IT Risk Manager (2LOD)

If that sounds like you, Investec are currently looking for a Technology Risk Manager to join our Operational Risk team in the second line of defence. In this role, you will provide independent oversight and challenge of technology and information security risks across IBP (Investec Bank), helping to ensure risks are understood, well controlled and managed within approved risk appetite. You will work closely with technology teams, relevant business stakeholders and assurance functions, providing risk-based challenge across areas such as cloud, cyber security, technology resilience, change management, incident management, third-party technology services, and AI and emerging technology risks. This is a hands-on second line role suited to someone with strong technology risk expertise, the confidence to challenge constructively, and the ability to build trusted stakeholder relationships. About the team You will be part of the Operational Risk team within IBP Specialist Bank, sitting in the Risk Division and reporting to the Head of Technology & Information Security Risk (2LoD). The team is responsible for providing independent oversight and challenge across key operational risk themes, working closely with embedded 1LoD Technology Managers, Technology Management Teams, Internal Audit and IBL Operational Risk. The team plays an important role in strengthening risk management practices, supporting effective decision-making and helping to maintain a strong and pragmatic risk culture across the business. What you will be doing

• Providing subject matter expertise and independent second line challenge over 1LoD technology risk assessments, and where required conducting independent assessments across applications, infrastructure, third parties and thematic risk areas
• Assessing inherent risk, control effectiveness, residual risk, treatment plans and escalation requirements for risks outside appetite
• Providing guidance and challenge on First Line operational risk event reporting to ensure key details, business impact and follow-up actions are captured accurately and in a timely manner
• Overseeing and challenging risk mitigation plans and closure evidence to ensure remediation actions are specific, measurable, fit for purpose and effectively implemented
• Reviewing and challenging risks proposed for acceptance, ensuring they are clearly articulated, appropriately classified, supported by sufficient rationale, time-bound, and approved in line with the risk management framework
• Supporting independent review and challenge of critical third-party technology arrangements, including vendor control environments, exit strategies, resilience plans and technology dependency risks
• Supporting the ICAAP process through technology risk inputs, challenge and insight to inform operational risk capital assessments
• Acting as a trusted adviser to technology stakeholders, providing constructive challenge and helping to strengthen risk culture
• Promoting operational risk awareness and delivering training where required
  
  Are you a technology risk professional who thrives in bringing clarity to complex risks, with a proven track record of constructive challenge and practical risk-based decision-making?, Extensive experience in a technology risk and/or IT audit role within a financial institution or other regulated environment
• A strong risk and challenge mindset suited to a second line oversight role
• Professional certifications such as CISSP, CRISC, CISA or CISM would be advantageous, as would related experience in project management and technology processes
• Technical understanding across key technology domains including cloud, APIs, DevOps, AI, SDLC, cyber security, technology resilience, change management and third-party technology risk
• Confidence in constructively challenging risk decisions made by the first line of defence
• Ability to take ownership, work autonomously and manage competing priorities effectively
• Demonstrable strength in operational risk management, stakeholder management and applying a risk-based approach
As part of our collaborative & agile culture, our working week is 4 days in the office and one day remote. We believe that being together enables us to live our values and support our clients and communities in an extraordinary way.

At Investec, we do things differently. We're a leading international bank and wealth manager built on a culture of curiosity, entrepreneurial spirit and human connection. Ideas are heard, ambition is celebrated, and impact is encouraged. As part of a team that challenges convention and strives for outperformance, you'll help shape bold solutions for clients who expect something more than the ordinary., Investec offers a range of wellbeing benefits to make our people feel healthier, balanced and more fulfilled in their lives inside and outside of work. You can find a list of our benefits here Embedded in our culture is a sense of belonging and inclusion. At Investec we want everyone to find it easy to be themselves, and to feel they belong. It's a responsibility we all share and is integral to our purpose and values as an organisation. We believe that innovation thrives when everyone feels respected, included, and empowered to contribute. We actively seek out diverse talent and foster an inclusive environment, encouraging applications from people of all backgrounds and experiences. Here, you'll find networks, benefits, and development opportunities designed to support your career journey, wherever it may lead. If this role excites you but you don't meet every requirement, we'd still love to hear from you. Your unique perspective and experience could be exactly what we are looking for. Get in touch! At Investec, we're deeply invested in our clients, our colleagues, and our communities. It's more than a mindset; it's how we show up every day.