Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage IT risk and controls, ensuring compliance and operational resilience across the organisation.
- Company: Join a leading company focused on innovation and equal opportunities.
- Benefits: Competitive salary, flexible working, health perks, and family-friendly policies.
- Other info: Dynamic work environment with opportunities for personal and professional growth.
- Why this job: Make a real impact by enhancing IT systems and driving compliance initiatives.
- Qualifications: Experience in IT risk management and knowledge of governance frameworks required.
The predicted salary is between 50100 - 75100 ÂŁ per year.
Base Location: You’ll be expected to spend 50% of your working week in one of the following locations: Reading, Havant, Glasgow or Perth.
Salary: £50,100 - £75,100 + performance‑related bonus and a range of benefits to support your finances, wellbeing and family.
Working Pattern: Permanent | Full Time | Flexible First options available.
The Role: The IT Risk and Controls Manager, within the Service Operations and Delivery team, assists with the implementation and ongoing development of IT risk and control procedures throughout the SIAM ecosystem. With a focus on proactive risk management and operational resilience, the role collaborates closely with IT stakeholders, service delivery teams, and providers to identify, communicate, and address compliance challenges, ensuring operational risks are effectively managed within the organisation's risk appetite. This role evaluates the effectiveness of IT controls, verifies adherence to established standards and requirements, and provides critical information to support the Service Leadership team in informed decision‑making. In addition, this position drives the seamless integration of controls into operational processes and services, works in partnership with the Governance Risk and Compliance (GRC) team, and builds strong relationships with IT Partners, Business Units, and service providers to foster a culture of continual improvement and operational resilience.
You Will:
- Ensure IT systems and operational processes comply with relevant regulations and industry standards and conduct regular and thorough IT risk assessments in collaboration with cross‑functional teams to identify potential compliance gaps and areas for improvement.
- Drive operational resilience initiatives by ensuring IT systems and services are robust, recoverable, and capable of withstanding disruptions.
- Support the business continuity and disaster recovery (BC/DR) planning and testing processes from an IT risk and controls perspective, ensuring that appropriate measures and controls are in place, regularly reviewed, and improved to minimise the impact of incidents on business operations.
- Manage the Group Technology Services (GTS) Operational Risk Register by diligently tracking operational risks, embedding appropriate controls within business processes, and providing regular updates on risk status.
- Report on IT risk and control matters, including emerging issues and outstanding actions, directly to Risk Boards and Committees to facilitate informed decision‑making.
- Consult closely with Cyber Risk and Information Security teams to align strategies, share insights, and ensure a unified approach to managing IT risks and collaborate effectively with the 2LOD GRC Team and engage with GTS stakeholders to drive a culture of compliance and strengthen overall governance structures.
- Coordinate activities with audit teams to systematically review and evaluate IT controls and processes, addressing any identified weaknesses or instances of non‑compliance.
You Have:
- Experience of delivering IT risk, compliance or assurance activities including operational resilience.
- Good knowledge of IT governance frameworks such as COBIT 5, ITIL, ISO31000, 27005, 38500 and their interactions.
- Experience of designing or reviewing IT processes and their controls and performing risk assessments.
- Working knowledge of IT and operational risk, IT and enterprise architecture, IT strategy and IT outsourcing, service management, and delivery.
- Proficiency in communicating and collaborating with both internal and external stakeholders.
Flexible benefits to fit your life include discounts on private healthcare and gym memberships, wellbeing benefits like a free online GP and 24/7 counselling service, interest‑free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme, as well as generous family entitlements such as maternity and adoption pay, and paternity leave.
Work with an equal opportunity employer: SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact 01738 275 846 to discuss how we can support you. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
IT Risk and Control Manager employer: Scottish and Southern Electricity Networks
Contact Detail:
Scottish and Southern Electricity Networks Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Risk and Control Manager
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their IT risk management strategies and be ready to discuss how your experience aligns with their needs. This shows you're genuinely interested and well-prepared.
✨Tip Number 3
Practice your responses to common interview questions, especially those related to IT risk and compliance. Use the STAR method (Situation, Task, Action, Result) to structure your answers and highlight your achievements.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who take that extra step to engage with us directly.
We think you need these skills to ace IT Risk and Control Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the IT Risk and Control Manager role. Highlight your experience with IT governance frameworks and operational resilience initiatives. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about IT risk management and how you can contribute to our team. Keep it concise but impactful, and don’t forget to mention your collaborative spirit!
Showcase Relevant Experience: When filling out your application, be sure to showcase any relevant experience in delivering IT risk, compliance, or assurance activities. We love seeing examples of how you've tackled challenges in the past, so don’t hold back!
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Scottish and Southern Electricity Networks
✨Know Your IT Risk Frameworks
Familiarise yourself with key IT governance frameworks like COBIT 5, ITIL, and ISO standards. Be ready to discuss how these frameworks apply to the role and share examples of how you've used them in past experiences.
✨Showcase Your Collaboration Skills
This role involves working closely with various teams, so highlight your experience in cross-functional collaboration. Prepare specific examples where you successfully communicated with stakeholders to address compliance challenges or improve operational resilience.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think about potential compliance gaps or operational risks you’ve encountered and how you addressed them. Use the STAR method (Situation, Task, Action, Result) to structure your answers.
✨Demonstrate a Culture of Continuous Improvement
Be ready to discuss how you’ve driven improvements in IT processes or controls in previous roles. Share specific initiatives you’ve led or contributed to that enhanced operational resilience or compliance, showing your commitment to fostering a culture of continual improvement.