Job Specifications
We're looking for an IT Risk & Compliance Manager to identify, assess, and mitigate risks across information systems and applications. This role will ensure strong IT governance, compliance with regulatory and industry standards, and the continuous improvement of risk management and assurance practices.
Key Responsibilities
Information Risk Management
Identify, assess, and manage IT risks across areas such as data protection, secure-by-design, project and lifecycle management, applications, infrastructure, and networks.
Own and maintain the IT risk register, ensuring clear mitigation and treatment plans.
Establish or align to risk management frameworks, monitor key risk indicators, and drive corrective actions.
Ensure alignment with relevant industry standards, policies, and regulations.
Provide expert guidance to stakeholders on IT risk, governance, and compliance throughout the change lifecycle.
Lead risk awareness training, workshops, and communications to promote a strong risk culture.
IT Audit & Assurance
Act as the primary contact for IT audits and assurance activities.
Scope and coordinate IT audits, manage fieldwork, and oversee responses to findings.
Track, report, and follow up on audit actions to ensure timely and effective remediation.
Skills & Experience
Significant experience in IT risk management, security governance, audit, and compliance roles.
Strong knowledge of frameworks and standards such as ISO 27001/2, NIST, COBIT, CIS Controls, GDPR, and PCI-DSS.
Experience leading IT risk and compliance assessments and developing policies, processes, and procedures.
Good understanding of security risk management, vulnerability management, and modern IT and cyber security practices.
Strong communication and stakeholder management skills, with the ability to influence at all levels.
Broad technical exposure to IT applications, infrastructure, and systems delivery and support.
Background spanning multiple industries is highly desirable.
Qualifications
Degree in IT, Computer Science, Engineering, Information Security, or equivalent.
Relevant professional certification in IT risk, security, or governance (eg ISO 27001, NIST, COBIT)
Hybrid working available.
Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com/gb/en/privacy-notice.
About the Company
Robert Half, the world’s first and largest specialized talent solutions firm, connects opportunities at great companies with highly skilled job seekers. We offer contract, temporary and permanent placement solutions for roles in finance and accounting, technology, marketing and creative, legal, and administrative and customer support. Named to Fortune’s World’s Most Admired Companies and 100 Best Companies to Work For® lists and a Forbes Best Employer for Diversity, Robert Half is the parent company of Protiviti®. Robert Ha...
Know more