WHO WE’RE LOOKING FOR

We are seeking an IT risk and security professional to join our team at Schroders with a few years’ experience. You will play a vital role in identifying, assessing, and managing technology risks, supporting Governance, Risk, and Compliance (GRC) activities in line with Group’s Technology Risk and Policy Framework. Using your strong technical expertise and relationship-building skills, you will advise on complex risk and security issues, ensure effective controls, and help maintain compliance with regulatory and industry standards. Your analytical approach and collaborative style will enhance the team and strengthen our overall risk posture. Moreover, candidates should demonstrate a forward-thinking mindset in order to contribute to the advancement of automation, leveraging tools like AI to streamline processes and enhance efficiency.

THE KNOWLEDGE, EXPERIENCE, AND QUALIFICATIONS YOU NEED

• Experience in technology risk or information security.
• Familiarity with external audit reports.
• Strong stakeholder engagement skills, building collaborative relationships across Information Security and Global Technology teams.
• Demonstrated tenacity in analysing and driving risk or gap remediation through to resolution.
• Knowledge of the NIST Cybersecurity Framework or ISO 27001.Excellent verbal and written communication, with strong analytical skills.

THE KNOWLEDGE, EXPERIENCE AND QUALIFICATIONS THAT WILL HELP

• Experience of working in an information security or tech risk discipline such as but not to limited to, SecOps, GRC, Access Management
• Understanding of information risk, particularly cyber threats along with a solid awareness of the technology regulatory landscape.
• Operational resilience is desirable, along with exposure to infrastructure and DevOps.
• A sound understanding of risk and a keen eye for effective dashboard design are also advantageous.
• Basic knowledge of automated risk reporting tools (such as SQL, Python, Bash) and real-time risk visibility dashboards is desirable.Prior industry experience within the financial services or insurance sector in an IT Risk Management or Security role.

Sitting within Information Security at Schroders Tech Risk is a dynamic team that provides guidance and constructive challenge to ensure the security and resilience of our systems and services. By joining us, you will be instrumental in developing and driving risk strategy across the estate with particular focus on IT vendor oversight and operational resilience.

• Build strong working relationships with auditors and key stakeholders, confidently managing complex technology risk issues.
• Identify, assess, and monitor technology risks; report and ensure compliance with firm standards, regulatory requirements, and industry best practices.
• Support the design, implementation, and evaluation of effective risk controls in collaboration with cross-functional teams; recommend and track improvements where needed.
• Analyse complex risk scenarios, provide guidance on mitigation strategies, and document key risks, controls, and action plans.
• Conduct and document risk and control assessments, threat modelling, and gap analyses; manage risk registers and oversee the remediation of control gaps and issues.
• Document, communicate, and escalate risks appropriately; deliver clear, tailored risk assessment reports and updates to leadership and stakeholders.
• Collaborate closely with compliance, legal, operational risk, audit, IT, and business stakeholders to understand requirements, manage risks, and maintain effective controls.
• Serve as a technical point of contact for clients, addressing their technology risk, security, and compliance concerns.
• Support and participate in regulatory and internal audits, ensuring findings are actioned and communicated effectively.

• Monitor metrics and management information to inform decision-making and report to senior leadership committees.Assist in supporting risk governance forums, preparing materials, and driving both audit and regulatory action closure