Head of Technology and Change Risk
We are Direct Line Group – home to some of the country's best-known brands including Direct Line, Churchill, Privilege, Greenflag, and NIG. Our vision is to create a world where insurance is personal, inclusive, and a force for good, and our purpose is to help people carry on with their lives- giving them peace of mind now and in the future.
We’re already award-winning across several of our brands, but we want to continue this evolution to be a forward-thinking technology and data company. Aligned to the wider business transformation, the Risk & Compliance function has embarked on a 2-year transformation journey with the aim to reposition and rebrand Risk through a re-energised vision and leadership team, as well as scaled up capabilities through investment in our people and in technology. We are on a journey to make DLG “Risk-Positive” and our team a Force helping to achieving DLG’s strategic ambitions.
As part of the Non-Financial Risk Leadership team, a Head of Technology and Change Risk is required to support our new Non-Financial Risk Director and our Chief Information Office (CIO) in helping maintain DLG’s organisational resilience as it continues to transform in pursuit of its strategic ambitions over the next 5 years. We’re looking for people who are excited by the challenge of becoming a cutting-edge Risk function, and have managed large business transformations through a Head of role within the second line.
As the Head of Technology and Change Risk, you will be responsible for the management of Second Line of Defence (2LOD) oversight of the Chief Information Officer (CIO) directorate, which includes both the Technology and the Chief Information Security Office (CISO) functions, and assessing the effectiveness of the associated first line of defence (1LOD) risk management and control systems. You will act as a conduit between Risk our fantastic Technology and CISO teams to champion the delivery of technology change in a systemic and controlled manner, to avoid adverse operational, regulatory, or financial impact. At a group-wide level, you will promote a strong, but simple, risk and control culture that supports innovation, whilst building a sustainable foundation.
What you’ll be doing:
- Providing robust advice and partnership to identify, mitigate and ensure key change, regulatory compliance, operational and resilience risks across technology programmes are understood, effectively mitigated, and governed
- Managing 2LOD advice, oversight and challenge to the CIO - focusing on tech, cyber security activities, Enterprise Change (across Agile and more traditionally/centrally managed), and the Strategic Investment Portfolio ('SIP'), which covers c£100m of change activity.
- Leading risk reviews in relation to technology and cyber exposures and deliver an assurance plan that provides sufficient coverage of these risks, including a mix of embedded assurance and formal risk opinions, health-checks and deep dives
- Supporting and developing a high performing team of engaged and capable individuals, that deliver tangible and value-add outcomes
What we're looking for:
- Interest and curiosity of the insurance sector
- Strong awareness of the balance between risk, control, and growth
- Strong experience in technology transformation and technology and cyber risk change while delivering at pace
- An understanding of industry standards, control frameworks (e.g.COBIT, RCSA), technology landscape and key Change/IT risk areas
- Experience of conducting thematic risk assurance assessments
- Experience of Enterprise Governance Risk and Compliance (eGRC) systems beneficial
Hours: 35 hours (Monday - Friday)
Hybrid Working: We have a hybrid model with a virtual-first approach which means you would primarily work from home. The team currently meet 1 day a week in the Bromley office (but we're moving to London Bridge next summer!). As long as you live a commutable distance from one of our offices in Leeds, Birmingham, Bristol, Bromley, or Glasgow and understand you might need to travel into Bromley/London up to 1x a week, that's great. We'll support you as best as we can!
Ways of Working
Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. How much you'll be in the office depends on your role, and we'll consider the flexible working options that work best for you.
We recognise we wouldn't be where we are today without our colleagues, that's why we offer excellent benefits designed to suit your lifestyle:
- Generous 9% employer pension. Regardless of whether you contribute into your pension or not, DLG pay 9% into your pension (but you can take this as cash if you want!)
- Eligibility for annual performance bonus of up to 20%
- Generous holidays - 30 days annual leave (excluding the bank holidays). Plus, the option of buying or selling up to 5 days each year!
- 50% off home, motor and pet insurance
- Free travel insurance and Green Flag breakdown cover
- Electric Vehicle car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way
- Free private medical cover for you!
- Buy-as-you-earn share scheme
- Employee discounts and cashback
Direct Line Group is an equal opportunity employer, and we think diversity of background and thinking is a big strength in our people. We're delighted to feature as one of the UK's Top 50 Inclusive Employers and are committed to making our business an inclusive place to work, where everyone can be themselves and succeed in their careers.
We know you're more than a CV, and the things that make you, you, are what bring potential to our business. We recognise and embrace people that work in different ways so if you need any adjustments to our recruitment process, please speak to the recruitment team who will be happy to support you.