At a Glance
- Tasks: Lead risk management activities across cyber, technology, and operational resilience.
- Company: Join a forward-thinking Society that values security and innovation.
- Benefits: Enjoy flexible working, generous leave, and a commitment to your development.
- Other info: Dynamic role with opportunities for growth and a supportive work culture.
- Why this job: Make a real impact in safeguarding the Society while embracing cutting-edge technologies.
- Qualifications: Certification in risk or information security and strong IT experience required.
The predicted salary is between 60000 - 75000 £ per year.
Hours: Permanent, full‑time role (35 hours per week) with hybrid and flexible working. You will spend 3 days per week collaborating with colleagues at our Head Office in Skipton.
In a world of rapid technological change and evolving external threats, the Information Risk Lead plays a key role in keeping the Society secure, resilient and future‑ready. You will lead second‑line oversight of risk‑management activity across cyber, technology (including AI), data, change and operational resilience, ensuring robust protection while enabling innovation and progress. Through trusted assurance and insightful challenge, you will help safeguard the Society’s ability to operate safely, confidently and in line with regulatory expectations. Skipton values work/life balance and we are proud to support hybrid and flexible working.
Key Responsibilities- Provide strong independent second‑line oversight and challenge of first‑line activities, including risk assessments, control testing and mitigation actions, ensuring effective framework implementation and escalation of key risks.
- Provide oversight, guidance and support to ensure risks are managed in line with the Group Risk Management Framework, Group Risk Policy Framework and Board Risk Appetite.
- Lead oversight and provide assurance across cyber and technology risk, AI and emerging technologies, data risk, operational resilience and strategic change, aligned to evolving industry practice and regulatory expectations.
- Deliver high‑quality, timely risk reporting and insight to senior committees, including thematic reviews and emerging risk identification.
- Support senior leadership in delivering annual Enterprise Risk objectives, while leading priority information risk initiatives.
- Oversee risk events, incidents and issues, including independent review of root‑cause analysis, timely escalation, and challenge of remediation effectiveness.
- Provide technical leadership and coaching to colleagues, supporting capability development and consistent application of the Group Risk Management Framework.
- A recognised certification (e.g. CISA, CISM, CISSP, CRISC) or an equivalent qualification in risk, IT or information security.
- Strong technical experience in IT, information security, technology risk and resilience, including frameworks such as NIST and ISO27001.
- Proven second‑line experience in risk oversight, assessment, control evaluation and embedding enterprise risk frameworks and risk appetite.
- Demonstrated leadership and delivery capability coordinating multiple workstreams and delivering initiatives.
- Strong analytical and strategic thinking skills, with the ability to interpret complex issues, identify emerging risks and translate these into actionable insights.
- Annual discretionary bonus scheme
- 25 days standard annual leave + bank holidays + rising 1 day per year of service to a maximum of 30 days
- Holiday trading scheme allowing the ability to buy and sell additional annual leave days
- Matching employer pension contribution (up to 10% per annum)
- Colleague mortgage (conditions apply)
- Salary sacrifice scheme for hybrid & electric car
- A commitment to training and development
- Private medical insurance for all our colleagues
- 3 paid volunteering days per annum
- Diverse and inclusive colleague networks available for you to join including our Carers and Pride Alliance groups
- We care about your health and wellbeing – we provide a range of benefits that support this including cycle to work initiative and discounted gym membership
Information Risk Manager in Skipton employer: SBS Skipton Building Society
As an Information Risk Manager at our Skipton Head Office, you will join a forward-thinking organisation that prioritises work/life balance and offers hybrid working options. We are committed to your professional growth, providing extensive training opportunities, a supportive work culture, and a range of benefits including a generous annual leave policy, private medical insurance, and a commitment to employee wellbeing. Join us in safeguarding the Society's future while enjoying a fulfilling and rewarding career.
Contact Details:
SBS Skipton Building Society Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Information Risk Manager in Skipton
✨Tip Number 1
Network like a pro! Reach out to current employees at the company through LinkedIn or other platforms. Ask them about their experiences and any tips they might have for landing the Information Risk Manager role.
✨Tip Number 2
Prepare for the interview by brushing up on your knowledge of risk management frameworks like NIST and ISO27001. Be ready to discuss how you've applied these in past roles, as this will show you're the right fit for the job.
✨Tip Number 3
Showcase your leadership skills! Think of examples where you've led teams or projects, especially in risk oversight or technology. This will help you stand out as someone who can drive initiatives effectively.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who take that extra step to engage with us directly.
We think you need these skills to ace Information Risk Manager in Skipton
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter for the Information Risk Manager role. Highlight your relevant experience in risk management, especially in cyber and technology areas, to show us you’re the perfect fit!
Showcase Your Certifications:Don’t forget to mention any recognised certifications like CISA or CISSP. We love seeing that you’ve got the qualifications to back up your skills in IT and information security.
Be Clear and Concise:When writing your application, keep it straightforward. Use clear language to explain your experience and how it aligns with our needs. We appreciate a well-structured application that gets straight to the point!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates about the process!
How to prepare for a job interview at SBS Skipton Building Society
✨Know Your Stuff
Make sure you brush up on your knowledge of risk management frameworks like NIST and ISO27001. Be ready to discuss how you've applied these in past roles, especially in relation to cyber and technology risks.
✨Showcase Your Leadership Skills
Prepare examples that highlight your leadership experience, particularly in coordinating multiple workstreams. Think about times when you've successfully led initiatives or provided guidance to colleagues in risk oversight.
✨Be Ready for Technical Questions
Expect some technical questions related to IT and information security. Practise explaining complex issues in simple terms, as this will demonstrate your ability to communicate effectively with both technical and non-technical stakeholders.
✨Understand the Company Culture
Familiarise yourself with the company's values, especially their commitment to work/life balance and flexible working. Be prepared to discuss how you can contribute to this culture while ensuring robust risk management.
