Head of Technology Risk (2nd LOD)
Posted 5 days 15 hours ago by Zopa Bank Limited
Our Story
Hello there. We're Zopa.
We started our journey back in 2005, building the first ever peer-to-peer lending company. Fast forward to 2020 and we launched Zopa Bank. A bank that listens to what our customers don't like about finance and does the opposite. We're redefining what it feels like to work in finance. Our vision for a new era of banking puts people front and centre - we've built a business that empowers everyone to aim high, every day, to move finance forward. Find out more about our fantastic offerings at !
We're incredibly proud of our achievements and none of it would be possible without the amazing team here. It's not just industry awards we're winning, we've also been named in the top three UK's Most Loved Workplaces.
If you embrace unconventional challenges, are unafraid to think differently and are driven to make an outsized impact, you'll thrive here at Zopa, so join us, and make it count. Want to see us in action? Follow us on
The Second Line Technology Risk Team owns the framework for managing technology risk at Zopa, and is responsible for advising and challenging the business to ensure the security and resilience of our technology infrastructure, systems, and data assets. The team is responsible for risk oversight of the first line, training and assurance activity, designed to ensure that defined frameworks and standards are adhered to and that Zopa is managing its technology risk exposure within the bank's risk appetite.
We are seeking an experienced head of second line senior technology risk to support the ongoing development of the technology risk framework and the processes that support it. This position requires a dynamic and strategic thinker who can partner with our various technology and information security teams to provide effective review, challenge, oversight, and assurance of technology risk assessments and decision-making by the business. The role is an exciting opportunity for a senior technology risk manager motivated by driving change and contributing to responsible growth and a truly customer-centric experience.
A day in the life:
- You'll be working closely with the Director of Operational Risk and senior technology and risk leaders from across the business.
- Developing and implementing technology risk frameworks.
- Providing oversight and ensuring compliance with tech risk standards and regulations.
- Conducting independent testing and challenge of technology and information security controls and their effectiveness.
- Working with 1st line risk to embed risk management standards.
- Improving the quality of discussion and debate around technology and information security risk - ensuring appropriate escalation, a consistently evolving approach to MI and controls and clear expectation setting.
- Knowledge and expertise in modern, cloud-based architectures - including networking and security foundations, cloud development patterns, and data management fundamentals.
- Experience of working in the financial services, banking, or fintech sector.
- Deep understanding of the regulatory landscape governing financial institutions, including, cloud service providers, operational resilience, and tech outsourcing (e.g. DORA & CTP).
- Good working knowledge of security industry frameworks such as ISO27001, SOC2, & NIST.
- Familiarity with payments best practices and controls including PCI DSS.
- Knowledge of industry best practice in the design of key technology controls and experience in challenging their effectiveness.
- Experience of enabling autonomy within 1LOD, whilst generating a strong risk management culture and ensuring risks are managed within appetite.
- Expertise in third party technology risk management, including assessing the effectiveness of vendor and external partner controls.
- An understanding of incident management practices and experience of challenging the effectiveness of responses to technology and security-related incidents.
Flexible working? Yes please!
At Zopa we value flexible ways of working. We understand the benefits of face-to-face collaboration and the importance of a good work-life balance. Our teams work in a hybrid manner, from our vibrant UK offices and the comfort of their own homes, at a frequency that suits the team and the work they do.
Not only that - you'll also have the option of working from abroad for up to 120 days a year! But no matter where you are, we'll make sure you've got everything you need to thrive, both in your work and home life, from day one.
Subject to having the right to work in the country of choice.
Diversity Statement
Zopa is proud to offer a workplace free from discrimination. Diversity of experience, perspectives, and backgrounds leads to better products for our customers and a unique company culture for our people. We are made up of nearly 50 nationalities, have a DE&I forum made up of Zopians wanting to make a difference and we are proud of our culture where everyone can bring their full self to work. Our approach to DE&I is reflected in our hiring process so please let us know if you require any reasonable adjustments.