What to Include on your Risk CV
The first thing to note when compiling your Risk CV is to ensure it is no longer than three pages. Hiring managers do not want 'War and Peace', just a simple run-down of who you are and your experience.
Lee Hine, Director for Asia Pacific, KPP Search, advises candidates that their CV should outline clearly the areas of risk they have expertise in. “People need to know what you’re targeting and how your skillset crosses over to that,” he says.
Perhaps you’re coming from an audit role to a non-financial risk role in Line 2, you may not have worked in that area but have built up experience and knowledge from a review perspective and can apply it to specific jobs in risk. “There are likely areas of risk you’ve been exposed to that has enabled you to build up knowledge in that area, making you suitable for that role in risk despite not having any practical experience,” says Hine.
An IT Auditor, for example, applying for a Cyber Security Risk role, you may have reviewed different areas of cloud and technology and established an awareness and understanding of the relevant controls and risks around that to be eligible for a Line 1 or 2 role in risk. “The key thing is not to oversell yourself on paper because you will be expected to talk about it in depth,” says Hine.
Hiring managers won’t be too interested in reading about your experience with specific testing strategies. Rather they’re looking to see you demonstrate the use of certain technology or when you’ve come up with an efficient process that achieves or meets a business outcome. Include examples on your CV that outline a business problem you identified, meditated on and subsequently came up with a solution proposal to deliver an effective outcome.
With Risk jobs there’s a string of buzzwords that people can put together to make it sound like they’ve covered most of what you’d expect them to. The likes of ‘embedded’, ‘compliant with’, ‘operational risk framework’, ‘control assurance’ and so on are pretty generic, and while they’re fine to include, you need something else to get the hiring manager’s attention.
Candidates who can show evidence of reviewing operational risk controls through a technology and risk lens will stand out. Technology risk is an area of interest within the space so showing an understanding around it and utilising technology and analytics in examples of problem solving will certainly grab someone’s interest.
Include any transferable skills you’ve acquired throughout your career to this point. The relevance of these of course will depend on the role you’re applying to in risk. For example, a front line person is very execution oriented while a Product Manager or Support Office role will need someone with good presentation skills and the confidence to speak to senior management. More generally, anyone who’s worked in a function involving critical thinking can transition easily into risk. You just need to be able to show that you can shift the focus of that analysis and thinking to the areas of risk impacting the business.
Ultimately, your CV should deliver a set of expectations but also your USP. The thing that will make a hiring manager pull your name out of a pile of candidates is because you not only fit the bill, but also possess that hidden extra that shows you understand the risk landscape is one that is ever-evolving.