At a Glance
- Tasks: Drive IT risk management and improve controls while collaborating with senior management.
- Company: Join a leading UK IT and Operations team at Zurich.
- Benefits: Enjoy flexible working hours, competitive pension, and private medical insurance.
- Other info: Inclusive employer committed to supporting diverse applicants.
- Why this job: Make a real impact on IT risk management in a dynamic environment.
- Qualifications: Risk Management or Security qualifications with practical IT Risk experience.
The predicted salary is between 40000 - 50000 £ per year.
Working hours: This role is available on a part-time, job-share or full-time basis.
Location: Swindon or Fareham, hybrid
Closing date for applications: 5th June 2026
The opportunity: This is an opportunity to join the UK IT and Operations team, reporting to the Head of IT Service Delivery, where you will collaborate with the management team, bursting with ideas on how to move our UK business forward. You will be asked to drive change and improve on a set of already well-established IT Controls and an IT Risk Management Framework to allow senior IT management, business functions and 3rd party service providers to demonstrate they are managing and safeguarding company assets, data, and operations. Your ideas will be heard. You will collaborate and influence IT management, the IT Governance and Controls Manager and other governance colleagues to gather data and collate, aggregate and interpret information to provide the Boards of Directors, Business Executives and other interested parties with an assessment of the UK IT Risk and Controls landscape. You will also manage multiple demands for IT risk-based information within Zurich, ensuring all reporting commitments are met. You will work alongside local and regional Group IT functions, Service Providers (through internal and external suppliers), and business functions to ensure that Zurich is proactive in the management of IT Operational Risk and Controls. The role is varied, interesting, and there are genuine opportunities to get stuck in and make a difference. Many of our employees work flexibly in a variety of different ways, including part-time, flexible hours, job share, an element of working from home or compressed hours. This is because we want the best people for our roles, and we recognise that sometimes those people aren’t available full-time. Please talk to us at the interview about the flexibility you may need.
What will you be doing?
- Perform regular and ad hoc risk reporting for Boards of Directors, Business Executives and other interested parties.
- Shape, influence and deliver IT risk and control assurance activity for both external IT Service providers and Group, working with senior level representatives from all areas.
- Drive, facilitate and participate in regular IT risk assessment initiatives, including the quarterly cyber risk and control assessment, the annual IT operational resilience assessment and IT supplier risk assessments.
- Maintain and operate IT risk and control frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT risks and controls, influencing continuous improvement activity.
- Ensure compliance with IT-related policies and regulatory requirements; develop plan to remediate compliance gaps.
- Maintain a strong network with other governance colleagues, senior stakeholders and major partners across IT and the wider Zurich business.
- Provide regional support and co-ordination for external/internal audit and other assurance processes.
- Manage the activity of the UK Supplier IT Risk and Controls Consultant and the IT Risk Consultant.
What are we looking for?
You will ideally have a Risk Management qualification (CIRM, CRISC) or a Professional Security Qualification (CISA, CISM, CISSP) with solid practical experience as an IT Risk Specialist, with a good understanding of common information security management frameworks, such as NIST Cyber Security Framework and International Standards Organization (ISO) 27000. You will have great written and verbal communication skills, being able to produce written IT risk reporting on technical issues that requires little re-write, and is clear, concise and meaningful to both IT and non-IT stakeholders. You will have the confidence to take part in and contribute to meetings in an insightful but succinct way and be able to provide expert advice when required. The ability to understand when to listen, when to question and how to set the scene for and keep the conversation relevant to the issue in hand is a pre-requisite of the role. The ability to develop trusted and collaborative working relationships with stakeholders at all levels is a key requirement of the role to enable open and transparent discussions to identify areas of concern. Having a pragmatic approach is essential as is understanding the goals and challenges faced by the stakeholders with whom you interact. It would be great if you have a good understanding of the UK Financial Services Regulatory environment, and an understanding of IT Supplier contracts would be a real bonus.
What will you get in return?
We offer a wide range of employee benefits to allow you to choose what fits you. Our benefits include 12% defined non-contributory pension scheme, annual company bonus, private medical insurance and the option to buy up to an additional 20 days or sell some of your holiday, alongside a range of other flexible benefits.
Your application: We’re committed to treating all applicants fairly and with respect, irrespective of their actual or assumed background, sexual orientation, disability or any other protected characteristic. As an inclusive employer we also want to ensure that all candidates feel comfortable and are able to perform at their best during the interview. You’ll have the opportunity to let us know of any reasonable adjustment or practical support needed when you apply. We’d love it if you could submit your application online. If you require an alternative method of applying, please send an email to recruitment@uk.zurich.com.
IT Risk Consultant in Swindon employer: Zurich 56 Company Ltd
Zurich is an exceptional employer that values flexibility and innovation, offering a hybrid work environment in Swindon or Fareham. With a strong focus on employee growth, we provide comprehensive benefits including a generous pension scheme, private medical insurance, and opportunities for meaningful contributions to IT risk management. Our inclusive culture encourages collaboration and ensures that every voice is heard, making it a rewarding place to develop your career.
StudySmarter Expert Advice🤫
We think this is how you could land IT Risk Consultant in Swindon
✨Tip Number 1
Network like a pro! Reach out to current employees on LinkedIn or at industry events. Ask them about their experiences and any tips they might have for landing a role at Zurich. Personal connections can make all the difference!
✨Tip Number 2
Prepare for the interview by researching the company culture and values. Understand how Zurich approaches IT risk management and be ready to discuss how your skills align with their goals. Show them you’re not just another candidate, but someone who truly gets what they’re about.
✨Tip Number 3
Practice your communication skills! Since this role involves interacting with various stakeholders, being able to convey complex IT risk concepts in a clear and concise manner is key. Try explaining your past projects to friends or family to refine your pitch.
✨Tip Number 4
Don’t forget to highlight your flexibility! With Zurich offering part-time and hybrid options, be sure to mention how you can adapt to different working arrangements. This shows you’re open-minded and ready to fit into their dynamic work environment.
We think you need these skills to ace IT Risk Consultant in Swindon
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter for the IT Risk Consultant role. Highlight your relevant experience and qualifications, especially those that align with the job description. We want to see how you can bring your unique skills to our team!
Showcase Your Communication Skills:Since great written communication is key for this role, ensure your application is clear, concise, and free of jargon. Use straightforward language to demonstrate your ability to convey complex information effectively. Remember, we’re looking for clarity that resonates with both IT and non-IT stakeholders.
Highlight Your Collaborative Spirit:We value teamwork, so don’t forget to mention any experiences where you’ve successfully collaborated with others. Whether it’s working with senior management or cross-functional teams, show us how you can build trusted relationships and drive change together.
Apply Through Our Website:We encourage you to submit your application online through our website. It’s the easiest way for us to receive your details and ensures you’re considered for the role. If you have any questions or need assistance, feel free to reach out!
How to prepare for a job interview at Zurich 56 Company Ltd
✨Know Your Risk Management Frameworks
Familiarise yourself with common information security management frameworks like NIST and ISO 27000. Be ready to discuss how these frameworks apply to the role and share examples of how you've used them in past experiences.
✨Communicate Clearly and Concisely
Practice articulating complex IT risk concepts in a way that’s easy for both technical and non-technical stakeholders to understand. Prepare a few key points or stories that showcase your ability to communicate effectively in meetings.
✨Show Your Collaborative Spirit
Highlight your experience in building relationships with stakeholders at all levels. Think of specific instances where you’ve successfully influenced decisions or driven change through collaboration, as this is crucial for the role.
✨Prepare for Scenario-Based Questions
Anticipate questions that ask how you would handle specific IT risk scenarios. Think about your approach to risk assessments and compliance gaps, and be ready to explain your thought process and decision-making strategies.
