Job Description
Thanks to 250 years of experience in dealing with clients and companies, Lloyds Bank offers comprehensive knowledge and expertise in the banking sector. In addition, as part of the Lloyds Banking Group (LBG), it is part of one of the largest banks in the world. Lloyds Bank has established a new branch office to support Lloyds Banking Group companies in the processing of euro payments. This provides a unique opportunity to work in a regulatory context across multiple jurisdictions.
Risk Manager (Information Security and Operational Resilience) (m/f/d)
- Performing second-line activities related to IT security and operational resilience.
- Coordinating IT security and operational resilience initiatives in collaboration with internal and external stakeholders.
- Closely cooperating with Group-level stakeholders to ensure alignment and consistency.
- Providing strategic guidance on IT security and operational resilience matters.
- Acting as the point of contact for defining policies and procedures related to operational resilience and information security, in close cooperation with the appointed ISO and other Group entities.
- Developing and maintaining the operational resilience framework in accordance with regulatory requirements (e.g. DORA, MaRisk, BAIT), Group policies, and applicable standards.
- Identifying and assessing critical business processes and their dependencies (e.g. IT systems, service providers, infrastructure).
- Managing IT security and operational resilience risks on an ongoing basis, including execution of controls and testing activities.
- Conducting Business Impact Analyses (BIA) and risk assessments to evaluate organisational resilience.
- Creating and maintaining contingency and recovery plans (e.g. BCM, DRP).
- Developing and maintaining key performance indicators (KPIs) related to IT security and operational resilience.
- Continuously assessing legal and regulatory developments in IT security and operational resilience, and adapting local processes and policies accordingly.
- Leading internal and external audits and managing communications with regulators regarding operational resilience.
- Several years' experience in IT risk management, information security, operational resilience or compliance.
- Bachelor's degree in a relevant field (e.g. IT related, business or law studies), Master's degree is a plus.
- Solid knowledge of key regulatory and security frameworks, such as ISO, DORA and MaRisk.
- Understanding of the German and European regulatory landscape, including relevant sections of KWG and GWG.
- Experience in (Correspondent) Banking is a plus, ideally with exposure to risk, compliance, or IT governance topics.
- Knowledge around payments processing and scheme rules (e.g. SEPA, TARGET2) is a plus.
- A great communicator with sound interpersonal skills and strong written and verbal communication.
- Analytical and structured working style, with experience in risk assessments, control testing, and documentation.
- Fluency in English, written and spoken. German is a plus.
- An international team with colleagues from more than 50 different countries
- Social benefits such as a company pension scheme and capital formation contributions
- 30 days holiday as well as 24 and 31 December as non-working days
- Employee Assistance Programme – personal 24/7 helpline for all employees
- Various possibilities for flexible working, i.a. various part-time models, flexitime
- Extensive, very flexible home office arrangements
- Possibility to work from other EU countries for up to 30 days per year
- Additional benefits such as sports activities, free fruit, nuts and drinks
- Employer contributions to BVG job ticket and a Lease a bike programme
- An informal corporate culture - without dress code and ‘Sie'.
- An excellent learning culture and opportunity to improve your professional competencies
- Easily accessible city centre offices, in the vicinity of many shops and restaurants to which you receive a discount