Senior Information Risk Specialist

Hours: 35 Hours per week
Hybrid working
Salary: Up to £55,000 depending on experience
Closing Date: Sun, 13 Apr 2025

A fantastic new opportunity has arisen within the Group Enterprise & Operational Risk Team for a Senior Information Risk Specialist. This is an exciting time to join the team and work closely with the rest of the business and wider Group to continue to protect our customers. You will be responsible for providing second line risk oversight across IT, information security and operational resilience. You will support the execution of our risk framework, cyber security and operational resilience roadmaps and challenging initiatives and projects.

Not just another building society. Not just another job. We're the fourth biggest building society in the UK and what makes us a bit different is that we're a mutual organisation. We don't have shareholders; we're owned by our members. Our colleagues say Skipton's a great place to work, and you could be one of them, bringing with you new ideas on how we can keep customers at the heart of what we do. Whatever your background, and whatever your goals, we'll help you take the next step towards a better future.

Skipton values work/life balance and we are proud to support hybrid and flexible working, where possible. We have a newly refurbished head office which offers a vibrant and collaborative working space. We have a range of other benefits available to you including:

1. Annual discretionary bonus scheme
2. 25 days standard annual leave + bank holidays + rising 1 day per year of service to a maximum of 30 days
3. Holiday trading scheme allowing the ability to buy and sell additional annual leave days
4. Matching employer pension contribution (up to 10% per annum)
5. Colleague mortgage (conditions apply)
6. Salary sacrifice scheme for hybrid & electric car
7. A commitment to training and development
8. Private medical insurance for all our colleagues
9. 3 paid volunteering days per annum
10. Diverse and inclusive colleague networks available for you to join including our Carers and Pride Alliance groups
11. We care about your health and wellbeing – we provide a range of benefits that support this including cycle to work initiative and discounted gym membership

Work closely with the wider team to implement and oversee the operation of the Group Risk Management Framework for information risk across the Group. Effective challenge and oversight that information risks (including security, resilience and IT risks) are clearly articulated, mitigated and managed. Provide SME information risk view and challenge when supporting change initiatives and projects. Produce analysis and reporting of the internal and external risk and control environment ensuring timely identification of themes and emerging trends and issues. Perform thematic reviews across the group including reporting to senior management. Deliver high quality reporting for relevant stakeholders, committees and Board as required. Support delivery of risk and control reviews against emerging themes. Support information risk training and awareness activity as required and support the embedding of a strong risk framework and culture.

Skills
Proficiency in data analysis, including the ability to collate and interpret large volumes of complex data and present this clearly and concisely to a range of stakeholders. Ability to understand technical and business concepts. Ability to understand and articulate IT risk and effective controls. Relevant (academic or professional) risk, IT or security qualifications (for example, CISA, CISM, CISSP).

Knowledge
Knowledge of the underlying IT / business technologies and practices used to manage, operate and secure information, systems and networks.

Experience
Delivering committee pack papers, reports and policy and framework documentation.