perfect role in this fast-growing field.

Jobs

Common Pitfalls Cyber Security Job Seekers Face and How to Avoid Them

The cyber security industry in the UK and worldwide is experiencing rapid growth. With cyber attacks growing in sophistication and frequency, organisations are investing more resources than ever into defending their digital assets. From penetration testers and threat analysts to security architects and compliance officers, cyber security professionals are in high demand across a variety of sectors—including finance, healthcare, government, and retail. Yet, in spite of this high demand, the process of landing a cyber security role can be more challenging than many candidates anticipate. The stakes are high: prospective employers entrust cyber professionals with their most sensitive data, their compliance posture, and often their core business operations. Therefore, they’re looking for candidates who can demonstrate not just technical know-how, but also excellent communication, adaptability, and an awareness of the broader business context. In this article, we’ll explore the most common pitfalls that cyber security job seekers face, especially in the UK market, and how to avoid them. Whether you’re a recent graduate, a professional transitioning from a different field, or an experienced practitioner aiming for a senior role, these insights will help you stand out and secure the opportunities that fit your skill set and career goals.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.