• Lead the development and delivery of robust Identity Governance strategies and solutions for clients. • Conduct comprehensive assessments of existing identity management frameworks and processes. • Develop and present strategic recommendations to client stakeholders, showcasing the business value of proposed changes. • Collaborate with cross-functional teams to design and implement best practices in identity governance. • Mentor junior consultants and provide guidance to enhance their skills and project contributions. • Monitor project progress and provide updates to clients, ensuring transparency and alignment throughout the engagement. • Stay abreast of industry trends and changes in compliance regulations impacting identity governance.

• Support the ongoing development, implementation, and embedding of the Group’s enterprise risk management framework (ERMF) in line with the Group’s ‘three lines’ approach • Work closely with risk owners across the Group to conduct risk assessments and support the development and implementation of mitigation strategies • Oversee and support the Senior Director, Physical Security and Business Resiliency in developing, implementing and managing all elements of the business resiliency and physical security program for the Group • Lead the development and execution of the Group’s sustainability and environmental strategies in alignment with organizational values and objectives • Maintain awareness of environmental laws and regulations in the jurisdictions in which the Group operates and support compliance with those requirements • Identify, assess, and support the management of current and emerging climate-related risks impacting the Group’s operations, value chain, and strategy • Support the continuing development, maturity and implementation of the EHS program by providing guidance and direction to the Director, Global EHS • Develop and maintain metrics and KPIs related to risk, EHS, and sustainability performance • Collaborate with internal teams and external stakeholders to promote a culture of risk awareness, compliance, and sustainability • Provide guidance, tools, and training to employees and risk owners to ensure understanding of risk management, compliance obligations, and environmental sustainability responsibilities • Continuously review and enhance risk management, EHS, physical security, business resiliency, and sustainability practices by monitoring emerging trends, regulatory changes, and industry best practices.

• Lead new market expansion risk — own fraud risk management across card issuing products in new markets, ensuring controls, configurations, and scheme policy requirements are aligned from launch and maintained ongoing. • Drive BIN sponsorship risk governance — evaluate and onboard new BIN sponsorship clients through structured risk analysis, establish initial risk configurations, and maintain governance oversight of the sponsored portfolio on an ongoing basis. • Automate and scale operational risk monitoring — design and implement automated monitoring workflows covering fraud alerts, scheme notifications, and client and merchant-level risk signals, reducing manual intervention and improving response times. • Champion fraud incident investigation & response — lead deep-dive fraud investigations, BIN attack incident response, post-mortems, and cross-functional coordination. • Deliver client-facing risk advisory — work closely with clients to assess their risk appetite, quantify fraud exposure, and define the controls and thresholds appropriate to their business model, acting as a trusted risk partner throughout the relationship. • Elevate the team's data-driven approach — leverage risk metrics, dashboards, and analytical tools to make and communicate evidence-based decisions across stakeholders.

• Drive Security and Technical Governance Risk and Compliance Initiatives: • GRC Platform Ownership: Serve as the primary admin and product owner for the GRC platform (AuditBoard). You will move beyond administration to design advanced workflows, automation, and metrics that centralize risk and compliance data. • Common Controls Framework (CCF) Stewardship: Own and evolve the Common Controls Framework. You will map and maintain complex regulations (NIST CSF, SOC 2, PCI DSS, ISO 27001) to a single source of truth, directly driving compliance efficiencies • Lead Strategic Initiatives: Independently lead complex, cross-functional "zero-to-one" security programs, taking them from concept to operational maturity. • Customer Trust Optimization: Drive the strategy for our Trust Center, operationalizing our ability to address customer and partner security questionnaires in a more efficient manner, reducing manual efforts and shortening lead times. • Develop and implement governance policies, controls, and best practices to enhance the security posture across corporate IT and workforce systems. • "Compliance by Design" Advisory: Champion the "Shift Left" strategy by co-developing standards that embed GRC checkpoints into the SDLC and Product innovation pipelines, ensuring security is baked in, not bolted on. • Change Events Governance: Define and standardize the process for assessing GRC impacts during major system changes, ensuring consistent intake and triage across all compliance programs. • Track and report on security governance KPIs and risk metrics, driving continuous improvement. • Collaborate with IT and Security: • Partner closely with the IT team to ensure corporate systems are managed appropriately and meet security objectives. • Work with the Security team to implement monitoring and detection capabilities that support workforce security objectives. • Promote Security Culture: • Foster a strong security culture within the organization through training, awareness programs, and ongoing communication.