Senior Information Risk Specialist

at  Skipton Building Society

Hours:
35 hours per week
Salary: £44,000 - £49,000 pa dependent on experience
Closing Date:
Fri, 15 Mar 2024
A fantastic new opportunity has arisen within the Group Enterprise & Operational Risk Team for a Senior Information Risk Specialist.
This is an exciting time to join the team and work closely with the rest of the business and wider Group to continue to protect our customers. You will be responsible for providing second line risk oversight across IT, information security and operational resilience.
You will support the execution of our risk framework, cyber security and operational resilience roadmaps and challenging initiatives and projects.

Your key responsibilities:

• Work closely with the wider team to implement and oversee the operation of the Group Operational Risk Framework for information risk across the Group.
• Challenge that information risks (including security, resilience and IT risks) are clearly articulated, mitigated and managed.
• Provide SME information risk view and challenge when supporting change initiatives and projects.
• Produce analysis and reporting of the internal and external risk and control environment ensuring timely identification of themes and emerging trends and issues.
• Perform thematic reviews across the group including reporting to senior management.
• Deliver high quality reporting for relevant stakeholders, committees and Board as required.
• Support delivery of risk and control reviews against emerging themes.
• Support information risk training and awareness activity as required and support the embedding of a strong risk framework and culture.

The key competencies for this role are:

Skills

• Proficiency in data analysis, including the ability to collate and interpret large volumes of complex data and present this clearly and concisely to a range of stakeholders.
• Ability to understand technical and business concepts.
• Ability to understand and articulate IT risk and effective controls.
• Relevant (academic or professional) risk, IT or security qualifications (for example, CISA, CISM, CISSP)

Knowledge

• Knowledge of the underlying IT / business technologies and practices used to manage, operate and secure information, systems and networks.

Experience

• Delivering committee pack papers, reports and policy and framework documentation.

What’s in it for you
Skipton values work/life balance and we are proud to support hybrid and flexible working, where possible. We have a newly refurbished head office which offers a vibrant and collaborative working space.

We have a range of other benefits available to you including;

• Annual discretionary bonus scheme
• 25 days standard annual leave + bank holidays + rising 1 day per year of service to a maximum of 30 days
• Holiday trading scheme allowing the ability to buy and sell additional annual leave days
• Matching employer pension contribution (up to 10% per annum)
• A commitment to training and development
• Private medical insurance for all our colleagues

• Work closely with the wider team to implement and oversee the operation of the Group Operational Risk Framework for information risk across the Group.
• Challenge that information risks (including security, resilience and IT risks) are clearly articulated, mitigated and managed.
• Provide SME information risk view and challenge when supporting change initiatives and projects.
• Produce analysis and reporting of the internal and external risk and control environment ensuring timely identification of themes and emerging trends and issues.
• Perform thematic reviews across the group including reporting to senior management.
• Deliver high quality reporting for relevant stakeholders, committees and Board as required.
• Support delivery of risk and control reviews against emerging themes.
• Support information risk training and awareness activity as required and support the embedding of a strong risk framework and culture