Job Title: Risk Manager – Tech & Cyber Risk

Division: General Management – Risk & Compliance

Reports To: Head of Operational Risk

Key Relationships: Risk Management team (including Insurance Risk and Enterprise Risk Management team members), Risk Management Senior Leadership Team, Chief Risk Officer and wider team members of second and third line functions (Compliance and Internal Audit), as well as first line internal stakeholders including Information Security, IT, Data, Procurement, Underwriters and Claims Managers.

Job Summary

Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in the oversight and management of technology and cyber risk management activities, as well as wider operational risk matters across the Group.

This is a second-line-of-defence role providing risk oversight and challenge across the group, enabling first line teams and relevant risk owners to understand risk exposure and make appropriate risk-aware decisions. The role holder is responsible for ensuring clear and timely communication of risk considerations and matters for escalation between first line business teams, the Senior Risk Manager – Operational Risk and the Head of Operational Risk.

Key Responsibilities

Risk Management Framework

• Support the Senior Risk Manager – Tech & Cyber Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders, ensuring the assessments are performed and documented accordingly.

• Support the Senior Risk Manager – Tech & Cyber Risk in implementing and maintaining a robust control environment that is owned and documented by first line business control owners and stakeholders.

• Provide oversight and challenge of Beazley’s first line process around technology and cyber risk, including areas such as IT and cybersecurity business continuity, IT resilience, digital risk and operational transformation, capital modelling and business planning.

• Produce risk reporting and opinions, including deep dive reviews on hot topics influencing Beazley’s technology and cyber risk profile to support reporting to internal and external stakeholders.

• Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in designing, writing and implementing frameworks, policies, procedures and processes where required.

• Provide critical appraisal of the control environment (including Risk MI) proposed by the business with reference to the agreed risk appetite.

• Liaise with first line business stakeholders and risk owners to capture new risks (including emerging risks) and review controls proposed by first line control owners and stakeholders.

• Assist in the preparation of risk management material for internal and external presentations where necessary.

• Assist in the provision of induction training to all relevant employees.

• Ensure close collaboration with Risk Management colleagues, supporting in the execution of key deliverables and projects as required.

• Keep up-to-date on market standards and best practice, as well as regulatory requirements and changes as required.

• Promote a culture of good conduct within the Operational Risk team by demonstrating and communicating the expected levels of behaviour and integrity.

FCA conduct rules – individual conduct rules:

• You must act with integrity;

• You must act with due care, skill and diligence;

• You must be open and cooperative with the FCA, PRA and other regulators;

• You must pay due regard to the interests of customers and treat them fairly; and

• You must observe proper standards of market conduct.

General

It is important that within all your interactions both internally and externally you adhere Beazley’s core values - Being Bold, Striving for Better, and Doing the Right Thing as they contribute to an internal environment of teamwork and promote a positive brand image and experience to our external customers." We also expect Beazley employees to:  

• Comply with Beazley procedures, policies and regulations including the code of conduct.

• Undertake training on Beazley policies and procedures as delivered by your line manager, the People & Sustainability or assurance teams (compliance, risk, internal audit) either directly, via e-learning or the learning management system.

• Display business ethics that uphold the interests of all our customers.

• Ensure all interactions with customers are focused on delivering a fair outcome, including having the right products for their needs.

• Comply with any specific responsibilities necessary for your role as outlined by your line manager, the People & Sustainability or assurance teams (compliance, risk, internal audit) and ensure you keep up to date with developments in these areas.  This may include, amongst others, Beazley’s underwriting control standards, Beazley’s claims control standards, other Beazley standards and customer relationship management.

• Carry out additional responsibilities as individually notified, either through your objectives or through the learning management system.  These may include membership of any Beazley committees or working groups.

Personal Specification:

Essential Criteria

• Knowledge and experience of risk management frameworks and tools with proven technology and cyber risk expertise
• Experience of working in a global and fast paced business environment is essential
• Degree level educated or an equivalent combination of education training and experience with security frameworks and industry standards; and/or

• Relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.)

Knowledge, Experience and Skills

• Proven technology and cyber risk expertise, preferably with a strong understanding of the Lloyd’s or wider company insurance market and framework;

• Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes associated with an international insurance group.

• Ability to build strong partnering relationships with a wide range of stakeholders.

• Ability to interact professionally and with credibility and manage expectations of management and key stakeholders.

• Ability to manage time, meet deadlines and prioritise.

• Able to communicate effectively with others.

• Proficiency in Microsoft 365 apps.

• Experience of Committee and Board reporting.

Aptitude and Disposition

• Application of risk-based judgement

• Influencing and trusted advisor

• Flexible

• Energetic, enthusiastic and positive

• Team player

• Self-motivated with the ability to work autonomously

• Proactive

• Strong prioritisation skills; ability to meet deadlines and manage stakeholders’ expectations

• Highest degree of integrity / discretion

• Strong written and verbal communication skills

• Analytical

• Attention to detail, with ability to see bigger picture

• Ability to challenge, negotiate with, influence and persuade both internal and external parties