Senior IT & Security Risk Manager (12 month FTC) in Southampton

hackajob is collaborating with Kingfisher to connect them with exceptional professionals for this role. We’re Kingfisher, a team made up of over 74,000 passionate people who bring Kingfisher and all our other brands: B&Q, Screwfix, Brico Depot, Castorama and Koçtaş to life. Guided by our purpose Better Homes. Better Lives. For Everyone. We believe a better world starts with better homes, and we work every day to make that a reality. Join us and help shape the future of home improvement.

We have an exciting opportunity for a Senior IT & Security Risk Manager to join us on a 12 month FTC. With the threat landscape ever-changing and cyber security attacks increasing, this position will strengthen how Kingfisher manages technology and cyber risk across its multi‑jurisdictional organisation, helping to protect our customers, colleagues and operations. You will shape and embed a clear, effective IT and Security Risk Management Framework, giving leaders visibility of risk and supporting informed decision‑making, as well helping to build and influence a strong, risk‑aware culture across teams, processes and technology.

We are open to basing this role out of either our Paddington or Southampton offices, with an expectation of 12 days a month in the office. If based out of Paddington, we would need flexibility to work out of the Southampton office at least once a week due to the majority of the Security and Tech teams being based there.

• Lead the development, implementation, and ongoing improvement of the IT and Security Risk Management Framework across technology and cyber risk.
• Oversee risk identification, assessment and monitoring, ensuring potential risks are clearly understood and visible.
• Drive effective risk mitigation by shaping both strategic and tactical responses to reduce risk exposure.
• Partner with technology and business teams to develop and deliver corrective action plans for risk and compliance gaps.
• Maintain compliance and design effective controls in collaboration with IT compliance, supporting risk reduction.
• Develop and maintain clear reporting and dashboards to provide leadership with insight into risk posture and appetite.
• Promote and embed a positive, risk‑aware culture, influencing stakeholders and supporting governance forums and audit activities.

• Strong experience in IT and security risk management and compliance, working in similar roles within a technology‑focused environment.
• Proven ability to design, implement and manage risk frameworks and mitigation programmes.
• Experience working across a range of technologies and delivery models, including cloud, networks and agile or product‑led environments.
• Confident communicator, able to explain complex technical risks clearly and influence a wide range of stakeholders.
• Knowledge of relevant regulatory and industry standards, such as GDPR, NIST and PCI DSS.

We believe in flexibility and balance. Our hybrid model blends home working for focus with time spent connecting and collaborating—whether in our offices or at off‑site locations. On average, around 60% of your time will involve in‑person collaboration. We value the perspectives new team members bring and encourage you to apply—even if you don’t meet 100% of the requirements.

An inclusive environment where your potential is limited only by your imagination. We encourage new ideas, support experimentation, and strive to create a workplace where everyone can be their best self. We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career.

Our customers come from all walks of life—and so do we. We’re committed to ensuring all colleagues, future colleagues, and applicants are treated equally, regardless of age, gender, marital or civil partnership status, ethnicity, culture, religion, belief, political opinion, disability, gender identity, gender expression, or sexual orientation.

Interested? Great, apply now and help us to Power the Possible.