At a Glance
- Tasks: Lead IT risk management, ensuring compliance and overseeing risk processes.
- Company: Global insurance firm with a focus on technology and innovation.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional growth.
- Other info: Join a dynamic team and collaborate closely with engineering and risk functions.
- Why this job: Make a real impact in a senior role with high autonomy and ownership.
- Qualifications: Experience in first line of defence and cloud security awareness.
The predicted salary is between 80000 - 80000 £ per year.
We're partnering with a global Insurance business to find an IT Risk Manager for their technology function. This is a senior individual contributor role sitting between first and second line of defence - embedded within engineering, owning the risk process end-to-end.
The technology teams are first line. You sit just above them, providing the risk oversight that bridges engineering and the central risk function. All IT and data risk flows through this person. You'll chair the internal IT Risk Committee, produce and improve quarterly risk reporting packs, manage vulnerability remediation SLAs, and drive policy and controls work in support of DORA, ISO 27001, and GDPR compliance. You'll work closely with the Head of Engineering and Group CISO. High autonomy, high ownership.
What we're looking for:
- Genuine First Line of Defence (FLOD) experience - this is the defining requirement
- Cloud security awareness (AWS and/or Azure); comfortable with firewalls, IAM, SIEM, and vulnerability scanning
- Familiarity with ISO 27000, COBIT, NIST 800 and relevant regulations (FCA/PRA, DORA, GDPR)
- Strong reporting skills - you'll be presenting to committees and board level
- The pragmatism to build a risk function at the right pace for the business
- CISSP, CISM or CISA desirable but not essential
Above all, we're looking for someone who truly understands first line of defence (FLOD) - technically grounded enough to work alongside engineering teams, and risk-savvy enough to own the process with confidence. If that's you, we'd love to hear from you.
IT Risk Manager in City of London employer: Wilson Brown Limited
Join a leading global Insurance business as an IT Risk Manager, where you'll enjoy a dynamic hybrid work environment in London, fostering a culture of innovation and collaboration. With a strong emphasis on employee growth, you will have the opportunity to lead critical risk processes while working closely with senior leadership, ensuring your contributions are valued and impactful. The company offers competitive remuneration, comprehensive benefits, and a commitment to compliance and excellence, making it an exceptional place for professionals seeking meaningful and rewarding careers.
StudySmarter Expert Advice🤫
We think this is how you could land IT Risk Manager in City of London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at events. A friendly chat can open doors that a CV just can't.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of cloud security and risk management frameworks. We want you to feel confident discussing your experience with AWS, Azure, and compliance standards.
✨Tip Number 3
Showcase your reporting skills! Bring examples of your past work to interviews, especially if you've presented to committees or board members. It’s all about demonstrating your ability to communicate complex information clearly.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who take that extra step.
We think you need these skills to ace IT Risk Manager in City of London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the IT Risk Manager role. Highlight your FLOD experience and any relevant cloud security knowledge. We want to see how your skills align with what we're looking for!
Showcase Your Reporting Skills:Since you'll be presenting to committees and board level, it's crucial to demonstrate your strong reporting skills in your application. Include examples of reports you've created or presented in the past that had a significant impact.
Be Clear About Your Autonomy:We value high autonomy and ownership in this role. In your application, share instances where you've taken charge of projects or processes, especially in risk management or technology functions.
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Wilson Brown Limited
✨Know Your FLOD Inside Out
Make sure you can clearly articulate your experience with the First Line of Defence (FLOD). Be ready to discuss specific examples where you've successfully managed risks in a tech environment, especially how you've collaborated with engineering teams.
✨Brush Up on Compliance Standards
Familiarise yourself with ISO 27001, DORA, and GDPR regulations. Prepare to explain how you've implemented these standards in previous roles, as this will show your understanding of compliance and its importance in risk management.
✨Showcase Your Reporting Skills
Since you'll be presenting to committees and board members, practice summarising complex information into clear, concise reports. Bring examples of your past reporting work to demonstrate your ability to communicate effectively at all levels.
✨Demonstrate Cloud Security Knowledge
Be prepared to discuss your experience with cloud security, particularly AWS or Azure. Highlight any specific projects where you've dealt with firewalls, IAM, or vulnerability scanning, as this will showcase your technical grounding in the role.
