1st Line Operational Risk Director - Product, Delivery & Group Functions

Background

The company
• Vocalink Limited (VLL) is a technology driven payments company with a unique and unrivalled position within the UK domestic payments industry.
• VLL has 4 core service offerings which it delivers in a highly resilient, secure and seamless way, namely:
1.Bacs - which processes 90+% of UK government benefits, 90% of UK salaries and 70% of household bills (Bacs);
2.FPS - the world's first 247365 real time payment system;
3.LINK - UK's ATM network that connects to over 53,000 cash machines; and
4.ICS - an image based clearing system for cheques processing (ICS).
• Due to these responsibilities and its strategic importance to the UK economy, VLL is designated as a Critical National Infrastructure (CNI) and is regulated by the Bank of England.
• VLL is also an integral member of the Mastercard Group and with it the benefits of financial security, economies of scale as well as access to innovative technologies and a global talent base.

The Team
• VLL, in line with its industry peers operates a 3 Lines of Defence(3LOD) risk management model.
• This role is within the 1st Line Risk & Control Team, in the 1st Line of Defence (1LOD).
• The Team acts as a risk partner to the 1LOD as well as providing independent oversight and challenge where required.
• The Team:
oensures 1LOD functions comply to VLL risk management policies and standards,
osupports embedding of robust risk management practices into BAU operations,
odrives delivery of VLL's risk transformation agenda in the 1LOD and
opromotes a risk awareness and a proactive risk culture.
• This is an exciting opportunity to join a growing team whose remits covers the breadth of VLL's operation with exposure to senior stakeholders across the organisation and the wider Mastercard Group.

Role overview
• Advise 1LOD functions (Product, Delivery and Group Functions) on the application of operational risk management practices and changes to their day-to-day activities.
• Monitor compliance to the firm's risk management policies and processes as well as coordinate the implementation and embedding of operational risk change initiatives across the 1LOD functions.
• Consolidate, review and report key risk information to appropriate governance forums, key stakeholders and 2LOD functions.

Responsibilities of the role
• Provide robust risk advice and challenge to 1LOD functions by leveraging an in-depth understanding of applicable industry best practices and regulatory expectations.
• Support the development and/or implementation of applicable procedures to enable effective 1LOD adoption of the firm's risk management policies and processes.
• Support risk assurance activities conducted on the 1LOD through the provision of required information and explanation.
• Work with 1LOD functions to conduct ad hoc risk assessments and deep dive root cause analysis on priority risk areas or areas of material control deficiencies.
• Manage cross-functional initiatives to achieve on risk goals and compliance to applicable policies and regulations.
• Monitor relevant risk events and other developments both within VLL and across IT security, payments and wider financial services industry to ensure appropriate mitigation or learnings are shared with applicable 1LOD functions.
• Support and deputise for the Head of 1st Line Risk & Control in the discharge of his responsibilities, including performance management and mentoring/coaching of team members.
• Operate or facilitate the effective running of formal risk governance committees.
• Promote collaborative working relationships with stakeholders at all levels of the organisational hierarchy (function, entity and group).
• Present and engage effectively with senior leaders across VLL and Mastercard.

Relevant experience
• Experience of working in or advising functions such as Product Management, Change Delivery, Finance, HR, Legal on the application of operational risk management practices and changes to their day-to-day activities. [Mandatory]
• Experience of managing or partaking in the RCSA process ideally in a banking, financial services, IT or payments context. [Mandatory]
• Experience of working with any of the following disciplines, not necessarily in a financial services environment: Technology (e.g. Hardware and Software engineering), Operations (e.g. incident, change and problem management), Information Security (e.g SOC, vulnerability mgmt. etc), or Operational Resilience (e.g. Third-party management, scenario analysis etc). [Preferred]
• Experience of working in 1st or 2nd line risk teams or within 3rd line Internal Audit functions within a financial services environment. [Preferred]
• Experience of applying operational risk frameworks and using of GRC solution [Preferred]
• Experience in delivering presentations and engaging with senior leadership at the Executive level and above.

Relevant skills
• Excellent communication skills (both written and oral)
• Excellent reporting and presentation skills
• Ability to remain calm and focused when working under pressure
• Ability to self-start, prioritise, problem solve and motivate / lead other team members
• A flexible yet delivery orientated mindset
• Adept use of MS Teams, Word, Excel and PowerPoint
• Basic use of Tableau, Domo or similar reporting tools

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.