Technology & Operations Risk Manager

 

Description:

This role will provide independent oversight and challenge across technology and cyber risk, ensuring that risks are accurately identified, assessed, and managed within appetite.

This is a technically focused First Line of Defence (1LoD) role, requiring strong expertise in cybersecurity, IT risk, and control frameworks, as well as the ability to analyse risk data, challenge control environments, and drive improvements across Technology & Operations (T&O).

You will play a key role in ensuring that risk frameworks are not just followed, but are robust, data-driven, and aligned to regulatory expectations, with clear visibility of risk exposure and control effectiveness.

We’re shaping the way we work through innovation, cutting-edge technology, collaboration and the freedom to explore new ideas. To succeed in this role, you will be responsible for:
 

  • Providing independent oversight and challenge of Technology & Operations risk, ensuring alignment with Operational Risk Management frameworks.
  • Reviewing and challenging Risk & Control Self-Assessments (RCSA), ensuring completeness, accuracy, and robust control design.
  • Ensuring quality and integrity of Risk & Control Profiles (RCPs), including risk identification, control mapping, and residual risk assessment.
  • Overseeing risk data within tooling (e.g. Heracles), ensuring alignment across risks, issues, events, and risk appetite statements.
  • Monitoring adherence to Risk Appetite Statements (RAS), supporting breach management, root cause analysis, and remediation tracking.
  • Challenging control effectiveness, thematic reviews, and testing outcomes to identify systemic weaknesses.
  • Producing and analysing risk MI and reporting, identifying emerging risks, trends, and control gaps.
  • Driving continuous improvement of governance artefacts, processes, and risk engagement models across T&O.
     

What You’ll Bring

Our people are our greatest strength. Every individual contributes unique perspectives that make us stronger as a team and as an organisation. We’re enabling teams to go beyond by valuing who they are and empowering what they bring.

The following requirements represent the knowledge, skills, and abilities essential for success in this role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Professional Experience
 

  • Experience in technology risk, cyber risk, or operational risk within financial services (Required).
  • Experience providing independent oversight, challenge, or audit of control environments (2LoD or equivalent) (Required).
  • Experience working with RCSA, risk frameworks, and control assessment methodologies (Required).
  • Experience producing risk reporting and MI for governance forums (Required).
     

Education
 

  • Undergraduate degree in Cybersecurity, Information Technology, Risk, or related field (Preferred).
  • Professional certifications such as CISA, CISSP, CISM, or equivalent (Preferred).

Organization Santander UK
Industry Management Jobs
Occupational Category Technology and Operations Risk Manager
Job Location Milton Keynes,UK
Shift Type Morning
Job Type Full Time
Gender No Preference
Career Level Intermediate
Experience 2 Years
Posted at 2026-07-01 1:17 am
Expires on 2026-08-15