Enable job alerts via email!
Risk & Assurance Manager - IT/Infosec
Altum Consulting
Marlow
Hybrid
GBP 60,000 - 80,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology solutions company in Marlow is seeking an experienced professional in IT and Information Security risk management. You will manage risk frameworks, ensuring compliance with industry standards like ISO 27001 and NIST, while engaging with stakeholders across the business. The role requires a minimum of 5 years' experience in risk management or internal audit, preferably within a consultancy environment. This hybrid position requires you in the office for 3 days a week, providing a balanced work/life environment.
Qualifications
- Minimum 5 years of experience in second-line risk management or internal audit.
- Experience in consultancy or professional services preferred.
- Demonstrated leadership in IT risk or audit initiatives.
Responsibilities
- Manage and enhance the IT and Information Security risk landscape.
- Lead the review and enhancement of risk and control frameworks.
- Engage and influence stakeholders across IT and business functions.
Skills
Tools
This business is a £1billion+ technology solutions business which is continuing to grow organically and is one of the top 10 businesses in the UK to work for regarding work/life balance!
This role focuses on managing and enhancing the IT and Information Security risk landscape. Reporting directly to the Head of Risk and Assurance, you will play a key role in embedding effective risk management practices across the bsuiness's technology and cybersecurity domains.
You will be leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. You will also own and maintain IT Risk and Control Matrices (RCMs), ensuring they remain current, comprehensive, and aligned with industry standards and audit expectations.
- Minimum 5 years of experience in second-line risk management or internal audit, with a strong focus on IT or Information Security.
- Experience in consultancy or professional services, with a proven ability to support complex transformation or change programmes is preferred.
- Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes.
- Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CIS Controls, and regulatory requirements like GDPR.
- Proven ability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at all levels.
This is a hybrid opportunity, with the business needing you in the office 3 days a week.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
