Technology Risk and Governance Manager

We have an exciting opportunity to join our team as a Technology Governance and Risk Manager. You will be responsible for developing and overseeing governance practices that align IT operations with strategic business objectives, regulatory standards, and enterprise risk tolerance. You will also manage a team of analysts to embed accountability and continuous improvement across the technology landscape.

What you will do: This is an overview and not an exhaustive list of responsibilities. Collaborating with your line manager, you will develop your own objectives but focus on all the following:

• Develop, update, and enforce comprehensive IT governance policies and align to our risk management frameworks that support organisational objectives, regulatory compliance, and best practices.
• Work closely with risk owners across Technology to review, validate, and refine risk mitigations and action plans before submitting them to the risk department.
• Ensure that all identified risks are clearly documented, prioritised, and aligned with established governance standards.
• Lead regular risk assessments and facilitate workshops to promote risk awareness and proactive management throughout the technology function.
• Provide guidance and support to ensure the timely identification, escalation, management and remediation of risk events.
• Provide inspirational leadership to a team of Governance and Risk Analysts by setting clear objectives, regularly tracking progress, and offering ongoing mentorship and professional growth opportunities.
• Serve as the central point of contact for all external audit engagements, proactively coordinating audit schedules, resource allocation, and communications between auditors and internal teams.
• Ensure that all audit requests are met with timely and accurate responses, compiling evidence and supporting documentation as required.
• Track all findings and recommendations from annual external audits, assign follow-up actions to appropriate stakeholders, and monitor progress towards completion. Facilitate post-audit reviews and lessons learned sessions to drive ongoing improvements in audit preparedness and response processes.
• Partner with the Technology Office to produce insightful and actionable Governance & Risk reports that inform decision-making at all levels of the organisation.
• Collaborate with both business and IT stakeholders to establish key performance indicators (KPIs) and key risk indicators (KRIs), compliance metrics, and performance benchmarks.
• Utilise data-driven insights to highlight trends, identify areas for improvement, and celebrate successes.

• Proven experience in IT governance, risk, or compliance roles within a complex business or technical environment.
• Familiarity with governance frameworks such as COBIT, ITIL, NIST CSF.
• Demonstrated ability to lead governance and audit activities, including engagement with external auditors.
• Strong understanding of identity and access management controls, particularly JML processes and tools like Conditional Access.
• Experience reviewing and refining risk actions with a focus on clarity, impact, and effectiveness.
• Skilled communicator, able to translate governance concepts for a range of stakeholders and produce actionable reports.
• Proficiency with tools like Power BI, Excel, or other reporting and analytics platforms.

• Certifications such as COBIT Foundation, ITIL, CGEIT, CRISC, or ISO Lead Auditor.
• Exposure to strategic planning, IT operating models, or executive-level reporting.
• Experience working in regulated industries or large enterprise environments.
• Familiarity with governance and compliance considerations in cloud platforms, e.g., Azure, Microsoft Entra, or M365 Security & Compliance Center.

Everywhen is an equal opportunities employer, with a growing and thriving diversity, equity and inclusion strategy; we are committed to a working environment that is free from, is inclusive, and empowers our people to bring their whole self to work and reach their full potential.

We will conduct relevant employment checks prior to you commencing employment with us. These will include verifying your recent employment, address, credit history and a standard criminal record check. Please note: We may close a vacancy prior to the publish end date if the required quality or number of applications has been received. No agencies please.

• Holiday entitlement of 26 days plus bank holidays, increasing with length of service.
• Opportunity to progress your career across the entire Ardonagh family.
• Award‑winning learning & development offering and support to obtain professional qualifications to enhance your knowledge and career prospects.
• Pension scheme for when you feel it's time to retire.
• 24‑hour Employee Assistance support for you and your family's physical and mental wellbeing.
• Corporate perks such as discounted gym memberships, cinema tickets, shopping, Eyecare vouchers, cycle to work and much more.
• One day paid volunteering to give back to our communities.
• Ardonagh Community Trust (ACT) – raising funds for charity with donation matching in your local community.
• The Spotlight Awards, where we celebrate the best of the Ardonagh Group and all the bright talent across our business.