Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead IT and cyber governance, ensuring compliance with industry standards and managing technology risks.
- Company: Atrium, a historic insurer with a client-first approach and a culture of growth.
- Benefits: Flexible working options, commitment to diversity, and opportunities for professional development.
- Other info: Supportive environment with a focus on learning and career progression.
- Why this job: Join a dynamic team and make a real impact in the evolving world of IT governance.
- Qualifications: Experience in IT governance and strong understanding of regulatory requirements.
The predicted salary is between 60000 - 80000 £ per year.
About Atrium
In a world of constant change, you need an insurer who has stood the test of time. Our reputation is built on consistency, expertise, and a client-first approach. We manage Syndicate 609, one of the oldest syndicates at Lloyd’s, with a history going back to the 1930s. Our longevity reflects the strength of our underwriting discipline, the depth of our relationships, and our ability to adapt to the evolving needs of our clients and the wider insurance marketplace.
We’re all in it together at Atrium. We are committed to creating an environment where people learn, grow, and follow what they’re passionate about. Our culture encourages staff to feel confident in making decisions at any stage of their career and do work that makes them proud, knowing they’re playing a valuable role in shaping the success of the business.
Role
This is a fantastic opportunity to join our IT team to be responsible for managing Atrium’s IT and cyber governance framework in line with Lloyd’s of London, FCA, and PRA regulatory expectations. The role owns IT and cyber policies, technology risk management, control design, and the production of robust, audit-ready control evidence supporting the IT team with all areas of IT governance. This role plays a key part in demonstrating that technology and cyber risks are effectively governed, proportionately controlled, and operationally resilient.
- Lloyd’s & Regulatory Governance
- Maintain compliance with relevant Lloyd’s Minimum Standards, Core Practices, and Market Oversight expectations relating to IT, cyber security, and operational resilience.
- Support compliance with FCA and PRA requirements, operational resilience, outsourcing, and technology risk management.
- Produce clear governance reporting for senior management, Risk Committees, and Audit Committees suitable for regulatory scrutiny.
- Support evidence requests and thematic reviews from Lloyd’s, regulators, internal audit, and external assessors.
- IT & Cyber Policy Framework
- Own and maintain the IT and cyber policy suite, ensuring alignment to Lloyd’s Minimum Standards, FCA expectations, and industry good practice.
- Manage formal policy review and approval cycles, ensuring accountability, traceability, and version control.
- Ensure policies are embedded into operational processes and supported by documented controls and procedures.
- Technology & Cyber Risk Management
- Identify, assess, and manage IT and cyber risks in line with the enterprise risk framework.
- Maintain technology and cyber risk registers, ensuring risks are clearly articulated, owned, and supported by mitigation plans.
- Support risk assessments relating to material technology changes, new systems and applications, outsourcing, and material third-party suppliers.
- Support risk escalation, risk acceptance, and risk appetite reporting.
- Control Framework & Assurance
- Define and maintain IT and cyber control objectives aligned to Lloyd’s Minimum Standards, NIST / CIS Controls, and operational resilience requirements.
- Ensure controls are documented, consistently applied, and reviewed for effectiveness.
- Drive continuous improvement of the technology control environment.
- Control Evidence Management
- Own and coordinate the collection, validation, and storage of control evidence to support tracking audit findings, management actions, and remediation to closure.
- Ensure evidence is proportionate, current, and clearly mapped to control objectives.
- Design and operate a first-line controls testing and self-assessment programme for IT, cyber, digital and data including test plans, evidence standards, quality assurance, findings, retesting and remediation tracking.
- Maintain a formal register of technology and cyber policy exceptions, control waivers, and risk acceptances, ensuring appropriate approval, periodic review and escalation in line with risk appetite.
- Perform controls in line with the Group-wide controls framework as well as timely reporting to the Group Head of Controls for second-line oversight.
- Support any Lessons Learned, deep-dive or thematic reviews IT and Cyber controls by the Group Head of Controls.
- Operational Resilience & Outsourcing Support
- Support operational resilience activities from a technology perspective.
- Support governance of IT and cyber aspects of outsourcing and third-party risk, working closely with Procurement, Risk, and Compliance.
- Ensure technology dependencies and vulnerabilities are clearly understood and documented.
Required Knowledge and Skills
- Essential
- Proven experience in IT governance, technology risk, cyber risk, or control assurance within a regulated financial services or insurance environment.
- Strong understanding of Lloyd’s Minimum Standards, FCA/PRA expectations relating to IT, cyber security, and operational resilience.
- Hands-on experience managing IT/cyber policies, controls, and control evidence.
- Experience supporting audits, regulatory reviews, and assurance activities.
- Ability to translate technical risk into clear governance and regulatory language.
- Technology Proficiency: Understanding IT infrastructure, systems, and data flows to accurately identify weaknesses.
- Desirable
- Experience working in the London Market / Lloyd’s managing agent environment.
- Familiarity with operational resilience frameworks and regulatory expectations.
- Experience using GRC tooling (e.g. Drata, RiskSmart, Riskonnect, Archer, ServiceNow GRC).
Atrium offers all permanent employees the chance to work flexibly through our charter for flexible working - we actively invite applications from candidates requiring any form of flexible working arrangements. Atrium is an Equal Opportunities employer with a strong and passionate commitment to Diversity, Equity, and Inclusion. Atrium actively invites applications from candidates requiring any form of flexible working arrangements. We do not discriminate based upon age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other applicable legally protected characteristic. We’re committed to providing reasonable adjustments or accommodations for applicants, so if you need assistance or support during the recruitment process, please get in touch.
IT and Cyber Governance Lead in Slough employer: Atrium
Contact Detail:
Atrium Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT and Cyber Governance Lead in Slough
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching Atrium and its values. Understand their approach to IT governance and cyber risk management. Tailor your answers to show how your experience aligns with their needs.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or use online platforms. This will help you articulate your thoughts clearly and boost your confidence when it’s time to shine.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who take that extra step to engage with us directly.
We think you need these skills to ace IT and Cyber Governance Lead in Slough
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in IT governance and cyber risk. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant achievements!
Showcase Your Knowledge: Demonstrate your understanding of Lloyd’s Minimum Standards and FCA/PRA expectations in your application. We’re looking for candidates who can translate technical jargon into clear, concise language that resonates with our team.
Be Clear and Concise: When writing your application, keep it straightforward and to the point. We appreciate clarity, so avoid fluff and focus on what makes you a great fit for the IT and Cyber Governance Lead role.
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way to ensure your application gets the attention it deserves, and we can’t wait to see what you bring to the table!
How to prepare for a job interview at Atrium
✨Know Your Stuff
Make sure you brush up on IT governance, technology risk, and cyber security. Familiarise yourself with Lloyd’s Minimum Standards and FCA/PRA expectations. Being able to speak confidently about these topics will show that you're serious about the role.
✨Showcase Your Experience
Prepare specific examples from your past work that demonstrate your hands-on experience with IT/cyber policies and controls. Use the STAR method (Situation, Task, Action, Result) to structure your answers and make them impactful.
✨Ask Smart Questions
Come prepared with insightful questions about Atrium's IT and cyber governance framework. This shows your genuine interest in the company and helps you understand how you can contribute to their goals.
✨Be Ready for Scenario-Based Questions
Expect to be asked how you would handle specific situations related to technology risk management or compliance. Think through potential scenarios beforehand and outline your thought process to demonstrate your problem-solving skills.