We’re Kingfisher, a team made up of over 74,000 passionate people who bring Kingfisher and all our other brands (B&Q, Screwfix, Brico Depot, Castorama and Koçtaş) to life. Guided by our purpose “Better Homes. Better Lives. For Everyone.” We believe a better world starts with better homes, and we work every day to make that a reality. Join us and help shape the future of home improvement.
We have an exciting opportunity for a Senior IT & Security Risk Manager to join us on a 12‑month FTC. With the threat landscape ever‑changing and cyber security attacks increasing, this position will strengthen how Kingfisher manages technology and cyber risk across its multi‑jurisdictional organisation, helping to protect our customers, colleagues and operations. You will shape and embed a clear, effective IT and Security Risk Management Framework, giving leaders visibility of risk and supporting informed decision‑making, as well as helping to build and influence a strong, risk‑aware culture across teams, processes and technology.
We are open to basing this role out of either our Paddington or Southampton offices, with an expectation of 12 days a month in the office. If based out of Paddington, we would need flexibility to work out of the Southampton office at least once a week due to the majority of the Security and Tech teams being based there.
What's the job?
* Lead the development, implementation and ongoing improvement of the IT and Security Risk Management Framework across technology and cyber risk.
* Oversee risk identification, assessment and monitoring, ensuring potential risks are clearly understood and visible.
* Drive effective risk mitigation by shaping both strategic and tactical responses to reduce risk exposure.
* Partner with technology and business teams to develop and deliver corrective action plans for risk and compliance gaps.
* Maintain compliance and design effective controls in collaboration with IT compliance, supporting risk reduction.
* Develop and maintain clear reporting and dashboards to provide leadership with insight into risk posture and appetite.
* Promote and embed a positive, risk‑aware culture, influencing stakeholders and supporting governance forums and audit activities.
What You’ll Bring
* Strong experience in IT and security risk management and compliance, working in similar roles within a technology‑focused environment.
* Proven ability to design, implement and manage risk frameworks and mitigation programmes.
* Experience working across a range of technologies and delivery models, including cloud, networks and agile or product‑led environments.
* Confident communicator, able to explain complex technical risks clearly and influence a wide range of stakeholders.
* Knowledge of relevant regulatory and industry standards such as GDPR, NIST and PCI DSS.
How We Work
We believe in flexibility and balance. Our hybrid model blends home working for focus with time spent connecting and collaborating – whether in our offices or at offsite locations. On average, around 60% of your time will involve in‑person collaboration.
What We Offer
An inclusive environment where your potential is limited only by your imagination. We encourage new ideas, support experimentation, and strive to create a workplace where everyone can be their best self.
We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career.
Diversity & Inclusion
Our customers come from all walks of life – and so do we. We’re committed to ensuring all colleagues, future colleagues, and applicants are treated equally, regardless of age, gender, marital or civil partnership status, ethnicity, culture, religion, belief, political opinion, disability, gender identity, gender expression, or sexual orientation.
Interested? Great, apply now and help us to Power the Possible.
#J-18808-Ljbffr