Risk & Controls Oversight Senior Lead - Third party and LRR Risk

As a Risk & Controls Oversight Senior Lead - Third party and LRR Risk you’ll be responsible for providing expert oversight on third party and LRR risk. You’ll play a critical role in ensuring our risk management practices are robust, effective, and always in compliance of risk and control management frameworks. You’ll also act as a key bridge between the Customer & Digital Team, Chief Operating Office (CCO), second and third‑line risk partners, and other stakeholders.

In this role, you’ll develop and assess risk appetite, lead conversations on risk acceptance, ensure controls are designed and assessed properly, resolve any gaps and improve the control environment. You’ll also ensure ongoing monitoring of controls to keep the business audit ready, embed an active risk management culture, assess new business activities, and leverage tools such as KRIs and risk dashboards.

You’ll stay on top of market trends and emerging risks, drive continuous education based on internal and external themes and lessons learned. You’ll be responsible for ensuring compliance with relevant laws and regulations, preparing and enhancing governance papers and reports. Additionally, you’ll identify opportunities for data‑led controls monitoring and automation. You’ll ensure compliance with RCSA, issue management and risk events management processes in line with the Operational Risk framework.

To be successful as a Risk & Controls Oversight Senior Lead - Third party and LRR Risk you should have experience with:

• Good understanding of Retail Banking Customer Journeys to identify and manage associated risks and controls
• Proven experience in data analytics, data science, and driving automation and digitization within Risk Management processes
• End‑to‑end third‑party lifecycle risk management: onboarding, due diligence, ongoing monitoring, exit
• Supplier dependency & concentration risk management (critical vendors, single points of failure)
• Outsourcing / material service provider risk management and compliance with regulatory expectations
• Fourth‑party risk visibility (sub‑contracting chains, hidden exposures)
• Third‑party performance & control assurance (SLAs, control attestations, audits)
• Alignment of controls to LRR obligations and regulatory standards, ensuring correct applicability across journeys in Customer & Digital
• Understanding of new LRRs impacting the business, with ability to work closely with Regulatory Engagement teams to ensure compliance
• Ability to balance risk management with business goals when defining Risk Appetite, and effectively influence or negotiate with stakeholders on risk acceptance
• Conduct active deep dives and risk assessments for active risk management
• Well‑versed in market trends, competitor activities, and the broader risk environment, using this knowledge to enhance internal controls
• Having gravitas and experience in influencing senior stakeholders including Managing Director level
• Ability to design and implement the Risk strategy in line with the Overall Vision of BUK Customer and Digital function
• Deep understanding of market trends, competitor activities, and the broader risk environment, using this knowledge to drive continuous improvements in internal controls
• Subject‑matter expertise and experience delivering transformation and change in Risk management

Some other highly valued skills may include:

• Self‑motivated with the ability to work independently while contributing effectively within a team of risk specialists
• Ability to balance risk considerations with commercial objectives when defining Risk Appetite and influencing stakeholders on risk acceptance
• Capable of applying expertise in third‑party and LRR risk within the context of Customer & Digital, ensuring tailored solutions for this area

These skills are assessed on key critical criteria relevant for success in the role, such as risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, and job‑specific technical skills.

This role can be based in London or Northampton.

To assess the integrity and effectiveness of the bank’s internal control framework to support the mitigation of risk and…