IT Risk Manager

This role is available on a part-time, job-share or full-time basis. Location: Hybrid working from either the Swindon/Fareham offices. Closing date for applications: Friday 27th June.

The opportunity: This is an opportunity to join the UK IT and Operations team, reporting to the Head of IT Service Delivery, where you will collaborate with the management team, bursting with ideas on how to move our UK business forward. You will be asked to drive change and improve on a set of already well-established IT Controls and an IT Risk Management Framework to allow senior IT management, business functions and 3rd party service providers to demonstrate they are managing and safeguarding company assets, data, and operations. Your ideas will be heard. You will collaborate and influence IT management, the IT Governance and Controls Manager and other governance colleagues to gather data and collate, aggregate and interpret information to provide the Boards of Directors, Business Executives and other interested parties with an assessment of the UK IT Risk and Controls landscape. You will also manage multiple demands for IT risk-based information within Zurich, ensuring all reporting commitments are met. You will work alongside local and regional Group IT functions, Service Providers (through internal and external suppliers), and business functions to ensure that Zurich is proactive in the management of IT Operational Risk and Controls. The role is varied, interesting, and there are genuine opportunities to get stuck in and make a difference.

What will you be doing?

• Perform regular and ad hoc risk reporting for Boards of Directors, Business Executives and other interested parties.
• Shape, influence and deliver IT risk and control assurance activity for both external IT Service providers and Group, working with senior level representatives from all areas.
• Drive, facilitate and participate in regular IT risk assessment initiatives, including the quarterly cyber risk and control assessment, the annual IT operational resilience assessment and IT supplier risk assessments.
• Maintain and operate IT risk and control frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT risks and controls, influencing continuous improvement activity.
• Ensure compliance with IT-related policies and regulatory requirements; develop plan to remediate compliance gaps.
• Maintain a strong network with other governance colleagues, senior stakeholders and major partners across IT and the wider Zurich business.
• Provide regional support and co-ordination for external/internal audit and other assurance processes.
• Manage the activity of the UK Supplier IT Risk and Controls Consultant and the IT Risk Consultant.

What are we looking for?

You will ideally have a Risk Management qualification (CIRM, CRISC) or a Professional Security Qualification (CISA, CISM, CISSP) with solid practical experience as an IT Risk Specialist, with a good understanding of common information security management frameworks, such as NIST Cyber Security Framework and International Standards Organization (ISO) 27000. You will have great written and verbal communication skills, being able to produce written IT risk reporting on technical issues that requires little re-write, and is clear, concise and meaningful to both IT and non-IT stakeholders. You will have the confidence to take part in and contribute to meetings in an insightful but succinct way and be able to provide expert advice when required. The ability to understand when to listen, when to question and how to set the scene for and keep the conversation relevant to the issue in hand is a pre-requisite of the role. The ability to develop trusted and collaborative working relationships with stakeholders at all levels is a key requirement of the role to enable open and transparent discussions to identify areas of concern. Having a pragmatic approach is essential as is understanding the goals and challenges faced by the stakeholders with whom you interact. It would be great if you have a good understanding of the UK Financial Services Regulatory environment, and an understanding of IT Supplier contracts would be a real bonus.

What will you get in return?

Everyone’s different. That’s why at Zurich, we offer a wide range of employee benefits so our people can choose what fits them and their life. Our benefits provide real flexibility so our people can make considered choices and tailor their benefits throughout the year. Our benefits include 12% defined non-contributory pension scheme, annual company bonus, private medical insurance and the option to buy up to an additional 20 days or sell some of your holiday.

Who we are: At Zurich we aspire to be one of the most responsible and impactful businesses in the world and the best global insurer. Together we’re creating a brighter future for our customers, our people and our planet. With over 55,000 employees in more than 170 countries, you’ll feel the support of being part of a strong and stable company who are a long-standing player in the insurance industry. We’ve made a promise to each other and every employee; to focus on sustainable impact, to care about each other’s wellbeing, to use our diverse expertise to be curious and optimistic and to develop the skills needed for our future. If you’re interested in working in a dynamic and challenging environment for a company that recognises and rewards your creativity, initiatives and contributions - then Zurich could be just the place for you. Be part of something great.

Our Culture: At Zurich, our sense of community is strong and we’re particularly passionate about diversity and inclusion, which we’ve won numerous awards for. We want our people to bring the whole of themselves to work and ensure everybody is made to feel welcome, regardless of their background, beliefs or culture. We want our employees to reflect the diversity of our customers, and so are committed to treating all of our applicants fairly and with respect, irrespective of their actual or assumed background, disability or any other protected characteristic. We’ve an environment that places a real importance on our people’s wellbeing from a physical, mental, social and financial perspective. We work with our wellbeing partners and industry experts to provide the best advice and access to a wealth of lifestyle support. We’re also committed to continuous improvement, and we offer access to a comprehensive range of training and development opportunities. We’re passionate about supporting employees to help others by getting involved in volunteering, charitable and community activity. Our charitable arm, Zurich Community Trust, is one of the longest-established corporate trusts in the UK. In that time, we’ve awarded grants and volunteered time to deserving causes in the UK valued at over £90 million. So make a difference. Be challenged. Be inspired. Be supported, Love what you do. Work for us.