Service Manager, Technology, Security & Data IND

1\. Core Responsibilities The Technology Service Manager will be responsible for helping us matures, as we move from reactive management to proactive, data\-driven governance. Their primary goal is to ensure that critical banking services—such as payments and mobile access—remain available even during severe technical or cyber disruptions. Operational Resilience \& Regulatory Compliance The most critical 2026 responsibility is ensuring the bank meets strict digital resilience mandates like DORA and FCA/PRA SS1/21\. * Important Business Service (IBS) Mapping: Identifying and documenting every critical system and its dependencies, from core banking to mobile apps. * Impact Tolerance Management: Setting and monitoring the maximum tolerable disruption for these services to ensure the bank can recover within regulatory timeframes (e.g., 4\-hour major incident reporting). * Resilience Scenario Testing: Leading "severe but plausible" simulations, such as catastrophic cyberattacks or critical vendor failures, to identify and remediate vulnerabilities. * Incident Classification \& Reporting: Managing a streamlined process to log, classify, and report major ICT incidents to authorities using standardised templates. Strategic Service Governance A maturing bank requires a shift from simple Service Level Agreements (SLAs) to Experience Level Agreements (XLAs) and high\-level strategy. * ITSM Process Maturity: Designing and embedding ITIL 4\-based practices (Change, Problem, and Request management) to move the organisation from "Level 1" firefighting to "Level 4" data\-driven optimization. * Asset \& Configuration Management (CMDB): Maintaining a "single source of truth" for all ICT assets, software licences, and cloud resources, which is a mandatory requirement for regulatory ROI submissions. * Change Enablement: Overseeing technical changes with rigorous governance to ensure updates to banking platforms do not cause unintended outages. Third\-Party \& Vendor Oversight The Service Manager is responsible for the “technology supply chain". * Concentration Risk Assessment: Evaluating if the bank is too reliant on a single provider (e.g., AWS or Azure) and developing exit or diversification strategies. * Contractual Compliance: Ensuring all vendor contracts include mandatory DORA clauses for audit rights, access, and security standards. * Continuous Vendor Monitoring: Proactively monitoring the performance and resilience of external partners who support "critical or important" functions. Intelligent Automation \& AIOps Maturing and leverage AI to scale service capabilities. * AIOps Implementation: Using AI\-driven tools (like ServiceNow Predictive Intelligence) to automate root\-cause analysis and reduce Mean Time to Resolution (MTTR). * Predictive Maintenance: Moving from reactive fixes to "predictive" service management—identifying infrastructure risks before they impact customers. * AI Governance: Ensuring that any automated service actions (e.g., AI\-led fraud blocking) are auditable and explainable to regulators. Stakeholder \& Cultural Leadership * Executive Storytelling: Translating complex technical data into clear, consistent reports for senior leadership and the Board regarding service health and risk. * Continual Service Improvement (CSI): Fostering a culture where staff are encouraged to identify process deficiencies and use performance data to refine digital strategies. * Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility and demonstrate in your day\-to\-day work that you put customers at the heart of everything you do; * Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility and demonstrate in your day\-to\-day work that you treat data as an important corporate asset which must be protected and managed. * Maintain the company’s compliance standards and ensure timely completion of all mandatory on\-line training modules and attestations. * As nominated Risk Champion for your function, work alongside the Risk function in developing and maintaining a risk management agenda, acting both to ensure the necessary levels of transparency for potential risks and promoting a positive culture of awareness and accountability throughout your function. 2\. Experience Requirements 1\. Transformation \& Modernisation Experience At a maturing bank, you are rarely managing a "steady state." You need experience in: * Legacy System Refactoring: Experience managing the coexistence of legacy platforms alongside modern API\-centric or cloud\-native architectures. * Cloud Migration Governance: Proven track record in shifting services to hybrid cloud environments (AWS, Azure, or GCP) while maintaining the strict availability and security standards required by banking regulators. * ITSM Tool Maturity: Experience evolving organisations from manual tracking in enterprise platforms like ServiceNow to single click information and automated workflows. 2\. Strategic Frameworks \& Governance A maturing bank is defined by its shift from "Ad Hoc" (Level 1\) to "Defined" or "Managed" (Levels 3\-4\) maturity. * Process Embedding: Significant experience maturing and embedding ITIL 4 practices (Incident, Change, and Problem Management) into daily operations rather than just having them on paper. * Regulatory Compliance (RegTech): Deep understanding of financial regulations such as GDPR, PSD2, and operational resilience rules. You should have experience ensuring IT services are "audit\-ready". * Service Level Institutionalisation: Experience moving beyond basic uptime metrics to business\-aligned Service Level Agreements (SLAs) and Key Performance Indicators (KPIs) that measure actual customer impact. 3\. Emerging Technology for 2026 By 2026, maturity in banking also includes the integration of intelligent automation: * AI \& Automation (AIOps): Experience deploying Agentic AI or machine learning tools to automate routine service desk queries (up to 80% of routine tasks) and proactive fraud detection. * FinOps Discipline: Experience in managing the "economics of the cloud"—optimising consumption and vendor contracts to ensure that modernisation doesn't lead to runaway costs. * Cyber Resilience: Experience linking technology strategy with cybersecurity frameworks (like Zero\-Trust) to protect maturing digital assets against increasingly sophisticated AI\-driven threats. 4\. Cultural Leadership Maturing an organisation is a human challenge as much as a technical one: * Stakeholder Influence: The ability to communicate technical risks in "business impact" language to senior bank leadership. * Workforce Upskilling: Experience in leading teams through cultural shifts—moving staff from "transactional processing" to higher\-value roles like AI quality assurance and strategic problem\-solving. 3\. Knowledge Requirements * Advanced knowledge of ITIL V4 is essential * Advanced knowledge of regulatory reporting and risk management is essential * Intermediate breadth of technical knowledge is desirable * Intermediate knowledge of SIAM models is desirable * Intermediate knowledge of AIOps for Service Management is desirable 4\. Skill and…