Find your next job at a growing startup


Technology Risk Senior Manager



Remote · London, UK
Posted on Thursday, August 3, 2023

About Griffin

Finance is only relevant in context. People don't take out a loan in order to take out a loan; they take out a loan to refurbish a home, expand their business to a new location, or otherwise achieve a goal that happens to require a substantial amount of money.

Technology is increasingly enabling companies to embed finance at the point where it is most relevant and contextual. This is a trend that is well under way, and we're heading towards a future where people and firms get most of their financial services and products from technology companies and other non-bank firms, rather than high street banks.

The problem is that bringing a financial product to market is still incredibly hard.

Griffin exists to help make it easy for companies to offer financial products. We've just been authorised (with restrictions) to become a bank, so that we can provide accounts, payments and loans to our customers.


We are highly intentional about our culture, and look to define it both by who we are (core values) and by how we work (core behaviours). We won't hire people who aren't a good fit for our culture, even if they're otherwise qualified.

We're looking for thoughtful people who don't give up easily and who strive to be kind in their words and actions. As product designers, we are always looking for ways to simplify complex things and we take security very seriously. As a financial institution, we believe that our customers' trust is our single most valuable asset and we will go above and beyond to earn and keep it. We are transparent by default.

You can learn more about our culture and values on our website.

The Risk and Compliance team

Like most of Griffin, the Risk and Compliance team is in its infancy.

We're working to build a second line that is a highly respected and integrated part of the business and somewhere our colleagues go to for expert and pragmatic advice, while remaining independent from the first line.

Our aim is no less than to be the best in class. We are not putting patches on legacy frameworks, we're laying the foundations of the future of global financial infrastructure.

Who are you?

The ideal candidate for this job will have most of the following:


  • Strong knowledge of the UK’s financial services regulatory framework, as well as industry best practice in the design and operation of systems and controls.
  • Solid experience in working in risk or compliance within financial services in the UK, in a fintech, or in a professional services firm, ideally within the EMI/PI, fintech and/or a challenger bank spaces.
  • Experience in technology risk, information security and cybersecurity risk, and digital/operational resilience.
  • Capable of holistic oversight of IT systems and controls across a new bank.
  • Able to get into regulatory detail and cross reference with policy and practices.
  • Experience in IT infrastructure.


  • Pragmatic and collaborative mindset, with an interest in working closely with all other parts of the business to embed a strong three lines of defence model.
  • We are a new bank so it is imperative that you are comfortable in going outside your comfort zone. This means that you may be asked to do other second line related activities as required by the CRO/CCO.

We’re hybrid-remote, and most of your colleagues will not share an office with you on a day-to-day basis. This means you should also have:

  • Comfort with solo execution and managing people remotely - we're a small team so you'll need to be happy rolling up your sleeves and help more junior colleagues to succeed.
  • A high degree of comfort adopting new software tools for document drafting, collaboration and communication.
  • You love writing - we have a lot of documents to draft and we place a high degree of importance on clarity and readability (read more about how we write ).

What will you be doing here?

As Technology Risk Senior Manager you will:

  • Support the CRO and Head of Enterprise Risk with the oversight of the risk profile and the implementation/embedding of the technology risk management framework, proposing the changes required to ensure that it remains fit for purpose.
  • Make sure that the IT risk horizon scanning process is effective and that emerging risks are identified and assessed, communicating these to the CRO and CCO and to the first line.
  • Act as risk subject matter expert for operational resilience, technology and information security, business continuity/disaster management providing independent guidance to the first line and oversight for the following risks: operational risk, operational resilience, outsourcing, technology, or any other non-financial risks that are key for Griffin.
  • Oversee and, if required, deliver some of the second line assurance plan across their areas of oversight, to ultimately conclude on whether the first line is adhering to policy and testing the design and effectiveness of the controls environment
  • Collaborate with other second line colleagues in the oversight of risks that could impact, or be impacted, by the risks within their remit.
  • Design, develop and improve MI and reporting to various committees, support committees discharge their duties appropriately.
  • Roll-up sleeves and assist with any other second line activities, coping with the changes to the business typical in a bank in our stage of growth.

What can we offer you?

We are an early stage startup and we're working hard to expand our benefits package. We're planning to add to this list in the future

  • 25 days off a year + bank holidays
  • Flexible, remote-friendly working - including supporting home office setup
  • Tax-advantaged stock options under HMRC's Company Share Option Plan (CSOP)
  • Auto-enrolment into company pension scheme
  • Enhanced parental leave with up to 6 months at full pay
  • Private medical insurance and life insurance (provided by Vitality and AIG respectively)

How do I apply?

Please include a cover letter, a resume and a link to your online portfolio where appropriate. We cannot review applications without these. If there's a match our Talent team will reach out to schedule an initial conversation and talk you through our interview process in detail

N.B: We have a small London office in Moorgate, and we are comfortable hiring people to work from anywhere in the UK. About half of the company is based within occasional commuting distance of London, the other half is full-time remote.

If you’re part of a group that is under-represented or marginalised in fintech, we’d love to hear from you. Our goal is for Griffin to proportionally represent the diversity of the working population in society. We’re working to ensure that Griffin is a supportive, empowering and inclusive environment for every member of our team — whatever your intersection of identities & background.