Risk & Control Subject Matter Expert – Data Governance Risk Specialism

This role sits within a core group of Risk & Control Subject matter experts that provide specialised knowledge and expertise to help solve risk and control issues across the business. With an innate ability to connect the dots, this role facilitates effective risk-based decision-making across the Business Units. Regular collaboration with other Risk and Control SMEs and Business Partners fosters proactive awareness of risk issues and remediation efforts relevant to the business. Simultaneously, direct engagement with Business Unit Subject Matter Experts provides a contextualised understanding of the business's priorities and challenges, ensuring risks are properly assessed and managed within their operational context whilst ensuring consistency in control environment and utilisation of best practise and shared controls where possible.

Role Grade: EB9

Key Responsibilities

70% General Risk Expertise

Risk Identification & Management

• Support business partners in identifying and documenting risks related to strategic and business objectives.
• Assist in conducting periodic risk assessments to identify vulnerabilities and threats.

Regulatory Compliance

• Support compliance with internal policies and external regulations by assisting in business unit impact assessments.
• Monitor regulatory updates and provide support in assessing potential business impacts.
• Support timely and accurate FCA/ICO notifications and policy gap analyses.

Delivery of Good Customer Outcomes

• Assist in reviewing business processes to ensure customer outcomes remain a priority.

Exposure Management

• Support in recording and responding to risk-related loss events, including incidents and operational failures.
• Conduct root cause analysis and coordinate response plans with relevant teams
• Assist business units in resolving risk and control issues, identify themes and systemic issues through central visibility of issues across business areas

Collaboration & Stakeholder Management

• Work with Risk & Control Business Partners, 2LoD teams, and BU Control Specialists to maintain awareness of risk and control activities.
• Support coordination of security risk-related initiatives across business units

Risk Based Decision Making

• Assist in gathering and analysing data to support business partners in making risk-based decisions.
• Ensure centralised control strategies are deployed and controls are designed using industry best practice.

Problem Solving & Analytical Skills

• Help analyse risk data to identify trends and patterns.
• Assist in documenting and reporting control weaknesses with recommendations for improvements

Data Governance Risk Management:

• Support business oversight of risks related to data quality, data privacy, and data lifecycle management.
• Assist in risk assessments related to data governance, data integrity, and compliance with data-related regulations.
• Support monitoring and tracking of key data governance risk indicators and compliance measures.
• Ensure internal processes relating to data risk management are adhered to by all Business Units.

Compliance & Regulatory Alignment:

• Assist in implementing controls aligned with frameworks such as GDPR, the Data Protection Act, and other UK&I data governance best practices.
• Support in tracking and ensuring compliance with FCA, ICO, and industry data protection requirements.
• Assist in driving policy gap analyses to assess the impact of evolving data governance regulations

Incident Monitoring & Response:

• Track data-related incidents and regulatory non-compliance and assist in coordinating responses.
• Support ongoing monitoring of data handling processes, ensuring alignment with risk and compliance measures.
• Support business engagement with data stewards, compliance teams, and IT security teams to align data governance risk activities and establish a consistent baseline control environment.

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

Internal Grade E

The core competencies and attributes that are essential for success in the role.

Risk Management Frameworks & Methodologies

• Understanding of risk management principles and practices and ability to interpret requirements into business processes.
• Experience of undertaking all elements of the enterprise risk framework / RCSA processes - Risk, Controls, Exposures, Issues & Loss Events;
• Core risk knowledge across all operational, strategic and financial risks [Information Security; Resiliency, Regulatory, Commercial, Data Quality, Data Privacy, Fraud, Third Party, People, Operations];
• Experience in conducting risk assessment and developing risk mitigation strategies that balance commercial activity with risk appetite.
• Experience in proactively identifying, assessing, and mitigating enterprise-wide risks with a deep understanding of operational risks such as process failures, system outages, fraud, human errors, and third-party risks.
• Familiarity with scenario analysis to evaluate potential risk events
• Familiarity with the deployment of centralised control strategies and design and embedding of effective controls through utilisation of control layering techniques.
• Experience in identifying and reporting control weaknesses and recommending improvements.
• Ability to monitor and provide recommendations for Key Risk and Key Control Indicators.
• Experience in managing and responding to operational loss events
• Familiarity with business continuity planning and disaster recovery strategies.
• Eagerness to learn and develop new skills in the risk management field

Regulatory & Internal Policy Compliance

• Familiarity with key regulations affecting risk management, with a willingness to learn.
• Understanding of compliance obligations related to anti-money laundering (AML), data privacy (e.g., GDPR, CCPA), and cybersecurity regulations.
• Ability to monitoring and adapt to regulatory changes including demonstrable skills in interpreting policies and standards and defining pragmatic business operating procedures
• Ability to interpret compliance obligations and regulatory requirements into business processes.
• Support in delivery of timely and accurate FCA/ICO notifications.
• Ensure UKI business understand policy requirements and are able to comply

Problem Solving

• Problem-solving and analytical skills to support risk-based decision-making
• Skills in developing and analysing risk hotspots and themes to enhance operational resilience.
• Ability to conduct root cause analysis to identify underlying issues and proactively prevent recurrence and similar exposures
• Natural attention to detail

Communication & Collaboration

• Strong ability to work with internal teams and clearly articulate risk-related matters.
• Understanding of the organisation's core business activities, products, and services

Data Governance Risk Specialism Skills

• Strong understanding of data governance principles, including data ownership, data stewardship, and data management.
• Ability to assess and improve control effectiveness within associated business process.
• Familiarity with data protection regulations such as GDPR, the Data Protection Act, and FCA/ICO requirements.
• Experience in monitoring and ensuring data accuracy, quality, and security across business units.
• Capability to support business units in identifying, assessing, and mitigating risks related to data governance.
• Support management of associated UK&I Top Risk and risk appetites relevant to this
• Ability to drive and co-ordinate policy gap analyses with business partners to ensure impact of new requirements is understood and cost to comply is understood prior to UKI adoption
• Visibility and engagement with industry trends and emerging risks.

Benefits package includes:

• Flexible work environment, working hybrid or in the office if you prefer.
• Great compensation package and discretionary bonus plan
• Core benefits include pension, bupa healthcare, sharesave scheme and more
• 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.

Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; World's Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here