Head of Technology Risk

Overview

The Head of Technology Risk is responsible for defining and leading the organisation’s technology risk strategy, ensuring risks across IT, digital platforms, cyber, data, and third-party ecosystems are

effectively identified, assessed, and managed. 

 

This role provides independent oversight while enabling innovation and transformation across the business. 

 

The role will has responsibility for identifying, managing and scoping requirements for all IT governance activities – operational and project, and lead team across Governance & SAP security in 22 markets/6 clusters

 

The Head of Technology Risk sets & implements the Governance strategy and driving department wide people engagement.

Responsibilities

Technology Risk Strategy & Leadership 

• Define and implement a comprehensive technology risk management framework
• Align risk strategy with business priorities and transformation agendas
• Establish clear risk appetite and tolerance models
• Advise executive leadership on technology risk exposure

Risk Identification & Management 

• Oversee the end-to-end technology risk lifecycle
• Maintain a consolidated technology risk register
• Ensure risks are identified across infrastructure, applications, data, and third parties
• Lead risk scenario analysis and stress testing

Governance, Controls & Assurance 

• Design and implement risk governance frameworks and controls
• Align with standards such as NIST, ISO 27001, COBIT
• Provide independent oversight of technology and cyber controls
• Lead audits and remediation tracking

Reporting & Board Engagement 

• Deliver clear reporting to executives and board committees
• Define meaningful KPIs and KRIs
• Translate technology risks into business impact
• Embed risk management into transformation initiatives

Transformation & Change Risk 

• Support safe adoption of emerging technologies
• Ensure risk-by-design principles

Stakeholder Management 

• Partner with CIO, CTO, CISO and business leaders
• Engage with regulators and auditors
• Promote a risk-aware culture

Leadership & Team Development 

• Lead and develop a high-performing risk team
• Build organisational risk capability
• Foster accountability and ownership

Success Measures 

• Improved visibility and reduction of key risks
• Strong audit outcomes
• Effective board-level risk reporting
• Embedded risk culture

Qualifications

Essential

• Experience in technology risk, IT risk, cyber risk, or audit 
• Strong knowledge of enterprise IT environments 
• Familiarity with frameworks such as NIST, ISO, COBIT 
• Ability to influence executive stakeholders 
• Possess highly developed interpersonal skills coupled with the drive and energy to play a central role in the development and improvement of appropriate controls for this fast paced and evolving business
• Delivery focused, proactive, sense of urgency, creative about how issues can be resolved, delivers results through others
• Collaborative engagement and influencing within Technology, the wider business and externally
• Curious mind-set, ability to think analytically and see the bigger picture
• Continuous improvement outlook, thriving on continual change, ability to get under the surface of an issue and really identify the problem and possible solutions
• Able to work as part of a small team, willing to be flexible and responsive, to take on new challenges and with a real desire to get things done
• Graduate
• A Technology Governance professional with working experience in an audit, governance or compliance role at a management level
• Have led improvement programmes for Technology General Controls
• Able to interpret business risk areas in order implement appropriate controls measures
• A desire and ability to work in a pan-European environment is important

Desirable

• Experience of FMCG business environment
• Experience of SAP authorisations, SAP GRC & SAP automated controls