Senior Group Manager, Technology Risk Management

We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

As part a Global Technology Risk Management community, the role will support the LBU and Group by:

• Assuring Risk Oversight: Provide assurance and oversight on information and technology risks that may impact the LBU’s ability to achieve its business objectives.
• Risk Analysis and Recommendations: Offer objective analysis and detailed recommendations to LBU management regarding key information and technology risk areas, ensuring appropriate risk mitigation.
• Ensuring Risk Mitigation Effectiveness: Oversee the effectiveness of processes, tools, and technologies within the LBU, ensuring they are adequately mitigating risks to information and technology assets.
• Compliance Monitoring for Technology related regulations and guidelines: Collaborate with the Compliance and relevant Group functions to monitor compliance with technology related regulatory requirements, Group standards, and LBU-specific policies related to information security, technology, and data protection.
• Collaborative Risk Management: Partner with LBU operational teams to support the effective management of risks to information and technology assets.
• Independent Assurance: Provide independent assurance that information and technology risks are being managed within the risk appetite established by the Board.
• Framework Implementation Support: Collaborate closely with the Group Technology Risk Management team to ensure the successful rollout and implementation of risk frameworks, policies, and processes within the LBU
• Develop and Implement TRM Framework: Lead the formation and successful rollout of the LBU Technology Risk Management (TRM) framework, ensuring alignment with local and regional requirements.
• Provide Expertise and Guidance: Offer technical and best practice guidance on information and technology risk, taking into account platform-specific and regional complexities.
• Risk Appetite and Key Metrics: Establish and roll out the information and technology risk appetite and key risk metrics for effective management oversight.
• Risk Register Monitoring: Proactively monitor the LBU risk register and escalate any potential risk areas for Group-level reporting, ensuring risks are appropriately rated and mitigated.
• Collaborate with Operational Risk: Work closely with the LBU Operational Risk Management (ORM) team to manage information and technology risks, ensuring alignment in risk treatment and reporting.
• Risk Culture: Promote a strong risk management culture across LBU stakeholders, focusing on managing information and technology risks effectively.
• Support Periodic Risk Reporting: Assist the LBU CRO in ensuring timely and accurate reporting of information and technology risk matters to the LBU risk committee.

Requirements:

• A technology-related degree (e.g., Information Technology, Computer Science).
• Certifications: Candidates should hold relevant certifications in areas such as Technology Risk Management, Technology Audit, IT Management, Cybersecurity, Cloud, Software Engineering, or Project Management. Examples include:
• Risk Management: CRISC (Certified in Risk and Information Systems Control)
• Audit: CISA (Certified Information Systems Auditor)
• IT Service Management: ITIL Foundation, PRINCE2, PMP
• Cloud/Network: Microsoft Certified Azure Solutions Architect Expert, (ISC)² CCSK, CompTIA Cloud Essentials
• IT/Information Security: CISSP, CISM, CompTIA Security+
• Software Development: DevOps Engineer Professional, Google DevOp, Engineer, Microsoft Certified Solutions Developer

Additional Advantageous Experience

Candidates with any risk management / auditing experience in any of the following areas will have an added advantage:

• Cloud Technologies: Experience with PaaS, IaaS, and SaaS.
• DevOps / DevSecOps: Familiarity with continuous integration and deployment processes.
• API Management: Managing API security and integration.
• Robotic Process Automation (RPA): Experience with automation tools and frameworks.
• [Key] Artificial Intelligence (AI): Familiarity with AI technologies and related risks.
• [Key] Data Governance: Managing and securing data assets.
• Agile Development: Experience with Agile methodologies.
• Mobile Device and Application Management: Securing and managing mobile technologies, including containerization.

Desirable Traits

The following traits will be an added advantage:

• Subject Matter Expert (SME): Recognized as an expert in their functional area and sought after for advice or consultation.
• Impactful Initiative Delivery: Proven track record of delivering impactful projects (e.g., automating manual processes, creating dashboards for risk identification).
• Coding/Analytics Background: Experience with tools such as Python, SQL, or similar analytics technologies.
• Industry Network: Strong industry connections to stay informed on developments in the fast-moving IT and risk landscape.

We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.