Job Description

Who are we?
Howden is a collective - a group of talented and passionate people all around the world. Together, we have pushed the boundaries of insurance. We are united by a shared passion and no-limits mindset, and our strength lies in our ability to collaborate as a powerful international team comprised of 18,000 employees spanning over 100 countries.
People join Howden for many different reasons, but they stay for the same one: our culture. It's what sets us apart, and the reason our employees have been turning down headhunters for years. Whatever your priorities - work / life balance, career progression, sustainability, volunteering - you'll find like-minded people driving change at Howden.
What is the role?
Howden is experiencing incredible growth, and we are currently seeking a highly motivated individual to join our newly forming Group Technology Risk team as Head of Framework and Controls. This role offers a fantastic opportunity to take ownership of the Framework and Controls Reporting tower and play a pivotal role in shaping the Group's technology risk landscape.
The Head of Framework and Controls will be responsible for overseeing the development, implementation, and management of control frameworks across the organisation. This includes ensuring that all IT and data controls are effectively monitored, tested, and reported, and that Howden remains compliant with regulatory requirements.
Given the scale and complexity of our global operations, the successful candidate must be adept at navigating a matrixed environment and working closely with senior stakeholders--including divisional C-suite leaders--to embed robust risk management and control practices. A key objective of this role is to help consolidate the Group's risk profile and ensure consistent, high-quality governance across all business units.
Please note that this is a full-time, permanent role based in our Central London office. Following a hybrid work pattern, you are expected to be onsite 3 days per week on average.
What will you be doing?Oversee the development of policies, supporting frameworks and controls, to manage IT and Data risk effectively. These should take industry good practice and regulatory requirements into account and be complimentary with existing policies and frameworks. IT and Data Controls Oversight: Oversee the implementation and maintenance of IT and data control frameworks. Ensure that controls are effective in mitigating risks and protecting the organisation's data assets. Manage the lifecycle of all technology polices across the group. Controls Testing: Develop and manage a comprehensive control testing programme. Conduct regular testing of key controls to ensure their effectiveness and compliance with internal policies and regulatory requirements. Key Controls Indicators: Establish and monitor key control indicators (KCIs) to measure the effectiveness of controls. Provide regular reports and updates to senior management on control performance. Coordinate Technology RCSA / ERICCA1: Lead the coordination of Technology Risk and Control Self-Assessments (RCSA) and Enterprise Risk and Internal Control Compliance Assessments (ERICCA1). Ensure that assessments are conducted regularly and that findings are addressed promptly. M&A Due Diligence Assessments: Conduct due diligence assessments for mergers and acquisitions. Evaluate the control environment of target companies and provide recommendations for integration and risk mitigation. Set and Review Policies and Standards: Develop, review, and update control policies and standards. Ensure that policies and standards are aligned with industry best practices and regulatory requirements. Regulatory Engagement: Engage with regulatory bodies to ensure compliance with relevant regulations. Provide timely and accurate information to regulators and address any regulatory concerns. Auditor Engagement: Coordinate with internal and external auditors to facilitate audits and reviews. Ensure that audit findings are addressed and that control deficiencies are remediated promptly. Regulatory Compliance: Ensure that the organization remains compliant with all relevant regulations. Monitor changes in regulatory requirements and update control frameworks accordingly.

What are we looking for?Extensive experience in global risk management, preferably within the insurance or financial services industry. Strong understanding of technology risk and its impact on business operations globally. Excellent analytical, communication, and leadership skills. Ability to collaborate effectively with cross-functional and regional teams.

What do we offer in return?
A career that you define. At Howden, we value diversity - there is no one Howden type. Instead, we're looking for individuals who share the same values as us:Our successes have all come from someone brave enough to try something new We support each other in the small everyday moments and the bigger challenges We are determined to make a positive difference at work and beyond

Reasonable adjustments
We're committed to providing reasonable accommodations at Howden to ensure that our positions align well with your needs. Besides the usual adjustments such as software, IT, and office setups, we can also accommodate other changes such as flexible hours or hybrid working.
If you're excited by this role but have some doubts about whether it's the right fit for you, send us your application - if your profile fits the role's criteria, we will be in touch to assist in helping to get you set up with any reasonable adjustments you may require.Not all positions can accommodate changes to working hours or locations. Reach out to your Recruitment Partner if you want to know more.

Permanent