Job Description

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team \xe2\x80\x93 one that makes better decisions, drives innovation and delivers better business results.

Title and Summary

Director, 1st Line Operational Risk Management

Director, 1st Line Operational Risk Management

Summary

The company

• Vocalink Limited (VLL) is a technology driven payments company with a unique and unrivalled position within the UK domestic payments industry.
• VLL has 4 core service offerings which it delivers in a highly resilient, secure and seamless way, namely:

1. Bacs - which processes 90+% of UK government benefits, 90% of UK salaries and 70% of household bills (Bacs);
2. FPS - the world\xe2\x80\x99s first 24*7*365 real time payment system;
3. LINK - UK\xe2\x80\x99s ATM network that connects to over 53,000 cash machines; and
4. ICS \xe2\x80\x93 an image based clearing system for cheques processing (ICS).

• Due to these responsibilities and its strategic importance to the UK economy, VLL is designated as a Critical National Infrastructure (CNI) and is regulated by the Bank of England.
• VLL is also an integral member of the Mastercard Group and with it the benefits of financial security, economies of scale as well as access to innovative technologies and a global talent base.

The Team

• VLL, in line with its industry peers operates a 3 Lines of Defence(3LOD) risk management model.
• This role is within the 1st Line Risk and Control Team, which itself was established at the start of 2023. The Team, whilst being in the 1st Line of Defence (1LOD), sits in between VLL\xe2\x80\x99s 1LOD functions and its 2nd Line of Defence (2LOD) functions such as Risk and Compliance.
• The Team acts as a critical friend and risk partner to the 1LOD and as its champion and central point of liaison in risk interactions with the 2LOD. The Team supports the embedding of robust risk management practices into BAU operations, help implement VLL\xe2\x80\x99s risk transformation agenda and promote a risk awareness and a proactive risk culture.
• This is an exciting opportunity to join a growing team whose remits covers the breadth of VLL\xe2\x80\x99s operation with exposure to senior stakeholders across the organisation.

Role overview

• Advise 1LOD functions on the application of operational risk management practices and changes to their day-to-day activities.
• Monitor compliance to the firm\xe2\x80\x99s risk management policies and processes as well as coordinate the implementation and embedding of operational risk change initiatives across the 1LOD functions.
• Consolidate, review and report key risk information to appropriate governance forums, key stakeholders and 2LOD functions.

Responsibilities of the role

• Provide robust risk advice to 1LOD functions by leveraging an in-depth understanding of applicable industry best practices and regulatory expectations.
• Support the development and/or implementation of applicable procedures to enable effective 1LOD adoption of the firm\xe2\x80\x99s risk management policies and processes.
• Support risk assurance activities conducted on the 1LOD through the provision of required information and explanation.
• Work with 1LOD functions to conduct ad hoc risk assessments and deep dive root cause analysis on priority risk areas or areas of material control deficiencies.
• Manage cross-functional initiatives to achieve on risk goals and compliance to applicable policies and regulations.
• Monitor relevant risk events and other developments in IT security, payments and wider financial services industry to ensure appropriate mitigation or learnings are shared with applicable 1LOD functions.
• Support and deputise for the Head of 1st Line Risk & Control in the discharge of his responsibilities, including performance management and mentoring/coaching of team members.
• Operate or facilitate the effective running of formal risk governance committees.
• Promote collaborative working relationships with stakeholders at all levels of the organisational hierarchy (function, entity and group).
• Present and engage effectively with senior leaders across Vocalink and Mastercard.

Relevant experience

• Experience of implementing recognised industry standards such as security (e.g. CRI, ISO27001) and operational resilience / BCM (e.g. ISO 22301) and IT (e.g. ITIL). [Mandatory]
• Experience of managing or partaking in the RCSA process ideally in a banking, financial services, IT or payments context. [Preferred]
• Experience of working in 1st or 2nd line risk teams or within 3rd line Internal Audit functions within a financial services environment. [Preferred]
• Experience of working in any of the following disciplines, not necessarily in a financial services environment: Technology (e.g. incident/change/problem management), Cyber Security (e.g SOC, vulnerability mgmt. etc), or Operational Resilience (e.g. Third party management, scenario analysis etc).
• Experience of applying operational risk frameworks and using of GRC solution
• Experience of leading cross-functional initiatives to design and implement best practice risk management practices.
• Experience in managing complex cross-functional strategic initiatives, projects and teams.
• Experience of leading and performance managing teams in a BAU or project context.
• Experience in delivering presentations and engaging with senior leadership at the Executive level and above.

Relevant skills

• Excellent communication skills (both written and oral)
• Excellent reporting and presentation skills
• Ability to remain calm and focused when working under pressure
• Ability to self-start, problem solve and motivate / lead other team members
• A flexible yet delivery orientated mindset
• Adept use of MS Word, Excel and PowerPoint
• Basic use of Tableau, Domo or similar reporting tools
• Basic understanding of database management and SQL

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

Abide by Mastercard\xe2\x80\x99s security policies and practices;

Ensure the confidentiality and integrity of the information being accessed;

Report any suspected information security violation or breach, and

Complete all periodic mandatory security trainings in accordance with Mastercard\xe2\x80\x99s guidelines.

Mastercard