Lead IT Risk and Controls Manager

Lead IT Risk and Controls Manager

Audit & Risk Recruitment are partnering with an instantly recognisable global brand to hire a Lead IT Risk and Controls Manager. This is a high-impact role where you’ll shape and embed IT risk, audit, and compliance frameworks across an international technology landscape.

You’ll act as a subject matter expert in IT Risk, Cyber controls (NIST, COBIT, ISO etc) and SOX, influencing senior stakeholders and driving a strong risk-aware culture across a complex, multi-entity business.

Overview:

  • 3 days in office hybrid working policy
  • £60,000-£75,000 plus 10-20% bonus DOE
  • Unfortunately this role cannot provide visa sponsorship

Key Responsibilities

  • Lead the design, implementation, and continuous improvement of the SOX IT General Controls (ITGC) framework
  • Improve and develop the Risk and Control matrix, working with NIST, COBIT ISO and other information security GRC frameworks
  • Drive the IT audit, risk, and compliance strategy across global technology functions
  • Act as a trusted advisor to senior leadership, influencing strategic risk decisions
  • Establish and embed a robust IT risk management framework aligned to business risk appetite
  • Oversee third-party/vendor risk assurance, ensuring compliance with regulatory standards
  • Support compliance with key frameworks and regulations including SOX and PCI-DSS
  • Build strong relationships with internal/external audit teams and global stakeholders
  • Develop and deliver SOX controls training and awareness programmes
  • Ensure policies, standards, and controls are clearly defined, communicated, and adhered to
  • Deliver regular reporting and insights to executive leadership and group stakeholders

Background:

  • Experience in IT Audit, IT Controls, or IT Risk Management. Top 10 practice firm or FTSE 250 business background preferred
  • Strong stakeholder management skills, with experience engaging senior leadership
  • Experience working in a large, global organisation
  • Knowledge of cyber risk frameworks (e.g., COBIT, NIST) and IT control environments
  • Excellent communication and influencing skills

Desirable:

  • Strong knowledge of SOX / IT General Controls (ITGC)
  • Familiarity with frameworks such as ISO 27001, NIST, CIS, PCI-DSS
  • Professional certifications such as CISA, CISSP, or CISM
  • Background in IT audit, consulting, or advisory

About Audit & Risk Recruitment

Apply Now
Apply Now

Job Details

Company
Audit & Risk Recruitment
Location
United Kingdom
Hybrid / Remote Options
Posted