Overview
Job Type: IT Risk Manager, Permanent, Technology, Resilience & Cyber Specialist Band 1, UK
Location: Hybrid – based in Edinburgh, London or Birmingham. Time spent weekly in both office and home. Office days vary by business need.
Flexible working: All roles open to part-time, job-share and other flexibility. Details discussed during recruitment. Read more about Phoenix Flex here.
Closing Date: 10.10.2025
Salary and benefits: Up to £70,000 depending on experience, with 16-32% bonus potential, private medical cover, 38 days annual leave, pension, 12x salary life assurance, career breaks, income protection, 3x volunteering days and more.
Who we are: Phoenix Group is a long-term savings and retirement business with brands including Standard Life, SunLife, Phoenix Life and ReAssure. We are FTSE 100 and focused on transitioning our portfolio to net zero by 2050.
The role
Non-Financial Risk is part of Group Risk. The Technology, Resilience & Cyber Risk Manager will join the IT/IS/Resilience and Supplier Risk Oversight Team as a Second Line SME. You will advise, oversee and challenge Line 1 on design and operation of Technology, Resilience, Cyber and AI standards, risks and controls.
You will lead and support a rolling programme of Thematic and Risk-based reviews, shaping scope, conducting fieldwork, validating findings and delivering clear recommendations to Line 1 via written reports.
Key Accountabilities
* Provide ongoing oversight and challenge to Line 1 led Technology, Resilience, Cyber and AI risk and control management
* Analyse risk indicators and reporting to determine where Line 2 effort should focus; develop formal Line 2 opinions on Technology, Resilience & AI matters
* Provide insight and challenge within assigned monthly Forums
* Lead Line 2 led Thematic/Risk Reviews across Planning/Terms of Reference, Fieldwork, Findings Validation and Reporting
* Provide oversight on material projects and programmes
* Oversee Line 1 activity to ensure adherence to the Group’s Risk Management Framework
* Support the broader team with Line 2 activity related to Information/Cyber Security, Operational Resilience and Third-Party Management
* Develop and build relationships with Line 1 and Line 3 stakeholders
What are we looking for?
* Essential: Proven experience managing Technology, Cyber and Resilience Risk (including third‑party oversight) in a second or third-line capacity within a highly regulated UK industry such as Financial Services
* Essential: Strong stakeholder, relationship management and influencing skills; able to produce clear, insightful written reports and remain calm during challenging risk discussions
* Preferred: Professional qualification in IT, Cyber, Resilience or Third Party risk management (e.g., IRM, BCS, ISACA, ISC2)
* Preferred: Knowledge of Artificial Intelligence (AI) and its risk implications
* Preferred: Knowledge of cloud computing, shared responsibility models and common risks
* Preferred: Experience in IT for large UK corporations with a solid baseline understanding of IT Risk Management and resilience control frameworks
We are committed to welcoming applicants from all backgrounds. If your experience differs from the advertised role, we’d love to hear from you. If you require adjustments to the recruitment process, please let us know so we can help you perform at your best.
Note: We reserve the right to remove adverts earlier than the closing date. Apply at the earliest opportunity.
Find out more
* Guide for Candidates: thephoenixgroup.pagetiger.com/guideforcandidates
* Talk to us: www.thephoenixgroup.com/careers/talk-to-us
Seniority level: Mid-Senior level
Employment type: Part-time
Job function: Information Technology
#J-18808-Ljbffr