At a Glance
- Tasks: Lead IT risk management, ensuring compliance and overseeing engineering teams.
- Company: Global insurance leader with a focus on technology and innovation.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional growth.
- Other info: Join a dynamic team with a strong emphasis on collaboration and career development.
- Why this job: Make a significant impact in a senior role with high autonomy and ownership.
- Qualifications: Experience in IT risk management and familiarity with cloud security and regulations.
The predicted salary is between 80000 - 80000 £ per year.
We're partnering with a global Insurance business to find an IT Risk Manager for their technology function. This is a senior individual contributor role sitting between first and second line of defence - embedded within engineering, owning the risk process end-to-end. The technology teams are first line. You sit just above them, providing the risk oversight that bridges engineering and the central risk function. All IT and data risk flows through this person.
You'll chair the internal IT Risk Committee, produce and improve quarterly risk reporting packs, manage vulnerability remediation SLAs, and drive policy and controls work in support of DORA, ISO 27001, and GDPR compliance. You'll work closely with the Head of Engineering and Group CISO. High autonomy, high ownership.
What we're looking for:
- Genuine First Line of Defence (FLOD) experience - this is the defining requirement
- Cloud security awareness (AWS and/or Azure); comfortable with firewalls, IAM, SIEM, and vulnerability scanning
- Familiarity with ISO 27000, COBIT, NIST 800 and relevant regulations (FCA/PRA, DORA, GDPR)
- Strong reporting skills - you'll be presenting to committees and board level
- The pragmatism to build a risk function at the right pace for the business
IT Risk Manager employer: Wilson Brown
As a leading global Insurance business, we pride ourselves on fostering a dynamic and inclusive work culture that empowers our employees to thrive. With a strong focus on professional development, we offer extensive growth opportunities and the chance to make a significant impact in the IT Risk domain. Our hybrid working model allows for flexibility while being based in London, providing a vibrant environment that encourages collaboration and innovation.
StudySmarter Expert Advice🤫
We think this is how you could land IT Risk Manager
✨Tip Number 1
Network like a pro! Reach out to your connections in the insurance and financial services sectors. Attend industry events or webinars where you can meet potential employers and showcase your expertise in IT risk management.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of DORA, ISO 27001, and GDPR compliance. Be ready to discuss how you've managed risk processes in previous roles and how you can bring that experience to the table.
✨Tip Number 3
Showcase your reporting skills! Create a portfolio of your past risk reports and presentations. This will not only demonstrate your ability to communicate complex information but also give you an edge when presenting to committees and board members.
✨Tip Number 4
Don't forget to apply through our website! We make it easy for you to find the right opportunities. Plus, it shows you're serious about landing that IT Risk Manager role with us.
We think you need these skills to ace IT Risk Manager
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the IT Risk Manager role. Highlight your experience with first line of defence, cloud security, and relevant regulations like ISO 27001 and GDPR. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention your familiarity with risk management processes and your ability to work closely with engineering teams. Let us know what excites you about joining StudySmarter!
Showcase Your Reporting Skills:Since you'll be presenting to committees and board level, it's crucial to showcase your strong reporting skills. Include examples of how you've produced and improved risk reporting packs in the past. We love seeing concrete examples of your achievements!
Apply Through Our Website:Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it gives you a chance to explore more about our company culture and values!
How to prepare for a job interview at Wilson Brown
✨Know Your Risk Frameworks
Make sure you brush up on your knowledge of ISO 27000, COBIT, and NIST 800. Be ready to discuss how these frameworks apply to the role and how you've used them in past experiences. This will show that you understand the regulatory landscape and can navigate it effectively.
✨Demonstrate Your First Line of Defence Experience
Prepare specific examples from your previous roles where you acted as a First Line of Defence. Highlight situations where you provided risk oversight and how you managed vulnerabilities. This will help illustrate your hands-on experience and ability to bridge engineering with risk management.
✨Showcase Your Reporting Skills
Since you'll be presenting to committees and board level, practice summarising complex information into clear, concise reports. Bring along examples of your previous reporting packs if possible, and be ready to explain how you improved them over time.
✨Understand Cloud Security Basics
Familiarise yourself with cloud security concepts, especially around AWS and Azure. Be prepared to discuss firewalls, IAM, SIEM, and vulnerability scanning. Showing that you have a solid grasp of these topics will demonstrate your readiness for the technical aspects of the role.
