Value Stream IT Governance Lead

We are 1st Central, a market-leading insurance company utilising smart data and technology at pace. Rapid growth has been based on giving our 1.4 million customers exactly what they want: great value insurance with an excellent service. We won Insurance Employer of the Year at the British Insurance Awards 2024 and our Glassdoor score is impressive!

We are on the hunt for an experienced IT Governance Lead for a newly created role within our IT Governance team. This position will play a pivotal role within the IT Governance team.

You will be responsible for driving IT governance, security and technology risk management across the value stream. You will embed in a value stream and will play a key part in ensuring that all technology and business initiatives within the value streams comply with technology & governance frameworks, standards and policies. As the IT Governance Lead, you will act as a link between the Value Streams and the Security, IT Governance and Tech & Data risk team, and will be the first point of contact within the value stream to provide contextual advice and undertake relevant activities in stream.

We value flexible working arrangements, so you can choose to work remotely or work in the office occasionally if you live within a commutable distance from one of our offices in Salford Quays, Manchester, Haywards Heath, West Sussex, or Guernsey.

Core skills we are looking for to succeed in the role:

• Strong communication and collaboration skills, with excellent reporting skills.
• Ability to analyse security and technology risks.
• Stakeholder management skills.
• Ability to work across multiple teams.

What’s involved:

• You will lead and oversee IT, Security & technology risk governance within value streams, ensuring compliance with internal standards, policies, guardrails, etc.
• You will ensure value stream initiatives and ongoing activities follow appropriate governance processes.
• You will provide guidance on risk, including assessments, mitigation strategies, and acceptance processes, within existing frameworks.
• You will monitor, review, and report on technology and security risk across the value stream, providing direction on managing risk and minimising vulnerabilities.
• You will collaborate with the IT Governance & Information Security teams to highlight, assess, and mitigate changing or emerging risks within the value stream.
• You will assist in ensuring that security and other controls are embedded within the value streams’ development, deployment, and run lifecycles, including assessing, monitoring, and providing advice on value stream epics, features, etc.
• You will escalate and assist in the management of incidents, security events, and the establishment of root causes as required.
• You will assist in the triage and distribution of vulnerability & Pen Test findings and associated actions as required.
• You will undertake cross-value stream control testing and other assurance as needed.
• You will be responsible for monitoring, helping prioritise, and reporting on 1st/2nd/3rd line actions within the value stream.
• You will undertake standard IT Governance & Risk and Security activities in value stream, such as 3rd party risk assessments and due diligence.
• You will support all in-value stream 1st/2nd/3rd line reviews, audits, etc.
• You will undertake specific IT Governance and Security reporting activities as required.
• You will act as the 'eyes and ears' and champion within the value stream, bridging between value stream stakeholders and the IT Governance and Security teams, managing concerns, escalations, etc.
• You will engage, provide training, and promote awareness with value stream leaders and teams to ensure IT governance, risk, and security requirements are clearly understood and followed.
• You will identify opportunities for governance process improvements within value streams, and drive initiatives to improve governance, risk management, and security maturity.
• You will help foster a culture of accountability, ensuring value stream leaders and teams adhere to technology and security standards and are committed to appropriate and proportionate risk management.
• You will comply with the requirements, and act in accordance with, the Group Code of Conduct and Fitness and Propriety policies at all times.
• You will ensure compliance with Company Policies, Values and guidelines and other relevant standards/regulations at all times.

Experience and Knowledge:

• Strong knowledge of IT & Security governance, policies and requirements.
• Conducting risk assessments, control testing, and other assurance activities.
• Identifying, assessing, and mitigating technology and security risks.
• Technical experience and knowledge of security principles & controls.
• Knowledge of cloud security principles and DevOps governance.
• Experience in financial services or other regulated industries.
• Knowledge of Azure cloud security principles and DevOps.
• Knowledge of ISO 27001, COBIT and similar frameworks.

Skills:

• Strong communication and collaboration skills, with excellent reporting skills.
• Ability to analyse security and technology risks.
• Stakeholder management skills.
• Ability to work across multiple teams.

Behaviours:

• Ask questions, explore new solutions, and drive continuous improvement.
• Proactively identify risks and governance issues early and take initiative to address them.
• Collaborate effectively across teams, building strong relationships to embed governance principles and influence outcomes.
• Take ownership and responsibility for in value stream governance, ensuring teams meet security and compliance standards.
• Thrive in a fast-paced DevOps environment, balancing agility with governance requirements and practical solutions.
• Clear communication and explain governance and security concepts in a way that both technical and business teams can understand.

This is just the start. Imagine where you could end up! The journey's yours...

What can we do for you?

People first. Always. We are passionate about our colleagues and know the best people deserve an extraordinary working environment. Our workplaces are energetic, inspirational, supportive.

Intrigued? Our Talent team can tell you everything you need to know about what we want and what we are offering, so feel free to get in touch.