Life Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living.

S+N has been working to evolve the IT Risk Management Program over the last two years and is looking for an experienced Risk Manager to bring new ideas and best practices, to complete the exercise and run the program.

IT Risk Management at S+N has Senior Leadership backing and prioritization. 

This role breaks down into three components:

• Completion of the program redesign
• Manage of ongoing IT Risk operations and reporting to leadership
• Collaborate on a program or Risk Audits to identify new risks

The IT Risk Management Program is operated in Service Now using the Integrated Risk Management module, for which S+N has almost completed an enhancement project.

The program operates with an established group of IT leaders as Risk Owners and delegates in their organizations with IT Risk Management responsibilities.

You will be joining another IT Risk Senior Specialist, both reporting into the GRC Director.

What will you be doing?

• The completion of the IT Risk Management Program enhancements, focusing on ease of use, meaningful risk scoring and leadership reporting.
• Ownership and operation of the IT Risk Management Program
• Collaborate on the design and implement a program of audits to identify, document, analyze and treat IT Risks across the organization

What you will need to be successful?

• The role requires a strong background in IT Audit, Information Security and Risk Management, evidenced by relevant Industry Certification.
• The Senior Specialist will be required to engaged with Business, IT, IS and Project team members, at various levels in the organization. As such a confident self-starter is would be best suited, who can design and deliver the program without micro management.
• Excellent communication and presentation skills will be essential (Must be fluent in English)
• One or more professional qualifications related to Information Security and Risk Management, are required CISA, CIA, CCSP, CRISC
• Prior experience in healthcare industry e.g. Medical Devices, Pharmaceuticals, will be an advantage