Cyber & Data Risk Lead - Financial Services
Cyber & Data Risk Lead - Financial Services
c 60,000- 80,000 (DOE) + Performance Bonus
East Midlands
A high-growth privately owned financial services organisation is seeking to appoint a Cyber & Data Risk Lead to take ownership of its data governance framework, security control environment, and third-party data risk oversight.
This is a senior and highly visible role, operating at the intersection of Technology, Risk, Compliance, and Commercial decision-making. The successful candidate will play a pivotal part in ensuring that sensitive customer, partner, and business data is protected, well-governed, and used responsibly in line with regulatory expectations and banking-grade control standards.
The Opportunity
This appointment offers genuine ownership rather than incremental responsibility. The Cyber & Data Risk Lead will act as the organisation's subject matter authority on data governance and data security controls, shaping the frameworks, standards, and practical safeguards that underpin the safe management of information across the business.
The environment is fast paced, commercially driven, and regulated. Data is a core asset, and the organisation is committed to strengthening its controls, improving governance maturity, and ensuring that cyber and data risks are effectively managed across internal platforms, customer datasets, and external suppliers.
Reporting at executive level, this role will suit an individual who is comfortable operating with autonomy, influencing senior stakeholders, and delivering pragmatic improvements rather than theoretical policy. It will particularly appeal to candidates with experience in banking or regulated finance environments where data governance underpins operational resilience, fraud prevention, and customer integrity.
Key Responsibilities
The Cyber & Data Risk Lead will be responsible for reviewing and continuously enhancing data security controls across systems, platforms, and third-party relationships. This will include ensuring that robust safeguards exist around access permissions, privileged controls, encryption, secure transmission, identity management, authentication, and retention standards.
You will take ownership of the organisation's data governance framework, maintaining clear policies, standards, and control mechanisms that align with UK GDPR, PECR, and broader regulatory expectations within financial services. The role will contribute directly to a banking-style control environment, supporting assurance over how sensitive customer and commercial data is governed and protected.
A key aspect of the position will be oversight of supplier and third-party data risk. This includes supporting the safe acquisition and use of external datasets, ensuring appropriate due diligence is completed, and confirming that contractual and operational protections are in place. This is particularly important where third-party data supports commercial activity, prospecting, or partner relationships.
You will provide structured reporting on data risk exposure, control effectiveness, and remediation progress to senior leadership, acting as a point of escalation where risks are not being addressed at the appropriate level.
The role also requires close collaboration across Technology, Compliance, Marketing, and Commercial teams, ensuring that data opportunity is balanced appropriately against regulatory obligations, cyber risk, and reputational exposure.
In addition, the Cyber & Data Risk Lead will support the organisation's wider approach to operational resilience and risk mitigation, including areas where strong data governance contributes to fraud prevention, financial crime controls, and customer trust.
Candidate Profile
This role requires a pragmatic implementer with strong experience in data governance, data security, and information risk management. It is not a purely advisory or policy-writing position. The organisation is seeking someone who has delivered real-world improvements to security posture and governance controls, and who can take ownership of embedding those changes across a regulated business.
You are likely to bring at least five to ten years' experience in roles focused on data governance, information security, cyber risk, or data control implementation, ideally gained within financial services, banking, lending, fintech, insurance, or another compliance-driven sector.
You will have a strong understanding of the data lifecycle, from collection and storage through to sharing, retention, and disposal, and you will be confident assessing practical cyber threats such as credential compromise, phishing, insider risk, and data exfiltration, ensuring that controls reflect real-world attack vectors.
Experience in supplier assurance, third-party risk assessment, and the procurement or evaluation of external data sources will be highly advantageous, particularly where commercial teams rely on prospecting or marketing datasets.
An appreciation of how strong data governance supports wider financial crime risk management, fraud controls, and customer integrity within regulated finance environments will be beneficial.
Relevant certifications such as CISSP, CISM, or ISO27001 credentials are advantageous but not essential. Practical delivery experience, stakeholder credibility, and the ability to drive remediation activity are prioritised.
Personal Attributes
The successful candidate will be calm under pressure, highly organised, and able to operate with clarity in complex environments. You will be confident challenging both technical and non-technical stakeholders when required, while maintaining a pragmatic, commercially aware approach.
You will enjoy working with autonomy, taking accountability for outcomes, and acting as a trusted senior voice on cyber and data risk across the business.
Why This Role?
This is an opportunity to take on a senior leadership position with genuine influence and executive visibility, within a growing financial services organisation where data governance and cyber risk management are strategic priorities.
The role offers a competitive salary, an uncapped performance-related bonus, and the chance to shape and strengthen an organisation's data security, governance maturity, and control environment over the coming years.
Apply confidentially by emailing your CV