Senior Enterprise Risk Manager

Hampshire Trust Bank is a specialist bank, staffed by experts focused on helping UK businesses realise their ambitions. We offer niche specialty lines, as a SME bank, targeting under-served segments. Our dedicated Wholesale Finance, Bridging Finance, Development Finance and Specialist Mortgages teams ensure that businesses receive the outstanding service, lasting relationships, integrity and expertise they need to prosper. We also provide savings accounts to individuals and businesses and since we lend to SMEs, our savers can be sure their money will help boost the British economy.

Our vision is to be the go-to bank in our chosen markets; to deliver positive customer outcomes, rewarding careers and great shareholder value through a high-performing culture grounded in excellence and integrity.

The Enterprise Risk team, led by the Head of Enterprise Risk, operates as an independent Second Line and is focused on the oversight and management of financial and non-financial risks across the organisation. This includes Operational risk & resilience, Treasury risk, Climate & ESG risk, Risk Governance and other emerging risk types that could impact the firm’s stability, reputation, or ability to deliver critical services e.g Third Party, IT and AI. The team provides robust oversight and challenge to the First Line, ensuring that the Risk Management Framework is effectively implemented, embedded, and aligned to both the firm’s risk appetite and regulatory expectations.

In fulfilling this role, Enterprise Risk works closely with the business to support the identification, assessment, and management of risk, while promoting a strong and consistent risk culture. The team is responsible for developing and maintaining risk frameworks, delivering risk oversight and assurance activities, and providing clear, timely reporting to senior management and the Board. Through these activities, the function enhances organisational resilience, strengthens risk-informed decision-making, and provides assurance that Enterprise risks are proactively managed within tolerance.

• Lead second line oversight of first line Operational Risk activities, including Risk and Control Self-Assessments (RCSAs), scenario analysis, and control effectiveness reviews.
• Deliver a structured programme of Key Control assurance, thematic reviews, and deep-dives to assess control effectiveness and identify systemic weaknesses.
• Ensure risk events and incidents are comprehensively captured, investigated, and remediated, with clear root cause analysis and lessons learned embedded across the business.
• Own, maintain and continuously enhance the Group Operational Risk Management Framework (GORMF), and other Operational Risk policies and guidance.
• Lead the end-to-end delivery of a strategic GRC system implementation, including requirements definition, vendor selection, testing, and embedding.

• Develop and embed second line oversight of Operational Resilience, ensuring alignment with regulatory expectations (e.g. important business services, impact tolerances, and scenario testing).
• Own, maintain and continuously enhance the Group Operational Resilience Risk Framework and Group Third Party Risk Framework.
• Expand second line coverage across key non-financial risk domains, including: Third Party Risk Management (TPRM), Cyber and Information Security Risk, Technology and IT Risk, Artificial Intelligence (AI) Risk.
• Provide independent challenge to ensure these risk domains are effectively governed, controlled, and integrated into the wider risk framework.

• Support the design, development, and implementation of a comprehensive Data Risk Framework, covering data governance, quality, privacy, lineage, and usage risks.
• Ensure the framework is embedded across the organisation, with clear roles, responsibilities, and controls aligned to regulatory expectations and best practice.
• Establish appropriate oversight, metrics, and reporting to support effective management of data-related risks.

• Significant experience in Operational Risk or Enterprise Risk within Financial Services or a similarly regulated industry.
• Demonstrable second line experience with oversight and challenge responsibilities.
• Diverse knowledge of financial services with specific knowledge of current regimes pertaining to Operational Risk under the auspices of the PRA and FCA regulatory authorities.
• Practical experience in Operational Resilience (e.g. important business services, impact tolerances, scenario testing).
• Exposure to or oversight of TPRM, Cyber/IT Risk, and emerging risks such as AI.
• Demonstrated ability to partner effectively with first line business units while maintaining independence of oversight.
• Experience delivering training and driving behavioural change around risk management.
• Experience operating at senior governance level, including preparing and presenting papers to Executive and Board committees.
• Ability to implement pragmatic, scalable solutions in evolving or ambiguous environments.
• Familiarity with risk systems, GRC tooling, analytics, and the use of dashboards/KRIs to drive insight.
• Strong organizational skills with the ability to manage multiple priorities and deliver outcomes to tight deadlines.
• Experience working across complex stakeholder landscapes and driving accountability.
• Demonstrates curiosity and proactively explores new risk areas (e.g. AI, data, digital resilience).

Competitive remuneration including discretionary annual bonus and annual pay review, Private Medical Insurance (Bupa), 25 days annual leave (increasing with service) + Holiday Buy Scheme, Cycle to Work Scheme & Green Car Scheme, Enhanced family leave policies, Study support & professional memberships, Hybrid working (50/50 London), Interest‑free season ticket loan.