On a broad scale, our Bank is currently enhancing its technology and paving the way to a more digital future, which means this is an exciting time to join the IT Governance, Risk and Compliance team (GRC).
For the IT GRC, this creates an opportunity to work across the business and support the journey to build a risk management framework.
Working across IT, Data, and Cyber systems and processes in both the UK and India, we provide assurance that our technology and information security strategies are robust, secure, and compliant, plus aligned with the business.
About Us
The OSB Group is a FTSE 250 specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market. Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia. Alongside passion for our products and customers, we're passionate about our people and want to continue building a collaborative and engaging environment. Being dedicated to Diversity, Equity, and Inclusion, we encourage differences and recognise that individuals from diverse backgrounds and experiences can bring valuable insights and enhance the way we work. What you will be doing
In this role, you will have the opportunity to play an essential role in supporting the delivery of risk management services which ensure that our IT, Data, and Cyber systems and processes are robust, secure, and compliant with all relevant legislation and regulations. This position will be responsible for delivering against the IT GRC framework and supporting the continual improvement, which drives the key objective to provide assurance that technology & information security strategies are aligned with business. Your responsibilities will include: Supporting Risk and Control Self-Assessments (RCSA), assisting in the identification of emerging risks and changes required to key controls based on changing business requirements. Providing support to the first line risk owners in the development and ongoing enhancement of appropriate Key Risk Indicators (KRI’s) and metrics to ensure alignment and embedment of OSB’s risk appetite framework. Working with the first line SME teams to support the design and implementation of controls to mitigate process risks and the move towards automated controls. Delivering risk activities to monitor and assess the risk on an ongoing basis in support of the IT GRC Framework, ensuring the processes and controls that are in place mitigate risk and comply with applicable legislation and regulations. Engaging with stakeholders to communicate or identify control weaknesses, develop remediation plans, and track identified action plans to closure. Delivering services in line with the Enterprise Risk Framework to manage IT GRC activities, including supporting the collation of data, preparing & finalising governance packs; and ensuring that the enterprise risk management system of record is maintained properly and regularly. In return for your commitment
We offer a base salary dependent on experience and a competitive benefits package including: Discretionary annual bonus opportunity of up to 15%. 28 days annual leave plus bank holidays. Access to Private Medical Insurance and Medical Cash Plan. Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase/sell schemes, Employee Perk Portals, Payroll giving, and Save as you Earn scheme. Could you be the one?
We are looking for talented individuals who have the experience and knowledge set out below: Work experience delivering IT, Data, and Cyber risk management activities which support an IT Risk Management Framework, in a large scale enterprise IT-based environment in a similar position. Good demonstrable experience in the collation and development of Key Risk Indicators and the application of Risk and Control Frameworks is essential. Strong knowledge of risk management including experience in risk and control frameworks within a regulated industry. An IT GRC industry qualification in support of risk management such as CRISC, CISM, or CISA. What to do next
If this sounds like you, please apply now! For internal applications please visit the internal careers page to apply. Alternatively, if you wish to have an informal and confidential chat please get in touch. Contact details can be found on our careers page. If shortlisted from your initial application we operate a personalised recruitment process. Interviews are a two-way street; we aim for them to be relevant and conversational to get the best out of you! OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally. We embrace equal opportunities and are opposed to discrimination on any grounds. As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop, and advance senior women in our sector. We don’t stop there though; we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Whilst we are an organisation that values face-to-face interaction to build and nourish our culture, we also acknowledge that people are not just productive in an office and tied to the 9 to 5. Flexible-working opportunities are important for establishing a healthy work-life balance so if you see a role of interest we are happy to be asked about flexibility and explore together if we can make it work. All applicants must have rights to work in the UK and be willing to undertake the relevant pre-employment screening checks should your application be successful.
#J-18808-Ljbffr
The OSB Group is a FTSE 250 specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market. Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia. Alongside passion for our products and customers, we're passionate about our people and want to continue building a collaborative and engaging environment. Being dedicated to Diversity, Equity, and Inclusion, we encourage differences and recognise that individuals from diverse backgrounds and experiences can bring valuable insights and enhance the way we work. What you will be doing
In this role, you will have the opportunity to play an essential role in supporting the delivery of risk management services which ensure that our IT, Data, and Cyber systems and processes are robust, secure, and compliant with all relevant legislation and regulations. This position will be responsible for delivering against the IT GRC framework and supporting the continual improvement, which drives the key objective to provide assurance that technology & information security strategies are aligned with business. Your responsibilities will include: Supporting Risk and Control Self-Assessments (RCSA), assisting in the identification of emerging risks and changes required to key controls based on changing business requirements. Providing support to the first line risk owners in the development and ongoing enhancement of appropriate Key Risk Indicators (KRI’s) and metrics to ensure alignment and embedment of OSB’s risk appetite framework. Working with the first line SME teams to support the design and implementation of controls to mitigate process risks and the move towards automated controls. Delivering risk activities to monitor and assess the risk on an ongoing basis in support of the IT GRC Framework, ensuring the processes and controls that are in place mitigate risk and comply with applicable legislation and regulations. Engaging with stakeholders to communicate or identify control weaknesses, develop remediation plans, and track identified action plans to closure. Delivering services in line with the Enterprise Risk Framework to manage IT GRC activities, including supporting the collation of data, preparing & finalising governance packs; and ensuring that the enterprise risk management system of record is maintained properly and regularly. In return for your commitment
We offer a base salary dependent on experience and a competitive benefits package including: Discretionary annual bonus opportunity of up to 15%. 28 days annual leave plus bank holidays. Access to Private Medical Insurance and Medical Cash Plan. Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase/sell schemes, Employee Perk Portals, Payroll giving, and Save as you Earn scheme. Could you be the one?
We are looking for talented individuals who have the experience and knowledge set out below: Work experience delivering IT, Data, and Cyber risk management activities which support an IT Risk Management Framework, in a large scale enterprise IT-based environment in a similar position. Good demonstrable experience in the collation and development of Key Risk Indicators and the application of Risk and Control Frameworks is essential. Strong knowledge of risk management including experience in risk and control frameworks within a regulated industry. An IT GRC industry qualification in support of risk management such as CRISC, CISM, or CISA. What to do next
If this sounds like you, please apply now! For internal applications please visit the internal careers page to apply. Alternatively, if you wish to have an informal and confidential chat please get in touch. Contact details can be found on our careers page. If shortlisted from your initial application we operate a personalised recruitment process. Interviews are a two-way street; we aim for them to be relevant and conversational to get the best out of you! OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally. We embrace equal opportunities and are opposed to discrimination on any grounds. As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop, and advance senior women in our sector. We don’t stop there though; we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Whilst we are an organisation that values face-to-face interaction to build and nourish our culture, we also acknowledge that people are not just productive in an office and tied to the 9 to 5. Flexible-working opportunities are important for establishing a healthy work-life balance so if you see a role of interest we are happy to be asked about flexibility and explore together if we can make it work. All applicants must have rights to work in the UK and be willing to undertake the relevant pre-employment screening checks should your application be successful.
#J-18808-Ljbffr
