At a Glance
- Tasks: Drive change in IT risk management and collaborate with senior management to safeguard company assets.
- Company: Join a leading UK IT and Operations team at Zurich, known for its inclusive culture.
- Benefits: Enjoy flexible working hours, competitive pension scheme, and private medical insurance.
- Other info: Flexible roles available; we value diverse backgrounds and encourage all to apply.
- Why this job: Make a real impact on IT risk and controls while developing your career in a dynamic environment.
- Qualifications: Risk Management or Security qualifications with practical IT risk experience preferred.
The predicted salary is between 45000 - 55000 £ per year.
Working hours: This role is available on a part-time, job-share or full-time basis.
Location: Swindon or Fareham, hybrid
Closing date for applications: 5th June 2026
The opportunity
This is an opportunity to join the UK IT and Operations team, reporting to the Head of IT Service Delivery, where you will collaborate with the management team, bursting with ideas on how to move our UK business forward. You will be asked to drive change and improve on a set of already well-established IT Controls and an IT Risk Management Framework to allow senior IT management, business functions and 3rd party service providers to demonstrate they are managing and safeguarding company assets, data, and operations. Your ideas will be heard. You will collaborate and influence IT management, the IT Governance and Controls Manager and other governance colleagues to gather data and collate, aggregate and interpret information to provide the Boards of Directors, Business Executives and other interested parties with an assessment of the UK IT Risk and Controls landscape. You will also manage multiple demands for IT risk-based information within Zurich, ensuring all reporting commitments are met. You will work alongside local and regional Group IT functions, Service Providers (through internal and external suppliers), and business functions to ensure that Zurich is proactive in the management of IT Operational Risk and Controls. The role is varied, interesting, and there are genuine opportunities to get stuck in and make a difference. Many of our employees work flexibly in a variety of different ways, including part-time, flexible hours, job share, an element of working from home or compressed hours. This is because we want the best people for our roles, and we recognise that sometimes those people aren’t available full-time. Please talk to us at the interview about the flexibility you may need.
What will you be doing?
- Perform regular and ad hoc risk reporting for Boards of Directors, Business Executives and other interested parties
- Shape, influence and deliver IT risk and control assurance activity for both external IT Service providers and Group, working with senior level representatives from all areas
- Drive, facilitate and participate in regular IT risk assessment initiatives, including the quarterly cyber risk and control assessment, the annual IT operational resilience assessment and IT supplier risk assessments
- Maintain and operate IT risk and control frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT risks and controls, influencing continuous improvement activity
- Ensure compliance with IT-related policies and regulatory requirements; develop plan to remediate compliance gaps
- Maintain a strong network with other governance colleagues, senior stakeholders and major partners across IT and the wider Zurich business
- Provide regional support and co-ordination for external/internal audit and other assurance processes
- Manage the activity of the UK Supplier IT Risk and Controls Consultant and the IT Risk Consultant
What are we looking for?
You will ideally have a Risk Management qualification (CIRM, CRISC) or a Professional Security Qualification (CISA, CISM, CISSP) with solid practical experience as an IT Risk Specialist, with a good understanding of common information security management frameworks, such as NIST Cyber Security Framework and International Standards Organization (ISO) 27000. You will have great written and verbal communication skills, being able to produce written IT risk reporting on technical issues that requires little re-write, and is clear, concise and meaningful to both IT and non-IT stakeholders. You will have the confidence to take part in and contribute to meetings in an insightful but succinct way and be able to provide expert advice when required. The ability to understand when to listen, when to question and how to set the scene for and keep the conversation relevant to the issue in hand is a pre-requisite of the role. The ability to develop trusted and collaborative working relationships with stakeholders at all levels is a key requirement of the role to enable open and transparent discussions to identify areas of concern. Having a pragmatic approach is essential as is understanding the goals and challenges faced by the stakeholders with whom you interact. It would be great if you have a good understanding of the UK Financial Services Regulatory environment, and an understanding of IT Supplier contracts would be a real bonus.
What will you get in return?
We offer a wide range of employee benefits to allow you to choose what fits you. Our benefits include 12% defined non-contributory pension scheme, annual company bonus, private medical insurance and the option to buy up to an additional 20 days or sell some of your holiday, alongside a range of other flexible benefits.
Your application
We’re committed to treating all applicants fairly and with respect, irrespective of their actual or assumed background, sexual orientation, disability or any other protected characteristic. As an inclusive employer we also want to ensure that all candidates feel comfortable and are able to perform at their best during the interview. You’ll have the opportunity to let us know of any reasonable adjustment or practical support needed when you apply. We’d love it if you could submit your application online. If you require an alternative method of applying, please send an email to recruitment@uk.zurich.com.
Hybrid IT Risk & Controls Specialist in Swindon employer: Zurich 56 Company Ltd
Zurich is an exceptional employer that values flexibility and innovation, offering a hybrid work environment in Swindon or Fareham. With a strong focus on employee growth, we provide comprehensive benefits including a generous pension scheme, private medical insurance, and opportunities for professional development. Our inclusive work culture encourages collaboration and the sharing of ideas, ensuring that every voice is heard and contributes to meaningful change within the organisation.
StudySmarter Expert Advice🤫
We think this is how you could land Hybrid IT Risk & Controls Specialist in Swindon
✨Tip Number 1
Network like a pro! Reach out to current employees on LinkedIn or at industry events. Ask them about their experiences and any tips they might have for landing a role at Zurich. Personal connections can make all the difference!
✨Tip Number 2
Prepare for those interviews! Research common IT risk management questions and practice your responses. Be ready to discuss how your skills align with the job description, especially around IT controls and risk frameworks.
✨Tip Number 3
Show off your soft skills! During interviews, highlight your ability to communicate complex ideas clearly and build relationships with stakeholders. This is key for a role that involves collaboration and influence.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re serious about joining the team and ready to contribute to Zurich's success.
We think you need these skills to ace Hybrid IT Risk & Controls Specialist in Swindon
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter for the Hybrid IT Risk & Controls Specialist role. Highlight your relevant experience and skills that align with the job description, especially your understanding of IT risk management frameworks.
Showcase Your Communication Skills:Since great written communication is key for this role, ensure your application is clear, concise, and free of jargon. Use straightforward language to demonstrate your ability to convey complex information effectively.
Highlight Your Collaborative Spirit:We value teamwork, so mention any experiences where you've successfully collaborated with stakeholders or influenced decision-making. This will show us you can build those trusted relationships we’re looking for.
Apply Online for a Smooth Process:We encourage you to submit your application through our website for the best experience. It’s quick and easy, and it helps us keep track of all applications efficiently!
How to prepare for a job interview at Zurich 56 Company Ltd
✨Know Your Risk Management Frameworks
Familiarise yourself with common information security management frameworks like NIST and ISO 27000. Be ready to discuss how these frameworks apply to the role and share examples of how you've used them in past experiences.
✨Communicate Clearly and Confidently
Practice articulating complex IT risk concepts in a way that’s easy for non-IT stakeholders to understand. Prepare to showcase your written communication skills by bringing along samples of reports or documentation you've created.
✨Showcase Your Collaborative Spirit
Be prepared to discuss how you’ve built trusted relationships with stakeholders at various levels. Think of specific instances where your collaboration led to successful outcomes, especially in risk assessment initiatives.
✨Be Ready to Discuss Flexibility
Since the role offers flexible working options, think about what flexibility you might need and be open to discussing it during the interview. This shows that you’re proactive and considerate of both your needs and the company’s.
