Job details

Head of Technology Risk (2nd LOD)

Our Story

Hello there. We’re Zopa.

We started our journey back in 2005, building the first ever peer-to-peer lending company. Fast forward to 2020 and we launched Zopa Bank. A bank that listens to what our customers don’t like about finance and does the opposite. We’re redefining what it feels like to work in finance. Our vision for a new era of banking puts people front and centre — we’ve built a business that empowers everyone to aim high, every day, to move finance forward. Find out more about our fantastic offerings at Zopa.com!

We’re incredibly proud of our achievements and none of it would be possible without the amazing team here. It’s not just industry awards we’re winning, we’ve also been named in the top three UK’s Most Loved Workplaces.

If you embrace unconventional challenges, are unafraid to think differently and are driven to make an outsized impact, you’ll thrive here at Zopa, so join us, and make it count. Want to see us in action? Follow us on Instagram @zopalife

The Second Line Technology Risk Team owns the framework for managing technology risk at Zopa, andis responsible for advising and challenging the business to ensure the security and resilience of our technology infrastructure, systems, and data assets. The team is responsible for risk oversight of the first line, training and assurance activity, designed to ensure that defined frameworks and standards are adhered to and that Zopa is managing its technology risk exposure within the bank’s risk appetite.

We are seeking an experienced head of second line senior technology risk to support the ongoing development of the technology risk framework and the processes that support it. This position requires a dynamic and strategic thinker who can partner with our various technology and information security teams to provide effective review, challenge, oversight, and assurance of technology risk assessments and decision-making by the business. The role is an exciting opportunity for a senior technology risk manager motivated by driving change and contributing to responsible growth and a truly customer-centric experience.

A day in the life:

You'll be working closely with the Director of Operational Risk and senior technology and risk leaders from across the business.
Developing and implementing technology risk frameworks.
Providing oversight and ensuring compliance with tech risk standards and regulations.
Conducting independent testing and challenge of technology and information security controls and their effectiveness.
Working with 1st line risk to embed risk management standards.
Improving the quality of discussion and debate around technology and information security risk – ensuring appropriate escalation, a consistently evolving approach to MI and controls and clear expectation setting.

About you:

Knowledge and expertise in modern, cloud-based architectures – including networking and security foundations, cloud development patterns, and data management fundamentals.
Experience of working in the financial services, banking, or fintech sector.[JS1]
Deep understanding of the regulatory landscape governing financial institutions, including, cloud service providers, operational resilience, and tech outsourcing (e.g. DORA & CTP).
Good working knowledge of security industry frameworks such as ISO27001, SOC2, & NIST.
Familiarity with payments best practices and controls including PCI DSS.
Knowledge of industry best practice in the design of key technology controls and experience in challenging their effectiveness.
Experience of enabling autonomy within 1LOD, whilst generating a strong risk management culture and ensuring risks are management within appetite.
Expertise in third party technology risk management, including assessing the effectiveness of vendor and external partner controls.
An understanding of incident management practises and experience of challenging the effectiveness of responses to technology and security-related incidents.

#LI-LK1

Flexible working? Yes please!

At Zopa we value flexible ways of working. We understand the benefits of face-to-face collaboration and the importance of a good work-life balance. Our teams work in a hybrid manner, from our vibrant UK offices and the comfort of their own homes, at a frequency that suits the team and the work they do.

Not only that – you'll also have the option of working from abroad for up to 120 days a year!* But no matter where you are, we’ll make sure you’ve got everything you need to thrive, both in your work and home life, from day one.

*Subject to having the right to work in the country of choice

Diversity Statement

Zopa is proud to offer a workplace free from discrimination. Diversity of experience, perspectives, and backgrounds leads to better products for our customers and a unique company culture for our people. We are made up of nearly 50 nationalities, have a DE&I forum made up of Zopians wanting to make a difference and we are proud of our culture where everyone can bring their full self to work. Our approach to DE&I is reflected in our hiring process so please let us know if you require any reasonable adjustments.

Zopa Glassdoor Company Review

4.6

Zopa DE&I Review

No rating

CEO of Zopa

Jaidev Janardana

Approve of CEO

What You Should Know About Head of Technology Risk (2nd LOD), Zopa

Hello there! We’re excited to announce that Zopa is looking for a Head of Technology Risk (2nd LOD) to join our fantastic team in London. Since our inception in 2005 as the first peer-to-peer lending company, we have continuously evolved, especially with the launch of Zopa Bank in 2020. At Zopa, we’re all about rethinking finance, putting people first and working to redefine banking. As the Head of Technology Risk, you’ll play a crucial role in our Second Line Technology Risk Team, which is dedicated to developing and managing our technology risk frameworks. This position is perfect for someone who is not just an expert in technology risk but also passionate about driving change in the financial services sector. You’ll partner with technology and information security teams, ensuring that our technology infrastructure remains secure and resilient. Your day-to-day responsibilities will include providing oversight, independent testing, and developing compliance standards. If you have extensive knowledge of cloud-based technologies and experience within the fintech or banking industry, we want you on our team! Plus, we value flexibility, so you'll enjoy a hybrid working model that allows you to blend in-office collaboration with the comfort of working from home. Join us at Zopa, where we don't just aim for business success; we aim to cultivate a workplace that's recognized as one of the UK’s Most Loved Workplaces.

Frequently Asked Questions (FAQs) for Head of Technology Risk (2nd LOD) Role at Zopa

What are the responsibilities of the Head of Technology Risk (2nd LOD) at Zopa?

The Head of Technology Risk (2nd LOD) at Zopa is responsible for developing and implementing technology risk frameworks, ensuring compliance with tech risk standards, and providing oversight across teams. This role involves independent testing and challenge of technology controls, working closely with the first line of defense to embed risk management standards, and enriching discussions about technology risk management.