Information Risk Manager
Job in
Skipton, North Yorkshire, BD23, England, UK
Listed on 2026-07-19
Listing for:
SBS Skipton Building Society
Full Time, Part Time
position Listed on 2026-07-19
Job specializations:
-
IT/Tech
Job Description & How to Apply Below
Hours & Working Arrangements
Permanent, full‑time role (35 hours per week). Hybrid and flexible working – 3 days per week at the Head Office in Skipton. Closing Date:
Wed, 22 Jul 2026.
In a world of rapid technological change and evolving external threats, the Information Risk Lead plays a key role in keeping the Society secure, resilient and future‑ready. You will lead second line oversight of risk management across cyber, technology (including AI), data, change and operational resilience, ensuring robust protection while enabling innovation and progress.
Responsibilities- Provide strong independent second‑line oversight and challenge of first‑line activities, including risk assessments, control testing, and mitigation actions, ensuring effective framework implementation and escalation of key risks.
- Ensure risks are managed in line with the Group Risk Management Framework, Group Risk Policy Framework and Board Risk Appetite.
- Lead oversight and provide assurance across cyber and technology risk, AI and emerging technologies, data risk, operational resilience and strategic change, aligned to evolving industry practice and regulatory expectations.
- Deliver high‑quality, timely risk reporting and insight to senior committees, including thematic reviews and emerging risk identification.
- Support senior leadership in delivering annual Enterprise Risk objectives, while leading priority information risk initiatives.
- Oversee risk events, incidents and issues, including independent review of root‑cause analyses, timely escalation and challenge of remediation effectiveness.
- Provide technical leadership and coaching to colleagues, supporting capability development and consistent application of the Group Risk Management Framework.
- Recognition through a certification such as CISA, CISM, CISSP, CRISC or equivalent qualification in risk, IT or information security.
- Strong technical experience in IT, information security, technology risk and resilience, including frameworks such as NIST and ISO
27001. - Proven second‑line experience in risk oversight, assessment, control evaluation and embedding enterprise risk frameworks and risk appetite.
- Demonstrated leadership and delivery capability coordinating multiple work streams and delivering initiatives.
- Strong analytical and strategic thinking skills, with the ability to interpret complex issues, identify emerging risks and translate these into actionable insights.
- Newly refurbished head office offering a vibrant and collaborative working space.
- Annual discretionary bonus scheme.
- 25 days standard annual leave + bank holidays + rising 1 day per year of service to a maximum of 30 days.
- Holiday trading scheme allowing the ability to buy and sell additional annual leave days.
- Matching employer pension contribution (up to 10% per annum).
- Colleague mortgage (conditions apply).
- Salary sacrifice scheme for hybrid & electric cars.
- Commitment to training and development.
- Private medical insurance for all colleagues.
- Three paid volunteering days per annum.
- Diverse and inclusive colleague networks, including Carers and Pride Alliance groups.
- Cycle to work initiative and discounted gym membership.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×