Risk Manager - Tech & Cyber Risk

General Job Title: Risk Manager – Tech & Cyber Risk Division: General Management – Risk & Compliance Reports To: Head of Operational Risk Key Relationships: Risk Management team (including Insurance Risk and Enterprise Risk Management team members), Risk Management Senior Leadership Team, Chief Risk Officer and wider team members of second and third line functions (Compliance and Internal Audit), as well as first line internal stakeholders including Information Security, IT, Data, Procurement, Underwriters and Claims Managers

Job Summary Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in the oversight and management of technology and cyber risk management activities, as well as wider operational risk matters across the Group

This is a second-line-of-defence role providing risk oversight and challenge across the group, enabling first line teams and relevant risk owners to understand risk exposure and make appropriate risk-aware decisions

The role holder is responsible for ensuring clear and timely communication of risk considerations and matters for escalation between first line business teams, the Senior Risk Manager – Operational Risk and the Head of Operational Risk

Key Responsibilities Risk Management Framework Support the Senior Risk Manager – Tech & Cyber Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders, ensuring the assessments are performed and documented accordingly

Support the Senior Risk Manager – Tech & Cyber Risk in implementing and maintaining a robust control environment that is owned and documented by first line business control owners and stakeholders

Provide oversight and challenge of Beazley’s first line process around technology and cyber risk, including areas such as IT and cybersecurity business continuity, IT resilience, digital risk and operational transformation, capital modelling and business planning

Produce risk reporting and opinions, including deep dive reviews on hot topics influencing Beazley’s technology and cyber risk profile to support reporting to internal and external stakeholders

Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in designing, writing and implementing frameworks, policies, procedures and processes where required

Provide critical appraisal of the control environment (including Risk MI) proposed by the business with reference to the agreed risk appetite

Liaise with first line business stakeholders and risk owners to capture new risks (including emerging risks) and review controls proposed by first line control owners and stakeholders

Assist in the preparation of risk management material for internal and external presentations where necessary

Assist in the provision of induction training to all relevant employees

Ensure close collaboration with Risk Management colleagues, supporting in the execution of key deliverables and projects as required

Keep up-to-date on market standards and best practice, as well as regulatory requirements and changes as required

Promote a culture of good conduct within the Operational Risk team by demonstrating and communicating the expected levels of behaviour and integrity

FCA conduct rules – individual conduct rules: You must act with integrity; You must act with due care, skill and diligence; You must be open and cooperative with the FCA, PRA and other regulators; You must pay due regard to the interests of customers and treat them fairly; and You must observe proper standards of market conduct

General It is important that within all your interactions both internally and externally you adhere Beazley’s core values - Being Bold, Striving for Better, and Doing the Right Thing as they contribute to an internal environment of teamwork and promote a positive brand image and experience to our external customers." We also expect Beazley employees to:   Comply with Beazley procedures, policies and regulations including the code of conduct

Undertake training on Beazley policies and procedures as delivered by your line manager, the People & Sustainability or assurance teams (compliance, risk, internal audit) either directly, via e-learning or the learning management system

Display business ethics that uphold the interests of all our customers

Ensure all interactions with customers are focused on delivering a fair outcome, including having the right products for their needs

Comply with any specific responsibilities necessary for your role as outlined by your line manager, the People & Sustainability or assurance teams (compliance, risk, internal audit) and ensure you keep up to date with developments in these areas.  This may include, amongst others, Beazley’s underwriting control standards, Beazley’s claims control standards, other Beazley standards and customer relationship management

Carry out additional responsibilities as individually notified, either through your objectives or through the learning management system.  These may include membership of any Beazley committees or working groups

Personal Specification: Essential Criteria Knowledge and experience of risk management frameworks and tools with proven technology and cyber risk expertise Experience of working in a global and fast paced business environment is essential Degree level educated or an equivalent combination of education training and experience with security frameworks and industry standards; and/or Relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.) Knowledge, Experience and Skills Proven technology and cyber risk expertise, preferably with a strong understanding of the Lloyd’s or wider company insurance market and framework; Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes associated with an international insurance group

Ability to build strong partnering relationships with a wide range of stakeholders

Ability to interact professionally and with credibility and manage expectations of management and key stakeholders

Ability to manage time, meet deadlines and prioritise

Able to communicate effectively with others

Proficiency in Microsoft 365 apps

Experience of Committee and Board reporting

Aptitude and Disposition Application of risk-based judgement Influencing and trusted advisor Flexible Energetic, enthusiastic and positive Team player Self-motivated with the ability to work autonomously Proactive Strong prioritisation skills; ability to meet deadlines and manage stakeholders’ expectations Highest degree of integrity / discretion Strong written and verbal communication skills Analytical Attention to detail, with ability to see bigger picture Ability to challenge, negotiate with, influence and persuade both internal and external parties