Information Technology Risk Manager

About Just We help people achieve a better later life. That’s our purpose and it’s the reason we exist. We are a fast-growing company helping customers enjoy the retirement they deserve. We do this through a variety of market leading, award-winning products and services, delivered by a diverse team of over 1,400 purpose-led colleagues who genuinely put the customer at the heart of everything we do. This is a brilliant time to join our business. We are on an exciting growth journey to become the UK’s most loved retirement expert.

Key Accountabilities

• Assess and challenge technology controls and support remediation activities.
• Maintain up-to-date risk assessments and ensure alignment with internal policies and frameworks (including ISMS).
• Monitor and manage technology risk events, incidents, and data breaches.
• Support consistent reporting and documentation across risk processes.

Examples of Key Activities

• Conduct risk assessments for new software deployments and infrastructure changes, including evaluating operational risk impacts and dependencies.
• Review and challenge technology controls, including during project design, to ensure operational resilience and continuity measures are embedded.
• Maintain technology risk dashboards and provide insight to leadership on emerging risks, trends, and vulnerabilities.
• Perform deep-dive reviews into specific risk areas such as cloud security, data privacy, operational resilience, and operational risk scenarios.
• Coordinate with subject matter experts to validate remediation plans, monitor progress, and support effective operational risk mitigation.
• Support incident reviews by identifying root causes, assessing operational risk exposure, and recommending preventive actions; ensure risk reporting (including CORC and SWORD entries) is accurate and consistent.

What we’re looking for:

• Demonstrable experience in technology risk management, operational resilience, or technology governance within Financial Services.
• Strong understanding of IT risk frameworks and standards (e.g., ISO 27001, NIST, COBIT) and the ability to apply them across multiple technology domains.
• Ability to assess, prioritise, and mitigate technology risks, including reviewing and challenging risk assessments and remediation plans.
• Skilled in analysing risk data, identifying trends, and preparing clear, actionable insights for senior stakeholders.
• Effective communicator with the ability to influence and collaborate with senior leaders and technical SMEs.
• Experience preparing executive-level reports, dashboards, and governance documentation.
• Knowledge of business continuity planning, operational resilience principles, and relevant regulatory expectations.
• Strong organisational skills to coordinate risk reviews, workshops, and governance forums, while managing multiple priorities.
• Proactive approach to continuous improvement, staying informed on emerging risks, regulatory changes, and industry best practices.

Our behaviours

At Just you’ll have the opportunity to develop your career, whilst making a difference to the lives of those around you. You’ll be part of a company with a strong and distinctive culture - we’re ambitious, curious and collaborative – and every decision we make centres around being Just and delivering the best outcomes for our customers.

What’s in it for you

• A competitive salary, pension scheme and life assurance.
• 25 days annual leave plus an additional day on us for your birthday.
• Private medical cover and income protection, just in case.
• A generous and highly achievable bonus scheme.
• Opportunities to progress your career in-role and within the company.
• Free access to the Headspace app, 24/7 employee assistance helpline and trained physical and mental health first aiders.
• A variety of employee funded benefits available via our online benefits portal.
• Plus, several additional purchase options available for you and your loved ones.

Explore our full range of benefits on our dedicated benefits page.