Senior Data Governance Risk Manager - Compliance

Summary of Role:We are looking for a Senior Data Governance Risk Manager to join an existing Legal and Compliance department and support the current DPO with data, cyber, and operational resilience responsibilities from a compliance perspective.Salary: £70-90k per annumType of Employment: PermanentFlexible Working: 4 days in the officeLocation: City of LondonDescription of Duties:This role will build upon the client's existing policies and controls regarding data and cyber risk management, including Group-level guidance and directives. The role includes extensive interaction with all parts of the Bank’s operations and support functions (particularly the IT department) in London and requires liaising with all levels of seniority.Main Responsibilities & Accountabilities:Perform Current-State Analysis:Assess the Bank’s existing information security (IS) control environment (considering all aspects of technology IS, data assets, and cyber risks and resilience controls).Identify the current controls aligned to these risks and highlight potential control gaps.Develop a strategy for enhancement to manage those risks in line with the Bank’s agreed risk appetite.Governance Framework:Design and maintain a governance framework to capture strong cyber resilience, information security, data security, and data protection.Supervisory Oversight:Provide Bank-wide supervisory oversight, management reporting, and policy for the existing IS, data, and cyber control framework.Support delivery of activities identified in the annual Compliance Monitoring Plan, such as:COBS - Record Keeping & Document Retention Bank-wide supervisory oversight.Annual Business Outsourcing reviews.Regulatory reporting such as the REP018 and REP020 Quarterly returns.Maintain policies for existing IS, data, and cyber control frameworks.Conduct compliance email phishing exercises and data exfiltration reviews.Compliance & Risk Monitoring:Undertake ongoing monitoring of key data and IS risks.Develop and deliver staff and stakeholder training on data protection/privacy regulatory requirements and cyber security.Enhance management reporting information (KRI/KPIs), present performance status, and escalate issues to Senior Management where necessary.Build a profile of the Bank’s cyber threats and associated controls and provide Management with recommendations to enhance key cyber controls.Deputy Data Protection Officer Role:Fulfill the Deputy Data Protection Officer role in line with the requirements of current and incoming Data Protection Regulations (GDPR).Assess the effectiveness of current data and records management controls and develop enhancement action plans where these may be required.Operational Resilience:Provide advice and ongoing oversight on Operational Resilience, aligning the Bank’s practices with regulator expectations.Skills Required:Compliance background with proven ability to develop and publish business-standard policy, procedures, assessment reports, action plans, and similar documentation.Practical experience in a senior role in a Retail, Wholesale, or Capital Markets financial services organization with responsibility for Data Protection, Data Governance, and/or Information Security.Good working knowledge of current and changing cyber threats and mitigating control strategies with demonstrable experience of working with or advising on a cyber control activity or change project.Practical understanding of key aspects of UK data and information protection regulations (GDPR) and best practices.Excellent communication skills to ensure risk and control understanding is embedded throughout the business.Familiarity with cross-border aspects of current and incoming UK and European data and information security regulations.Strong interpersonal and presentation skills, providing one-to-one, structured training, and management reporting to staff at all levels of the Bank.Application:To apply, please submit your resume through this job posting.