IT & Security Risk Manager

We're Kingfisher, A team made up of over 74,000 passionate people who bring Kingfisher - and all our other brands: B&Q, Screwfix, Brico Depot, Castorama and Koctas - to life. We want to become the leading home improvement company and grow the largest community of home improvers in the world. And that's where you come in.

At Kingfisher our customers come from all walks of life, and so do we. We want to ensure that all colleagues, future colleagues, and applicants to Kingfisher are treated equally regardless of age, gender, marital or civil partnership status, colour, ethnic or national origin, culture, religious belief, philosophical belief, political opinion, disability, gender identity, gender expression or sexual orientation.

We are open to flexible and agile working, both of hours and location. Therefore, we offer colleagues a blend of working from home and our offices, located in London, Southampton & Yeovil. Talk to us about how we can best support you!

We are looking for an enthusiastic and dedicated IT & Security Risk Manager to join us, to help protect our Customers, Colleagues and Organisation by ensuring that IT and Security risks are identified, assessed, mitigated and managed within the defined Risk Appetite. Supporting the Senior IT & Security Risk Manager, you will play an instrumental role in introducing a new risk management framework - designing and implementing procedures, working with technology teams to capture, assess and record risks as well as designing mitigation controls, maintaining risk registers and delivering risk reports and dashboards to senior management.

This role would suit an individual with a background in IT and security operational risk, who is an adaptable, proactive team player, calm under pressure and able to deliver with minimal supervision. Strong communication (both written and verbal) skills, with the ability to build relationships, influence and drive positive change is essential.

This role will be based out of our B&Q Head Office just outside Southampton, with an expectation of 2-3 days a week in the office.

• Support the Senior IT & Security Risk Manager to introduce a new risk management framework.
• Design and implement risk management procedures to ensure continuous risk assessment and monitoring.
• Work with Technology and Security teams to capture, assess and record risks, design mitigating controls and track actions to completion.
• Run risk workshops with IT and security teams to identify risks, develop team risk registers and provide ongoing support.
• Analyse issues, incidents, threats and vulnerabilities to determine where risks may be present.
• Work with stakeholders to plan risk mitigation and reduce residual risk.
• Maintain the Group Technology and Information Security risk registers.
• Collate risk information from across Group Technology to produce risk reports and dashboards for Senior Management.

• Demonstrable experience identifying, assessing and managing IT and Security operational risks, ideally in a large, complex organisation.
• Good working knowledge of security standards (ISO27001/NIST CSF/COBIT) and IT operations best practice is essential.
• Ability to articulate risks clearly, concisely and accurately both verbally and in writing, to technical and non-technical audiences.
• Proven experience building stakeholder relationships and influencing change.
• Able to write clear, concise and accurate risk documentation.
• A recognised Risk Management qualification is desirable but not required.
• An eye for detail with the ability to spot trends and emerging risk themes.

Be Customer Focused - constantly improving our customers' experience

• I listen to my customers
• I use available data to help make decisions

Be Human - acting with humanity and care

• I do the right thing
• I am respectful

Be Curious - thrive on learning, thinking beyond the obvious

• I build and share new ideas
• I try new things and share my learnings

Be Agile - working with trust, pace and agility

• I have courage to be creative
• Done is better than perfect, I aim for 80/20

Be Inclusive - acting inclusively in diverse teams to work together

• I embrace allyship
• I have self-awareness and a desire to learn

Be Accountable - championing the plan to deliver results and growth

• I own my actions
• I understand the Kingfisher plan and how it relates to my role

At Kingfisher, we value the perspectives that any new team members bring, and we want to hear from you. We encourage you to apply for one of our roles even if you do not feel you meet 100% of the requirements.

In return, we offer an inclusive environment, where what you can achieve is limited only by your imagination! We encourage new ideas, actively support experimentation, and strive to build an environment where everyone can be their best self. Find out more about Diversity & Inclusion at Kingfisher here!

We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career.

Interested? Great, apply now and help us to Power the Possible.

#LI-KO1