Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead IT risk management, monitor controls, and manage risk events from start to finish.
- Company: Join a dynamic team focused on IT risk in a regulated financial services environment.
- Benefits: Enjoy a hybrid work model, generous leave, and a solid pension plan.
- Why this job: Make a real impact by enhancing IT security and compliance while developing your skills.
- Qualifications: Experience in IT infrastructure, risk management, and regulatory compliance is essential.
- Other info: This role offers opportunities for professional growth and collaboration with diverse teams.
The predicted salary is between 54000 - 84000 £ per year.
This is a hybrid role and would require you onsite in Brentwood 2 days per week.
Role Purpose:
Our client is looking for an IT Risk Management Lead who will be responsible for monitoring IT risks and ensuring that all controls are functioning effectively and routinely. You will also manage each risk event from identification to conclusion, identifying any weaknesses in the control environment and putting into place actions to correct.
Key Responsibilities and Accountabilities:
- Review and log all IT risks according to the ISO27001 framework, updating the Information Security Management System risk registers accordingly.
- Prepare a monthly report for the CIO on highlighting a prioritised set of current risks.
- Develop and maintain a register of all IT controls to ensure that they are routinely tested and working effectively.
- Prepare monthly reporting for the CIO to evidence the control environment.
- Work with the second line Risk Function to ensure that they have the necessary reporting to assess the IT risk to the organisation.
- Integrate the detailed IT risk management framework with the Risk function’s risk appetite and other metrics.
- Define and agree IT risk metrics with the Risk function and monitor the effectiveness of these metrics regularly.
- Be responsible for the management of all risk events in accordance with the procedures from the Risk Function.
- Review remediation plans following any risk events.
- Review environmental/regulatory changes that may pose IT risks.
- Work closely with the IT Infrastructure manager to provide cover in extended periods of absence/holidays.
- Influence design of IT change and solutions.
- Provide oversight of control environment of outsource IT partners.
- Assist in development of BCP planning and interpreting test results.
- Ad hoc duties as required.
Essential Skills and Knowledge:
Technical Skills:
- Extensive experience working in IT infrastructure/management roles.
- Experience working in Financial Services/regulated environments.
- Demonstrated experience in disaster recovery planning and business continuity.
- Familiarity with regulatory compliance standards e.g. GDPR, ISO27001.
- Proactive approach to identifying and addressing potential IT risks.
- Relevant experience within an audit, and/or risk management role.
Soft Skills:
- Excellent written and verbal communication skills with the ability to explain complex security issues to non-technical business stakeholders.
- Ability to build relationships with internal and external stakeholders and business partners working collaboratively.
- Strong analytical and problem-solving skills.
- Ability to work independently and within a team.
- Attention to detail and ability to prioritise tasks.
Benefits:
- Pension contribution 5% or more by employee, 10% employer.
- 28 Days Annual Leave.
- Death in Service 4 x Salary.
- Sick Pay – 26 weeks full pay/26 weeks half pay (after 12 months service).
- PMI – BUPA (Taxable benefit) Single Cover – opt in/out.
IT Risk Management Lead employer: Vermelo RPO
Contact Detail:
Vermelo RPO Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Risk Management Lead
✨Tip Number 1
Familiarise yourself with the ISO27001 framework, as this is crucial for the role. Understanding its principles will not only help you in discussions during interviews but also demonstrate your commitment to effective IT risk management.
✨Tip Number 2
Network with professionals in the IT risk management field, especially those who have experience in financial services. Engaging with them can provide insights into the industry and may even lead to referrals or recommendations.
✨Tip Number 3
Stay updated on the latest regulatory changes and trends in IT risk management. Being knowledgeable about current events will allow you to speak confidently about how these changes could impact the organisation during your interview.
✨Tip Number 4
Prepare to discuss specific examples of how you've identified and mitigated IT risks in previous roles. Real-life scenarios will showcase your problem-solving skills and proactive approach, which are essential for this position.
We think you need these skills to ace IT Risk Management Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in IT risk management, particularly in financial services or regulated environments. Use keywords from the job description to demonstrate your fit for the role.
Craft a Compelling Cover Letter: Write a cover letter that specifically addresses the responsibilities and skills mentioned in the job description. Explain how your background aligns with the requirements, especially your experience with ISO27001 and risk management.
Showcase Your Technical Skills: In your application, emphasise your technical skills related to IT infrastructure and risk management. Provide examples of how you've successfully managed IT risks and contributed to disaster recovery planning.
Highlight Soft Skills: Don't forget to mention your soft skills, such as communication and problem-solving abilities. These are crucial for explaining complex issues to non-technical stakeholders and working collaboratively with teams.
How to prepare for a job interview at Vermelo RPO
✨Understand the ISO27001 Framework
Make sure you have a solid grasp of the ISO27001 framework, as this will be crucial for your role. Be prepared to discuss how you've applied this framework in previous positions and how it relates to IT risk management.
✨Prepare for Technical Questions
Expect technical questions related to IT infrastructure and risk management. Brush up on your knowledge of disaster recovery planning, business continuity, and regulatory compliance standards like GDPR and ISO27001.
✨Showcase Your Communication Skills
Since you'll need to explain complex security issues to non-technical stakeholders, practice articulating these concepts clearly. Think of examples where you've successfully communicated technical information to diverse audiences.
✨Demonstrate Problem-Solving Abilities
Be ready to discuss specific instances where you've identified and addressed IT risks. Highlight your analytical skills and provide examples of how you've implemented effective controls or remediation plans in past roles.
