• Provide independent second-line review and credible challenge of first-line technology and information security activities, including but not limited to: cybersecurity controls, software development lifecycle (SDLC) and incident response programs, technology resiliency and third-party arrangements • Oversee completion of the FFIEC Cybersecurity Assessment Tool (CAT) or equivalent framework; conduct technology and security risk assessments; and provide independent oversight of technology and security risks in alignment with OCC guidance on cloud computing • Serve as a primary second-line point of contact for OCC examiners, internal audit, and other external stakeholders on technology risk and information security program topics and inquiries; prepare and deliver technology risk reporting to risk committees, the CRO, and the board. • Build and lead a growing Technology Risk team, shaping how the bank identifies, prioritizes, and responds to its most important technology and security risks in alignment with applicable industry regulations • Partner with first-line IT and cybersecurity teams, TPRM, ERM, Legal, and Compliance to ensure technology and information security risk is integrated into enterprise risk programs, cross-functional risk assessments, and the bank's overall 2LOD reporting and governance structure

• Lead the design and implementation of robust data governance frameworks and MDM strategies. • Partner with client stakeholders to define data governance strategies aligned to business goals. • Design and implement MDM solutions to ensure consistent, accurate, and authoritative data. • Develop data policies, standards, and stewardship models that promote accountability. • Establish metadata management practices and data lineage tracking. • Define and monitor data quality metrics, lead remediation efforts, and embed quality controls. • Evaluate and deploy governance tools (e.g., Collibra, Informatica, Talend). • Facilitate workshops and training sessions to promote data literacy and governance adoption. • Ensure governance frameworks support compliance with GDPR, HIPAA, and other regulations. • Contribute to internal best practices, mentor junior colleagues, and support thought leadership.

• Lead enterprise data strategies aligned to client business objectives and digital transformation goals • Design and implement scalable governance frameworks spanning data quality, metadata, MDM, stewardship, and access controls • Advise executive stakeholders on making data a strategic asset through monetization, risk management, and organizational enablement • Serve as the primary executive partner to senior client stakeholders, including CDOs and CIOs • Translate complex business challenges into actionable data strategies and present recommendations to executive audiences • Lead new business efforts including RFP responses, proposals, and client presentations • Drive account growth and contribute to go-to-market strategy, partnerships, and service development • Represent the organization through speaking engagements, industry events, and publications • Oversee delivery of data strategy and governance engagements, ensuring quality, timeliness, and client satisfaction • Lead and mentor a team of managers and senior leaders, fostering growth and high performance

Role Description - Ensure compliance to the people policies, Group Code of Conduct and embedding desired behaviours. - Be personally accountable for identifying, assessing, managing and reporting risks within your area of responsibility, including supporting formal risk management activities e.g. Risk & Control Self-Assessments and timely closure of Assurance actions. - Lead Non-Financial Risk (NFR) engagement, oversight and guidance, with Technology on implementation of the Operational Risk Framework, including: - Cascade of key messages from Framework governance forums. - Oversight of key deliverables including RCSA, Notifiable Events management, Issues Management and closure, and Control testing. - Support oversight and guidance of major Business Area-specific change management programmes. - Work collaboratively with second line specialists to support NFR engagement across corporate business areas within the role remit, and supporting India-based Technology risk teams as appropriate. - Lead and support delivery of targeted Assurance reviews in line with the agreed methodology and standards. - Communicate effectively and confidently and challenge business in its approach to risk identification, quantification, mitigation and management. - Support oversight activities for Third Party and Operational Resilience frameworks, including representation at governance forums, and presenting key information and reporting where appropriate. - Development and delivery of regular and ad hoc operational risk reporting, including Committee information and other requests for information. - Assist on responses to operational risk reporting requests from external parties including the PRA and FCA. - Review and interpret information relating to key operational risk data and produce summarised tailored information and analytics. - Working alongside the Enterprise Risk Team, contribute to the continued development and maintenance of the M&G plc Operational Risk Framework. - Delivery of focused operational risk sessions and training to M&G plc risk professionals, senior management and the business. - Working with key parties to support the development and ongoing maintenance of the firmwide Governance, Risk & Compliance (GRC) system. - Appropriate collaboration with key stakeholders and colleagues in the Risk and Compliance function, and the wider Business, to ensure that M&G plc operate within an effective governance framework. - Support the M&G Global Services Management team in various functional and M&G Global initiatives. Qualifications - Significant knowledge of Risk Management frameworks, processes and principles as they apply within Financial Services (essential). - Knowledge of key risk management concepts across Technology, Supplier, Data Governance, Change and Customer (desired). - Knowledge of key regulatory frameworks impacting the relevant business areas (desired). - Knowledge of Technology function processes in either Life or Asset Management (desired). - Knowledge of financial services products, systems, processes and distribution methods (desired). Requirements - Curious and continually looking to seek out improvements and not just accepting the status quo (essential). - Strong presentation skills with the ability to explain and articulate risk management concepts (essential). - Strong written and verbal communication skills to an Executive, Board and Committee level (essential). - Ability to work collaboratively with other teams across the three lines of defence (essential). - Strong drive and delivery, committed to achieving results and delivering on time (essential). - Excellent partnership and stakeholder management skills as well as build strong relationships and work collaboratively with teams across the business (essential). - Strong analytical thinking and a critical evaluator of information/issues (desirable). - Ability to operate remotely, in a diverse and multi-cultural environment with international work or consultancy exposure (essential). Benefits - We have a diverse workforce and an inclusive culture at M&G Global Services, regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition. - We are looking to attract, promote and retain exceptional people. - We also welcome those who take part in military service and those returning from career breaks.