Risk and Governance Lead in Swindon

Risk and Governance Lead in Swindon

Swindon Full-Time No working from home possible
The Openwork Partnership

The opportunity

We are looking for a Risk & Governance Lead to take ownership of how risk and controls are defined, managed, and driven across Openwork’s technology function.

This is a hands‑on, first‑line role, not oversight from a distance. You’ll be actively writing risk and control definitions, working closely with delivery teams, and ensuring issues are driven to resolution. Success in this role means moving risks to green, not just reporting on them.

Operating within a regulated financial services environment, technology risk at Openwork is critical, underpinning Consumer Duty, operational resilience, and the trust placed in our platform by advisers and clients.

As the technology function continues its transformation, you’ll ensure the risk and control framework evolves in step—staying ahead of change, not lagging behind it.

This is a hybrid role based in Swindon with 3 days a week required in the office.

The Benefits

  • Salary - up to £70,000
  • Bonus scheme - on target bonus - 15%
  • Pension scheme - contribute up to 5% of your salary and Openwork will match you and put in an extra 5%
  • Critical illness cover
  • Income protection
  • Death in service - 4x salary
  • 27 days holiday + bank holidays, with the opportunity to buy up to an additional 10 days
  • A range of other flexible benefits to include private medical insurance, dental insurance and much more.

Your responsibilities will include:

  • Owning and maintain the technology risk and controls register, ensuring accuracy, completeness and currency.
  • Defining and document risks and controls in partnership with technical SMEs, translating complexity into clear, auditable language.
  • Working directly with delivery teams to identify control gaps and drive credible, time‑bound remediation.
  • Leading the technology risk governance cycle, including reviews, attestations and escalation.
  • Acting as the primary interface with Enterprise Risk, Compliance and Internal Audit.
  • Maintaining the technology policy and standards library, ensuring alignment with regulatory expectations.
  • Providing risk input into technology programmes, ensuring controls are embedded from day one.
  • Reporting clearly and transparently on technology risk profile to senior stakeholders (CTO, ExCo, committees).
  • Leading readiness for audit, regulatory reviews and external assurance, including evidence and remediation tracking.
  • Championing a risk‑aware culture, making governance practical, accessible and effective.

What will you need to succeed?

  • Significant experience in technology risk, governance or controls roles, ideally in financial services or another regulated sector.
  • Proven track record of hands‑on risk and control definition.
  • Experience working as a first‑line risk practitioner, partnering effectively with second‑line functions.
  • Strong background supporting audit and regulatory reviews, including remediation management.
  • Experience embedding risk and governance into technology delivery and change programmes.
  • Relevant certifications (CRISC, CISM, CISSP, IRM or similar) are advantageous.
  • Ability to engage credibly with engineering and architecture teams.
  • Familiarity with Azure, SaaS platforms and cloud‑native architectures.
  • Understanding of key technology risk domains (resilience, security, data protection, change, third‑party risk).
  • Experience with risk management tooling and governance frameworks.
  • Knowledge of FCA requirements, including operational resilience, SYSC, outsourcing and Consumer Duty.
#J-18808-Ljbffr
The Openwork Partnership

Contact Details:

The Openwork Partnership Recruitment Team