×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Risk Manager

Job in Telford, Shropshire, TF3, England, UK
Listing for: Phoenix Group
Part Time position
Listed on 2026-02-14
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 70000 GBP Yearly GBP 70000.00 YEAR
Job Description & How to Apply Below
Position: IS Risk Manager

Job Description

Location

Hybrid: this role could be based in Edinburgh, London or Birmingham offices, with time spent weekly in both the office and  amount of time in the office is variable based on business need.

Flexible working

All roles are open to part-time, job-share and other types of flexibility. We will discuss what is important to you and balancing this with business requirements during the recruitment process. You can read more about Phoenix Flex here.

Closing Date

16 February 2026

Salary and benefits

Up to £70,000, dependent upon experience, plus 16-32% bonus potential, private medical cover, 38 days annual leave, excellent pension, 12x salary life assurance, career breaks, income protection, 3x volunteering days and much more.

The role

Non-Financial Risk is part of Group Risk and has a fantastic opportunity for a talented individual to join the team as an Information Security & Cyber Risk Manager within the newly forming IT/IS/Resilience and Supplier Risk Oversight Team. The role is to provide Second Line Subject Matter Expert (SME) advice, oversight and challenge on Line 1’s design and operation of their Information Security, Information Management and Cyber related standards, risks and controls.

The role holder will, in addition to regular oversight of the Information Security, Information Management and Cyber Risk control environments, both lead and support the delivery of a rolling programme of Thematic and Risk based focused reviews, following a structured methodology. This will involve shaping the scope of reviews, preparing for and performing field work, validation of proposed findings and provision of insightful recommendations to Line 1 through clear written reporting.

Key

Accountabilities
  • Provide ongoing oversight and challenge to Line 1 led Information Security, Information Management and Cyber Risk control management
  • Analyse and interpret key risk indicators and risk and control reporting to help determine where Line 2 effort is best focused, and to develop formal Line 2 opinions on Information Security, Information Management and Cyber matters
  • Provide insight, oversight and challenge within assigned monthly Forums
  • Lead Line 2 led Information Security, Information Management and Cyber Risk Thematic/Risk Reviews throughout the full lifecycle, including Planning/Terms of Reference, Fieldwork, Findings Validation and Reporting stages
  • Provide oversight and challenge on material Projects and Programmes
  • Oversee Line 1 activity to ensure adherence to the Group’s Risk Management Framework, providing advice and guidance as required
  • Support the broader team with assigned Line 2 activity relating to Information Technology, AI, Operational Resilience and Third-Party Management
  • Develop and build relationships with Line 1 and Line 3 peers and senior stakeholders
What are we looking for?
  • Essential:
    Proven experience managing Information Security, Information Management and Cyber Risk, in either a second or third-line capacity, within a high regulated UK industry such as Financial Services
  • Essential:
    Strong stakeholder, relationship management and influencing skills. An accomplished communicator who is comfortable, respectful and calm during sometimes challenging situations where differences of risk opinion need to be clearly positioned and justified. Able to analyse situations in a timely manner, producing clear, insightful and succinct written reports.
  • Preferred:
    Professional qualification in Information Security, Information Management or Cyber Security e.g., from IRM, BCS, ISACA or ISC2 organisations.
  • Preferred:
    Knowledge of Artificial Intelligence (AI) – naturally curious about AI and the advantages it can bring to organisations, in balance with controlling risks
  • Preferred:
    Knowledge of cloud computing, shared responsibility models and associated common risks
  • Preferred: A career background of having worked in IT for large UK corporations, with a solid baseline understanding of Information Security, Information Management and Cyber Risk Management, and control frameworks
We want to hire the whole version of you

We are committed to ensuring that everyone feels accepted and welcome applicants from all backgrounds. If your experience looks different from what we’ve advertised and you believe that you can bring value to the role, we’d love to hear from you.

If you require any adjustments to the recruitment process, please let us know so we can help you to be at your best.

Please note that we reserve the right to remove adverts earlier than the advertised closing date. We encourage you to apply at the earliest opportunity.

Find out more
  • Guide for Candidates:
  • Find or get answers from our colleagues:
  • LI-MJ1
#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search