IT Risk Manager | Global Independent Investment Management Firm

[Up to c. £200k Comp Package | Hybrid Working]

Role Overview

We're supporting a globally recognised investment organisation that is expanding its technology governance and risk capabilities. The firm is seeking an IT Risk Manager to take ownership of how technology risk is identified, assessed, governed, and communicated across the enterprise. This is a hands-on, delivery-focused role that sits at the intersection of engineering, security, operational resilience, and regulatory compliance. You'll convert policy into practice, ensure risk management activities are evidence-driven and repeatable, and work closely with senior leaders to embed risk thinking into how services are designed, changed, and operated...

Key Responsibilities

  • Turn strategic risk direction into actionable assessments, measurable controls, and governance-ready reporting
  • Lead IT governance forums, ensuring risks, decisions, and follow-ups are accurately captured and executed
  • Operate and evolve the firm's Technology Risk Framework, ensuring alignment with enterprise risk appetite and regulatory expectations
  • Own the technology risk register, perform structured risk assessments, and work with senior stakeholders to manage remediation plans
  • Support periodic control testing and assurance reviews, embedding risk and control activities into projects, change processes, and BAU operations
  • Help implement and maintain data protection controls aligned to privacy regulations (e.g. GDPR/UK Data Protection Act), including inventories and records of processing
  • Map critical business services and technical dependencies, ensuring resilience objectives (RTO/RPO) reflect real operational needs
  • Contribute to the design, testing, and ongoing maintenance of business continuity and disaster recovery plans
  • Maintain IT policies, standards, and procedural documentation so they remain current, practical, and accessible
  • Track regulatory developments in technology risk, resilience, outsourcing, and data protection, recommending updates to internal frameworks where needed

What You'll Bring...

  • Strong technical grounding (6+ years) across security, infrastructure, cloud services, and software delivery practices
  • Familiarity with FCA expectations, DORA requirements, GDPR obligations, and how they translate into technology and third-party risk processes
  • Experience supporting control testing, assurance cycles, and remediation follow-through
  • Hands-on experience maintaining an IT risk register and running structured technology risk assessments
  • Exposure to incident response planning, resilience testing, and BCP/DR activities
  • Competence engaging with supplier oversight processes, including third-party due diligence and ongoing monitoring
  • Clear, confident communication skills with the ability to influence engineering, business, and leadership stakeholders in formal governance settings
  • Highly organised, able to manage parallel risk assessments, evidence cycles, and audit requests without losing momentum
  • (Preferred) Experience interfacing with internal/external auditors and producing structured evidence packs
  • (Preferred) Understanding of vendor contracts, SLAs, and how they contribute to technology risk posture

..

Apply Now
Apply Now

Job Details

Company
Techfellow Limited
Location
Slough, Berkshire, UK
Hybrid / Remote Options
Employment Type
Full-time
Posted