Enable job alerts via email!
Risk & Assurance Manager - IT/Infosec
Altum Consulting
Manchester
Hybrid
GBP 60,000 - 80,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology services organisation in the UK is seeking an experienced professional for a hybrid role focused on IT and Information Security risk oversight. You will play a key role in enhancing risk and control frameworks and must have a strong background in IT risk management, ideally with consulting experience. Your responsibilities include ensuring alignment with regulatory expectations and managing IT Risk & Control Matrices. This role requires a confident stakeholder manager capable of influencing outcomes across various teams.
Qualifications
- Minimum of 5 years' experience in IT/security risk or internal audit.
- Background in consulting or professional services is advantageous.
- Proven experience leading IT risk/audit initiatives.
Responsibilities
- Strengthen how technology and cyber risks are identified and managed.
- Shape and enhance IT and info sec risk/control frameworks.
- Manage IT Risk & Control Matrices to ensure they are audit-ready.
Skills
Tools
This is a £1bn+ UK technology services organisation experiencing continued organic growth. It also has a strong reputation as an employer, regularly recognised as one of the top UK businesses for work-life balance.
The position sits within the second line and is focused on IT and Information Security risk oversight. Reporting into the Head of Risk & Assurance, you'll play a key role in strengthening how technology and cyber risks are identified, managed and communicated across the organisation.
You’ll be responsible for shaping and enhancing IT and infosec risk and control frameworks, working with standards such as ISO 27001, ITIL, ISO 22301 and NIST to ensure alignment with regulatory expectations and business priorities. The role also includes ownership of IT Risk & Control Matrices (RCMs), ensuring they remain robust, up to date and audit‑ready.
- At least 5 years' experience in second‑line risk or internal audit, with a clear IT / Information Security focus
- Background in consulting or professional services would be advantageous, particularly where you've supported transformation or change programmes
- Proven experience leading IT risk or audit initiatives, managing deliverables and influencing outcomes
- Strong understanding of recognised frameworks and regulations, including ISO 27001, NIST, CIS Controls and GDPR
- Confident stakeholder manager, able to build credibility and challenge effectively across IT, security and the wider business
This is a hybrid role, with an expectation of three days per week in the office.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
