Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage Information Security and Cyber Risk while providing expert oversight and guidance.
- Company: Join a leading financial services firm with a commitment to innovation and flexibility.
- Benefits: Up to £70,000 salary, generous bonus potential, 38 days leave, and private medical cover.
- Why this job: Make a real impact in a dynamic role focused on security and risk management.
- Qualifications: Experience in Information Security and strong stakeholder management skills required.
- Other info: Flexible working options available, including part-time and job-share opportunities.
The predicted salary is between 42000 - 70000 £ per year.
Location: Hybrid - this role could be based in Edinburgh, London or Birmingham offices, with time spent weekly in both the office and at home. The amount of time in the office is variable based on business need.
Flexible working: All roles are open to part-time, job-share and other types of flexibility. We will discuss what is important to you and balancing this with business requirements during the recruitment process.
Closing Date: 16 February 2026
Salary and benefits: Up to £70,000, dependent upon experience, plus 16-32% bonus potential, private medical cover, 38 days annual leave, excellent pension, 12x salary life assurance, career breaks, income protection, 3x volunteering days and much more.
The role: Non-Financial Risk is part of Group Risk and has a fantastic opportunity for a talented individual to join the team as an Information Security & Cyber Risk Manager within the newly forming IT/IS/Resilience and Supplier Risk Oversight Team. The role is to provide Second Line Subject Matter Expert (SME) advice, oversight and challenge on Line 1’s design and operation of their Information Security, Information Management and Cyber related standards, risks and controls. The role holder will, in addition to regular oversight of the Information Security, Information Management and Cyber Risk control environments, both lead and support the delivery of a rolling programme of Thematic and Risk based focused reviews, following a structured methodology. This will involve shaping the scope of reviews, preparing for and performing field work, validation of proposed findings and provision of insightful recommendations to Line 1 through clear written reporting.
Key Accountabilities:
- Provide ongoing oversight and challenge to Line 1 led Information Security, Information Management and Cyber Risk control management.
- Analyse and interpret key risk indicators and risk and control reporting to help determine where Line 2 effort is best focused, and to develop formal Line 2 opinions on Information Security, Information Management and Cyber matters.
- Provide insight, oversight and challenge within assigned monthly Forums.
- Lead Line 2 led Information Security, Information Management and Cyber Risk Thematic/Risk Reviews throughout the full lifecycle, including Planning/Terms of Reference, Fieldwork, Findings Validation and Reporting stages.
- Provide oversight and challenge on material Projects and Programmes.
- Oversee Line 1 activity to ensure adherence to the Group’s Risk Management Framework, providing advice and guidance as required.
- Support the broader team with assigned Line 2 activity relating to Information Technology, AI, Operational Resilience and Third-Party Management.
- Develop and build relationships with Line 1 and Line 3 peers and senior stakeholders.
What are we looking for?
Essential:
- Proven experience managing Information Security, Information Management and Cyber Risk, in either a second or third-line capacity, within a high regulated UK industry such as Financial Services.
- Strong stakeholder, relationship management and influencing skills. An accomplished communicator who is comfortable, respectful and calm during sometimes challenging situations where differences of risk opinion need to be clearly positioned and justified. Able to analyse situations in a timely manner, producing clear, insightful and succinct written reports.
Preferred:
- Professional qualification in Information Security, Information Management or Cyber Security e.g., from IRM, BCS, ISACA or ISC2 organisations.
- Knowledge of Artificial Intelligence (AI) – naturally curious about AI and the advantages it can bring to organisations, in balance with controlling risks.
- Knowledge of cloud computing, shared responsibility models and associated common risks.
- A career background of having worked in IT for large UK corporations, with a solid baseline understanding of Information Security, Information Management and Cyber Risk Management, and control frameworks.
We want to hire the whole version of you. We are committed to ensuring that everyone feels accepted and welcome applicants from all backgrounds. If your experience looks different from what we’ve advertised and you believe that you can bring value to the role, we’d love to hear from you. If you require any adjustments to the recruitment process, please let us know so we can help you to be at your best.
Please note that we reserve the right to remove adverts earlier than the advertised closing date. We encourage you to apply at the earliest opportunity.
IS Risk Manager in Birmingham employer: Phoenix Group
Contact Detail:
Phoenix Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IS Risk Manager in Birmingham
✨Tip Number 1
Network like a pro! Reach out to folks in your industry on LinkedIn or at events. A friendly chat can open doors that a CV just can't.
✨Tip Number 2
Prepare for those interviews! Research the company and role, and think about how your skills fit in. We want you to shine when it’s your turn to talk!
✨Tip Number 3
Show off your personality! Be yourself during interviews; it’s not just about skills but also about how you’ll fit into the team. Let your passion for the role come through!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love hearing from candidates directly!
We think you need these skills to ace IS Risk Manager in Birmingham
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in Information Security, Information Management, and Cyber Risk. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant achievements!
Be Clear and Concise: When writing your application, keep it straightforward and to the point. Use clear language and structure your thoughts logically. Remember, we appreciate insightful and succinct written reports, so show us you can do that right from the start!
Show Your Stakeholder Skills: Since strong relationship management is key for this role, include examples of how you've successfully influenced stakeholders in the past. We love to see candidates who can communicate effectively, especially in challenging situations.
Apply Early!: Don’t wait until the last minute to submit your application. We encourage you to apply through our website as soon as possible. This way, you’ll have a better chance of standing out before the closing date!
How to prepare for a job interview at Phoenix Group
✨Know Your Stuff
Make sure you brush up on your knowledge of Information Security, Information Management, and Cyber Risk. Be ready to discuss your previous experiences managing these areas, especially in a regulated environment like Financial Services. This will show that you’re not just familiar with the concepts but have practical experience too.
✨Showcase Your Communication Skills
As an IS Risk Manager, you'll need to communicate effectively with various stakeholders. Prepare examples of how you've navigated challenging conversations or differing opinions on risk. Highlight your ability to produce clear, insightful reports, as this is crucial for the role.
✨Understand the Company’s Needs
Research the company’s current projects and challenges in Information Security and Cyber Risk. Tailor your responses to demonstrate how your skills can directly address their needs. This shows that you’re proactive and genuinely interested in contributing to their success.
✨Be Ready for Scenario Questions
Expect to face scenario-based questions where you’ll need to analyse situations and provide recommendations. Practice articulating your thought process clearly and succinctly. This will help you showcase your analytical skills and ability to provide valuable insights under pressure.
