Job Purpose
Information risk refers to the risks related to Technology, Information Security, and Data quality. Given Admiral's focus on being a data and technology-driven company, Information Risk is a key risk area. The role is based in the AECS Risk team, with responsibility for oversight and challenge of all Information risks including Technology, Information Security, and Data quality. The successful applicant will work collaboratively with other teams including all areas of IT, Information Security, and Data.
Main DutiesResponsible for oversight and challenge of Information risks across EU entities, including Information Security, Technology, and Data quality risks.Act as the subject matter expert within the EU Corporate Governance functions for Information risk management and security related matters.Lead independent risk/security assessments of the key Information and Security risks and controls across EU, identifying, assessing, escalating, and reporting on potential information risks and issues to Admiral.Oversee and challenge the business response to Technology and Information Security risk incidents and events throughout EU.Provide review and challenge for EU change projects related to Technology, Information Security, and Data via steering committee membership or undertaking project risk reviews.Develop the Information risk framework within EU including the implementation and embedding of the tools, policies, standards, and procedures required to support the risk oversight and assessment activities.Promote and embed Enterprise Risk Management (ERM) processes, awareness, and understanding across the EU Technology, Information Security, and Data teams to maintain operational resilience, minimizing customer detriment and financial losses.Assess the impact of Technology and Data change within the business against Admiral's risk profile, ensuring timely identification of key themes and emerging risks, issues, and exposure, and providing recommendations to management to mitigate and resolve potential issues.Report and escalate risks and issues to senior managers, heads of department, Corporate governance teams, relevant working groups, management committees, and Boards.Monitor and assess EU's compliance with Group & AECS/AIS Policies and Group Minimum Standards in relation to IT and Information Security.Represent EU Risk in relevant Committees, working groups, and meetings.Develop and maintain key stakeholder relationships across EU, performing the role as a 'critical friend' to the business.This is not a full definition of the role but covers the main aspects and drivers for success.
Behavioural CompetenciesProfessional Expertise
Possess the ability to make effective and informed decisions. Keep up to date with the latest legislation and regulations that apply to Information Risks.
#J-18808-Ljbffr