Enable job alerts via email!
Risk & Assurance Manager - IT/InfoSec
Altum Consulting
Manchester
Hybrid
GBP 65,000 - 70,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading UK technology services organisation is seeking an experienced IT Risk and Compliance professional. In this hybrid role, you will shape and enhance IT and infosec risk frameworks, ensuring they are compliant with regulations such as ISO 27001 and GDPR. You should have at least 5 years of focused experience in second-line risk or internal audit, supported by strong stakeholder management skills. The role expects you to spend three days per week in the office, reflecting the company's commitment to work-life balance.
Benefits
Qualifications
- At least 5 years’ experience in second-line risk or internal audit with an IT focus.
- Experience in consulting or professional services is advantageous.
- Proven experience leading IT risk or audit initiatives.
Responsibilities
- Shape and enhance IT and infosec risk and control frameworks.
- Own IT Risk & Control Matrices (RCMs).
- Ensure frameworks are audit-ready.
Skills
practice area: Risk and Compliance
salary: £65,000.00 - £70,000.00 per annum Discretionary Bonus
This is a £1bn UK technology services organisation experiencing continued organic growth. It also has a strong reputation as an employer, regularly recognised as one of the top UK businesses for work-life balance.
The position sits within the second line and is focused on IT and Information Security risk oversight. Reporting into the Head of Risk & Assurance, you'll play a key role in strengthening how technology and cyber risks are identified, managed and communicated across the organisation.
You’ll be responsible for shaping and enhancing IT and infosec risk and control frameworks, working with standards such as ISO 27001, ITIL, ISO 22301 and NIST to ensure alignment with regulatory expectations and business priorities. The role also includes ownership of IT Risk & Control Matrices (RCMs), ensuring they remain robust, up to date and audit-ready.
At least 5 years’ experience in second-line risk or internal audit, with a clear IT / Information Security focus
Background in consulting or professional services would be advantageous, particularly where you’ve supported transformation or change programmes
Proven experience leading IT risk or audit initiatives, managing deliverables and influencing outcomes
Strong understanding of recognised frameworks and regulations, including ISO 27001, NIST, CIS Controls and GDPR
Confident stakeholder manager, able to build credibility and challenge effectively across IT, security and the wider business
This is a hybrid role, with an expectation of three days per week in the office.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
