Job Type: Permanent Job Sector: Accounting Region: Yorkshire Location: Skipton Salary Description: Competitive salary plus excellent benefits Posted: 04/06/2026 Recruiter: Skipton Building Society Job Ref: jr4063 Job Views: 2
Hours: Permanent, full time role (35 hours per week) with hybrid and flexible working. You'll spend 3 days per week collaborating with colleagues at our Head Office in Skipton.
Closing Date: Sat, 20 Jun 2026
Role Summary In a world of rapid technological change and evolving external threats, the Information Risk Lead plays a key role in keeping the Society secure, resilient and future ready. You will lead second line oversight of risk management activity across cyber, technology (including AI), data, change and operational resilience, ensuring robust protection while enabling innovation and progress.
Who Are We? Not just another building society. Not just another job. We’re the fourth biggest building society in the UK and what makes us a bit different is that we’re a mutual organisation. We don’t have shareholders; we’re owned by our members. Our colleagues say Skipton’s a great place to work, and you could be one of them, bringing with you new ideas on how we can keep customers at the heart of what we do. Whatever your background, and whatever your goals, we’ll help you take the next step towards a better future.
What Will You Be Doing? Provide strong independent second line oversight and challenge of first line activities, including risk assessments, control testing and mitigation actions, ensuring effective framework implementation and escalation of key risks.
Provide oversight, guidance and support to ensure risks are managed in line with the Group Risk Management Framework, Group Risk Policy Framework and Board Risk Appetite.
Lead oversight and provide assurance across cyber and technology risk, AI and emerging technologies, data risk, operational resilience and strategic change, aligned to evolving industry practice and regulatory expectations.
Deliver high quality, timely risk reporting and insight to senior committees, including thematic reviews and emerging risk identification.
Support senior leadership in delivering annual Enterprise Risk objectives, while leading priority information risk initiatives.
Oversee risk events, incidents and issues, including independent review of root cause analysis, timely escalation, and challenge of remediation effectiveness.
Provide technical leadership and coaching to colleagues, supporting capability development and consistent application of the Group Risk Management Framework.
What Do We Need From You? A recognised certification (e.g. CISA, CISM, CISSP, CRISC) or an equivalent qualification in risk, IT or information security.
Strong technical experience in IT, information security, technology risk and resilience, including frameworks such as NIST and ISO 27001.
Proven second line experience in risk oversight, assessment, control evaluation and embedding enterprise risk frameworks and risk appetite.
Demonstrated leadership and delivery capability coordinating multiple workstreams and delivering initiatives.
Strong analytical and strategic thinking skills, with the ability to interpret complex issues, identify emerging risks and translate these into actionable insights.
What’s In It For You? We have a newly refurbished head office which offers a vibrant and collaborative working space.
Annual discretionary bonus scheme.
25 days standard annual leave +
Hours: Permanent, full time role (35 hours per week) with hybrid and flexible working. You'll spend 3 days per week collaborating with colleagues at our Head Office in Skipton.
Closing Date: Sat, 20 Jun 2026
Role Summary In a world of rapid technological change and evolving external threats, the Information Risk Lead plays a key role in keeping the Society secure, resilient and future ready. You will lead second line oversight of risk management activity across cyber, technology (including AI), data, change and operational resilience, ensuring robust protection while enabling innovation and progress.
Who Are We? Not just another building society. Not just another job. We’re the fourth biggest building society in the UK and what makes us a bit different is that we’re a mutual organisation. We don’t have shareholders; we’re owned by our members. Our colleagues say Skipton’s a great place to work, and you could be one of them, bringing with you new ideas on how we can keep customers at the heart of what we do. Whatever your background, and whatever your goals, we’ll help you take the next step towards a better future.
What Will You Be Doing? Provide strong independent second line oversight and challenge of first line activities, including risk assessments, control testing and mitigation actions, ensuring effective framework implementation and escalation of key risks.
Provide oversight, guidance and support to ensure risks are managed in line with the Group Risk Management Framework, Group Risk Policy Framework and Board Risk Appetite.
Lead oversight and provide assurance across cyber and technology risk, AI and emerging technologies, data risk, operational resilience and strategic change, aligned to evolving industry practice and regulatory expectations.
Deliver high quality, timely risk reporting and insight to senior committees, including thematic reviews and emerging risk identification.
Support senior leadership in delivering annual Enterprise Risk objectives, while leading priority information risk initiatives.
Oversee risk events, incidents and issues, including independent review of root cause analysis, timely escalation, and challenge of remediation effectiveness.
Provide technical leadership and coaching to colleagues, supporting capability development and consistent application of the Group Risk Management Framework.
What Do We Need From You? A recognised certification (e.g. CISA, CISM, CISSP, CRISC) or an equivalent qualification in risk, IT or information security.
Strong technical experience in IT, information security, technology risk and resilience, including frameworks such as NIST and ISO 27001.
Proven second line experience in risk oversight, assessment, control evaluation and embedding enterprise risk frameworks and risk appetite.
Demonstrated leadership and delivery capability coordinating multiple workstreams and delivering initiatives.
Strong analytical and strategic thinking skills, with the ability to interpret complex issues, identify emerging risks and translate these into actionable insights.
What’s In It For You? We have a newly refurbished head office which offers a vibrant and collaborative working space.
Annual discretionary bonus scheme.
25 days standard annual leave +
