REQUIREMENTS:

• Minimum bachelor’s degree and/or experience in IT Risk and Control, IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider
• Experience of a control (Risk Management) environment, including reviewing adherence to/enforcing/promoting policies and standards
• Excellent communication skills to articulate at a senior management level, to peers at Group level and to external organizations (Clients, Auditors, Regulators). Ability to communicate technical subject matter to non-technical stakeholders
• Proven ability to prioritise competing demands
• Demonstrated ability to assess risk trends
• Risk and Issues management - including escalation
• Positive and professional attitude, team player, flexible and adaptable, open to change(s)
• Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English)
• Demonstrated ability to rapidly build relationships with key stakeholders
• One or more industry-recognised certifications including CISA, CISM, CISSP, CRISC, preferred

WHO WE ARE:

Delta Capita Group is a global managed services, consulting and solutions provider with a unique combination of experience in Financial Services and technology innovation capability. Our mission is to reinvent the financial services value chain providing technology based mutualized services for financial institutions for non-differentiating services.

ROLE OVERVIEW:

We’re offering an exciting opportunity to lead transformative risk and control initiatives within our Consulting Department in Sheffield. As a Risk and Control Transformation Lead, you will be responsible for driving end-to-end enhancements in governance, risk management, and control frameworks across complex client environments. This role involves close collaboration with senior stakeholders to design sustainable solutions, strengthen regulatory compliance, and embed a culture of continuous improvement.

PRINCIPAL RESPONSIBILITIES:

• Accountable for the Operational Resilience agenda for OBKYC and Servicing Technology department
• Create forward looking view of what the strategy should be with regards to Risk & Control.
• Consult on technology projects and provide risk and control subject matter expertise during IT audits and managing sustainable control compliance posture.
• Partner with the Business service owners, Business Risk and Chief Control Office Technology functions to promote and provide guidance to relevant policies, standards and governance within the department
• Provide updates with respect to global IT Control uplift programs to stakeholders. Lead IT engagement with internal / external / client audit and Regulatory Exams, including oversight of field work, collation of artefacts and partnership with CCO tech to remediate issues.
• Communicate residual risk through reporting, business governance processes and forums. Provide visibility of status of action plans and external/internal audit issues through different MIs/Dashboards
• Partner with IT Service Owners and Service line head to identify and assess controls, determine mitigating actions and remediation activities, and understand the overall risk profile.
• Act as a gatekeeper in collection of artefacts and / or evidence for internal/external audits and assessments, and act as POC for auditors and reviewers.
• Lead the delivery of risk & control projects and programmes for the Client Services IT. Assist IT Service Owners in responding appropriately and effectively to firm-wide risk, Cybersecurity and corporate control initiative.
• Drive ownership and accountability for Risk/Issue and Action Plan Ownership within Service line. Ability to converse with technical teams and assess their solutions for gaps and issues as well as propose mitigating or compensating controls.
• Manage the Risk Acceptance and Exception process through group standard process.
• Attend relevant governance forums to represent service line risk position and remediation plan through different MIs.