Enable job alerts via email!
Risk & Assurance Manager - IT/InfoSec
Altum Consulting
Marlow
Hybrid
GBP 65,000 - 70,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology solutions firm in the UK is seeking an experienced IT Risk Manager to oversee and enhance their Information Security risk landscape. This role requires a minimum of 5 years of experience in IT risk management or internal audit with a strong focus on consultancy. The successful candidate will lead initiatives in aligning risk frameworks with business objectives, ensuring compliance with industry standards. This is a hybrid role requiring office presence three days a week.
Benefits
Qualifications
- Minimum 5 years of experience in IT risk management or internal audit.
- Experience in consultancy or professional services is preferred.
- Strong knowledge of regulatory requirements like GDPR.
Responsibilities
- Manage and enhance the IT and Information Security risk landscape.
- Lead the review and enhancement of IT risk and control frameworks.
- Engage and influence stakeholders across IT and business functions.
Skills
Tools
salary: £65,000.00 - £70,000.00 per annum Discretionary Bonus
This business is a £1billion technology solutions business which is continuing to grow organically and is one of the top 10 businesses in the UK to work for regarding work/life balance!
About the opportunity:
This role focuses on managing and enhancing the IT and Information Security risk landscape. Reporting directly to the Head of Risk and Assurance, you will play a key role in embedding effective risk management practices across the business's technology and cybersecurity domains.
You will be leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. You will also own and maintain IT Risk and Control Matrices (RCMs), ensuring they remain current, comprehensive, and aligned with industry standards and audit expectations.
A bit about you:
- Minimum 5 years of experience in second-line risk management or internal audit, with a strong focus on IT or Information Security.
- Experience in consultancy or professional services, with a proven ability to support complex transformation or change programmes is preferred.
- Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes.
- Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CIS Controls, and regulatory requirements like GDPR.
- Proven ability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at all levels.
This is a hybrid opportunity, with the business needing you in the office 3 days a week.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
