Lead IT Risk and Controls Manager
Audit & Risk Recruitment are partnering with an instantly recognisable global brand to hire a Lead IT Risk and Controls Manager. This is a high-impact role where you'll shape and embed IT risk, audit, and compliance frameworks across an international technology landscape.
You'll act as a subject matter expert in IT Risk, Cyber controls (NIST, COBIT, ISO etc) and SOX, influencing senior stakeholders and driving a strong risk-aware culture across a complex, multi-entity business.
Overview:
* 3 days in office hybrid working policy
* £60,000-£75,000 plus 10-20% bonus DOE
* Unfortunately this role cannot provide visa sponsorship
Key Responsibilities
* Lead the design, implementation, and continuous improvement of the SOX IT General Controls (ITGC) framework
* Improve and develop the Risk and Control matrix, working with NIST, COBIT ISO and other information security GRC frameworks
* Drive the IT audit, risk, and compliance strategy across global technology functions
* Act as a trusted advisor to senior leadership, influencing strategic risk decisions
* Establish and embed a robust IT risk management framework aligned to business risk appetite
* Oversee third-party/vendor risk assurance, ensuring compliance with regulatory standards
* Support compliance with key frameworks and regulations including SOX and PCI-DSS
* Build strong relationships with internal/external audit teams and global stakeholders
* Develop and deliver SOX controls training and awareness programmes
* Ensure policies, standards, and controls are clearly defined, communicated, and adhered to
* Deliver regular reporting and insights to executive leadership and group stakeholders
Background:
* Experience in IT Audit, IT Controls, or IT Risk Management. Top 10 practice firm or FTSE 250 business background preferred
* Strong stakeholder management skills, with experience engaging senior leadership
* Experience working in a large, global organisation
* Knowledge of cyber risk frameworks (e.g., COBIT, NIST) and IT control environments
* Excellent communication and influencing skills
Desirable:
* Strong knowledge of SOX / IT General Controls (ITGC)
* Familiarity with frameworks such as ISO 27001, NIST, CIS, PCI-DSS
* Professional certifications such as CISA, CISSP, or CISM
* Background in IT audit, consulting, or advisory
About Audit & Risk Recruitment