Enterprise Risk and Assurance Manager

Summary

Join Pepperstone as their Risk Manager, playing a pivotal role in supporting the strategic delivery of the company's enterprise-wide risk and assurance agenda. Reporting to the Global Head of Risk and Assurance, you will lead key initiatives across enterprise risk, audit planning, business continuity, and ICT risk management. As a trusted advisor, you will deliver actions outlined in the Risk strategy and champion the implementation of the GRC tool. The role involves leading cross-functional engagement on critical incidents and issues. This position is ideal for a highly motivated professional who thrives in a fast-paced environment and is passionate about enhancing risk maturity and resilience. The role offers exposure across global operations and requires collaboration with various teams and stakeholders.

Requirements

• Degree-qualified in Business, Finance, Risk, IT, or a related discipline
• 6–10 years of experience across enterprise risk, operational risk, or internal audit, preferably within financial services
• Exposure to GRC platforms and experience supporting system rollouts or enhancements
• Strong understanding of ICT and cyber risks, and associated control environments
• Experience in coordinating business continuity and operational resilience programs
• Collaborative mindset with demonstrated ability to influence across departments and regions
• Structured thinker with strong written and verbal communication skills
• Highly adaptable and able to manage multiple priorities in a fast-paced environment
• Commercially savvy with a solutions-oriented approach
• Curious, proactive, and committed to continuous learning and improvement
• Strong integrity and alignment with Pepperstone’s values

Responsibilities

• Lead initiatives to embed enterprise risk frameworks aligned with Pepperstone’s risk appetite and delegation framework
• Drive improvements in risk reporting, analytics, and visualisation to support decision-making
• Support the operationalisation of risk appetite statements and guide risk owners in embedding controls into business processes
• Champion the integration of the GRC platform and contribute to system optimisation efforts
• Lead the delivery of assurance activities including RCSA (risk control self-assessments), walkthroughs across Lines 1 and 2, and control testing
• Use data insights to identify control gaps and improvement opportunities, collaborating with control owners to implement enhancements
• Guide stakeholders on effective control design and foster a culture of continuous improvement
• Assist in scoping the annual audit plans in line with enterprise risks and business priorities across licenses and entities
• Support coordination of internal and external audit engagements, ensuring timely information flow between business units and auditors
• Track audit actions and drive remediation plans with stakeholders
• Lead the update of Business Impact Analyses (BIA) and the implementation of business continuity testing
• Support documentation and training programs to ensure readiness across global functions
• Collaborate with business units/teams to assess disaster recovery capabilities and test outcomes
• Collaborate with IT, Cybersecurity, and Compliance to strengthen ICT risk monitoring and enhance third-party risk management practices
• Support key risk reviews, coordinate penetration testing, and contribute to cybersecurity control enhancements
• Maintain oversight of ICT risk indicators and associated risk treatment plans
• Lead cross-functional business process incident reviews, ensuring swift resolution and clear post-incident analysis
• Promote a lessons-learned culture by helping teams identify root causes and implement preventative measures
• Maintain oversight of the issue register and contribute to reporting on emerging risks and systemic themes
• Assist in preparing board and committee reports, particularly for the Audit and Risk Committee
• Draft meeting minutes for committee approval and regulatory engagements
• Track actions and activities arising from committee meetings to ensure progress and delivery of outcomes

Preferred Qualifications

• Professional certifications such as CRISC, CISA, or equivalent are desirable
• Experience working in financial markets or the retail OTC derivatives industry (desirable)
• Experience working across geographies and time zones (desirable)

Benefits

• Competitive salary structure including company bonus scheme
• Genuinely collaborative and friendly culture
• Flexible and hybrid working
• Remote working option - work from anywhere for up to 6 weeks per year, in addition to hybrid working as standard
• Ongoing personal development & learning opportunities
• 15 weeks paid primary carers parental leave & 4 weeks paid secondary carers leave
• 3 paid volunteering days per year & Workplace Giving Program