Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead Technology Risk Management and ensure effective risk processes across M&S Digital and Technology.
- Company: Join M&S, a dynamic and inclusive retailer committed to quality and customer service.
- Benefits: Enjoy 20% discount, competitive holidays, bonuses, and wellbeing support.
- Why this job: Be part of an innovative team transforming retail in a supportive environment.
- Qualifications: Strong IT Risk experience and knowledge of technology controls required.
- Other info: Hybrid role with opportunities for personal and professional growth.
The predicted salary is between 48000 - 72000 £ per year.
Everyone is welcome at M&S. No exceptions. It’s your background, abilities and differences that make you, uniquely you. And when you’re part of M&S, that individuality has the potential to make waves.
Job purpose
As a Technology Risk Senior Lead within the First Line of Defence (1LOD) for M&S Digital and Technology (D&T), you will lead Technology Risk Management within the D&T Risk, Audit, and Compliance function, reporting directly to the Head of Risk, Audit, and Compliance. Your core responsibility will involve managing Technology Risk processes across D&T's Products and Platforms. Your primary objective is to ensure that both individual and aggregated Technology Risks are thoroughly identified, assessed, clearly understood, and effectively managed, with robust strategies in place for mitigating both strategic and tactical risks.
You will work closely with the D&T Products and Platforms teams to identify and assess Technology Risks, encompassing Operational, Transformational, Regulatory, and Emerging Risks, and detail the findings in the M&S GRC (Governance, Risk Management, and Compliance) platform.
What’s in it for you
Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day. We’re an inclusive, dynamic, exciting, and ever-evolving business built on doing the right thing and bringing outstanding quality, value, service to every customer, whenever, wherever and however they want to shop with us. Here are some of the benefits we offer that make working for M&S just that little bit more special:
- After completing your probationary period, you’ll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
- Competitive holiday entitlement with the potential to buy extra holiday days!
- Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
- A generous Defined Contribution Pension Scheme and Life Assurance.
- A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
- Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
- Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
- Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
- A charity volunteer day to support a charity or cause you’re passionate about through a dedicated day away from work.
What you’ll do
- Take the lead in implementing the Risk Assurance Framework across all D&T Product and Platforms.
- Conduct and coordinate Risk identification and assessments processes to identify and analyse potential risks to Technology Operations.
- Develop comprehensive risk mitigation plans in response to identified Risks and control weaknesses.
- Support the development and maintenance of Technology Risk Dashboards and reports that provide an executive overview of the Technology risk landscape, including key risk indicators, mitigation progress, and emerging risks.
- Lead and develop a team of Technology risk professionals, encouraging a culture of continuous improvement, innovation, and risk-aware decision-making.
Who you are
- Strong experience of IT Risk and Technology Controls Frameworks and the application of Technology Risk standard processes and Risk Standards (ISO 31000, ITIL, Cobit 5, IS27001 COSO, NIST 800-53, SOX etc).
- A track record as an experienced Risk and control practitioner in leading digital/technology controls (experience in managing Cloud and Data technology controls is highly desirable).
- High-level analytical approach to sophisticated technical and business problems.
- Proven track record in technology control identification and management.
- ITGC controls experience preferable.
- Strong communicator – written and verbal with the ability to produce quality reporting and documentation.
- Ability to facilitate and develop cross team collaboration, communicating with people at all levels within the organisation.
- Basic understanding of technology development practices and ways of working (e.g. Waterfall, Agile, DevOps).
- A continuous learner eager to develop knowledge on own and with others.
Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen. We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together. If you feel you’d benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.
Tech Risk Senior Lead - London, Greater London employer: Marks & Spencer
Contact Detail:
Marks & Spencer Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Tech Risk Senior Lead - London, Greater London
✨Tip Number 1
Familiarise yourself with the specific Technology Risk frameworks mentioned in the job description, such as ISO 31000 and NIST 800-53. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the role.
✨Tip Number 2
Network with current or former employees of M&S, especially those in the Digital and Technology departments. They can provide valuable insights into the company culture and expectations, which can help you tailor your approach during interviews.
✨Tip Number 3
Prepare examples of how you've successfully identified and mitigated technology risks in previous roles. Use the STAR method (Situation, Task, Action, Result) to structure your responses, making it easier for interviewers to see your impact.
✨Tip Number 4
Stay updated on the latest trends and challenges in technology risk management, particularly in retail. Being knowledgeable about current issues will allow you to engage in meaningful discussions during your interview and show your passion for the field.
We think you need these skills to ace Tech Risk Senior Lead - London, Greater London
Some tips for your application 🫡
Understand the Role: Before applying, make sure to thoroughly read the job description for the Tech Risk Senior Lead position. Understand the key responsibilities and required skills, such as experience with IT Risk and Technology Controls Frameworks.
Tailor Your CV: Customise your CV to highlight relevant experience in technology risk management and your familiarity with frameworks like ISO 31000 and NIST 800-53. Use specific examples that demonstrate your ability to manage risks effectively.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for technology risk management and your alignment with M&S's values. Mention how your background and skills can contribute to their mission of innovation and customer service.
Proofread Your Application: Before submitting, carefully proofread your application materials. Check for spelling and grammatical errors, and ensure that all information is clear and concise. A polished application reflects your attention to detail.
How to prepare for a job interview at Marks & Spencer
✨Understand the Risk Frameworks
Familiarise yourself with key risk management frameworks such as ISO 31000, ITIL, and NIST 800-53. Be prepared to discuss how these frameworks apply to technology risk management and provide examples from your past experience.
✨Showcase Your Analytical Skills
Prepare to demonstrate your analytical approach to identifying and managing technology risks. Think of specific instances where you successfully identified a risk and implemented a mitigation strategy, and be ready to share these during the interview.
✨Communicate Effectively
As a strong communicator, practice articulating complex technical concepts in a clear and concise manner. You may be asked to explain your thought process or findings, so ensure you can convey your ideas effectively to both technical and non-technical audiences.
✨Emphasise Team Collaboration
Highlight your experience in leading teams and fostering collaboration across departments. Be ready to discuss how you have encouraged a culture of continuous improvement and innovation within your previous roles, as this aligns with the company's values.
