Description:
We have a great opportunity for an expert Risk Governance Manager to join our team on a 12-month fixed term contract! This is a great job for someone with a good understanding of IT and Cyber risk and the supporting control frameworks, to have a real impact working with UK's leading Insurance business!
A bit about the job:
At Aviva we manage our risks to help proactively identify and control threats and vulnerabilities that could adversely impact the organisation and our customers; and the role that we have within the Chef Information Office (CIO) Risk & Assurance team is crucial in supporting this. You will be supporting the review of the IT, Cyber, Group Procurement and Operational Resilience control environment to protect our customers and deliver our Risk Goals.
Within the role you will:
- Lead Market/Functional SME input, guidance, and challenge to ensure compliance with the internal control framework, and quality application of it. Support (leading where required) risk and control debate (including reporting and forward view) at functional SLTs, completing independent assessment and testing when required
- Use insight, data and SME opinion to optimally challenge risk assessments, control positions, issue and action remediation, and risk events; providing input and reporting into central forums and Group CIO function and CIO market forms where required.
- Develop strong relationships with risk, control and issue owners to provide regular coaching on standard methodology, to ensure consistency and accurate application
- Working with all three lines of defense to ensure effective management of issues and alignment on the strength of the control environment, including support to audit reviews in the functions
- Lead on quality assurance activity ensuring adherence to risk management framework and tooling Minimum Standards and finding opportunities to influence said requirements
Skills and experience we’re looking for:
- Thorough understanding of effective operational risk management
- Strong interpersonal skills with the ability to communicate and challenge effectively to both technical and non-technical audiences, as well as adapt style and influence all levels of business, including senior management
- Excellent written communication skills – the ability to collate and summarise information in plain English and tailor your written communication to suit the audience, is key
- Awareness of IT and Security governance models and standards e.g. COBIT, ITIL, ISO27001
- Awareness of Third-Party Risk and Change Management frameworks and governance