Information Risk Manager

Nottingham Building Society
Nottingham, UK
27 Jun 2019
18 Jul 2019
Contract Type
Full Time
An opportunity has arisen at our Head Office in Nottingham for an IT and IS Risk Manager to join our Risk function.You will be responsible for 2nd line oversight of the management of IT and IS Risk both within the IT department and the functional business areas. You will ensure that NBS complies with relevant legislation, regulations and codes of practice or technical guidance in all matters relating to IS.

You will understand the importance of IS management, including external drivers and standards such as ISO 27001. You will be responsible for keeping the CRO, Executive Team and Senior Management informed on these issues and advising them of the best approach and opportunities.

The Nottingham, who are we? We are Accountable , Relevant , Respectful , Open , we Work Together and we Support our Communities , these values form the foundations of our Doing the Right Thing culture .

Your contribution:
  • Provide SME advice to Information Security / Information Management Risk Category Owner on the effectiveness of risk management within these risk categories
  • Represent Risk on projects that have a strong IS delivery to ensure that appropriate actions are taken to ensure continued compliance with IS standards
  • Ensure that risks are appropriately managed throughout the lifecycle of change initiatives by undertaking regular reviews of the risk assessments of in-flight projects
  • Advise business areas of concerns and recommendations with regard to IS and systems and build strong relationships with all business areas
  • Ensure that robust systems are in place for monitoring IS and IT incidents
  • Regularly provide an independent, second line view on incidents to the Information Risk Committee (IRC), as required
  • In conjunction with the CRO and IRC Chair, assist in the development of the risk assurance plan. This involves the assessment of systems usage and protocols, processes and their deployment, controls, governance and policies and liaison with staff across the organisation
  • Attend regular training and conferences in order to brief NBS on the latest guidance for dealing with external threats
  • Prepare written reports for the CEO, CRO and committees

Your expertise:
  • Experience managing internal IT/IS reviews
  • Excellent understanding of systems and business requirements processes
  • Proven experience of technical security and compliance ownership
  • Proven experience of working within large change projects within technical environments.
  • Experienced in communicating complex technical requirements to senior management teams
  • Comprehensive experience of Information Security and Data Protection
  • Good communication skills, both written and verbal, with strong capabilities to articulate complex analytical information
  • Able to create and maintain internal stakeholder partnerships
  • Continuous improvement focus and a strong quality and process management focus
  • Ability to make decisions with speed, urgency and accuracy when required.

Please note that if your application is successful with The Nottingham you will be required to undergo background checks. All offers of employment are conditional on receipt of 3 years references and a satisfactory Financial and criminal records check.

Please read our job applicant privacy notice here to find out more information on the data we hold and collect from you, including what we do with that data, who we share your data with and your rights under Data Protection Regulations.

This job was originally posted as

Similar jobs

Similar jobs