CFC

First-Line Security Risk Manager

CFC

full-time

Posted on:

Origin:  • 🇬🇧 United Kingdom

Visit company website
AI Apply
Manual Apply

Job Level

Mid-LevelSenior

About the role

  • We are seeking a proactive and experienced First Line Security Risk Manager to lead the implementation and management of information security risk practices across our organisation. In this role, you will be the first line of defense for security risk management and play a critical part in ensuring security governance, policy compliance, and operational risk ownership across business functions.
  • You will report directly to the Group CISO and work closely with business units, IT, compliance, and audit to ensure security risks are effectively identified, assessed, documented, and mitigated in line with our overall risk appetite.

Requirements

  • Hands-on experience managing risk assessments, policy exceptions, and governance processes.
  • Proven experience (minimum 5+ years) in security risk management, essential that this is within financial services or a regulated industry.
  • Strong understanding of information security principles, standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., NYDFS, GDPR).
  • Experience with risk and control frameworks (e.g., IRAM2, FAIR, COBIT) essential.
  • Working knowledge of global regulations: GDPR, DORA, APRA CPS 234, CCPA, etc.
  • Strong familiarity with UK and international regulatory frameworks in the US, Europe and Australia.
  • Adept at translating complex regulatory or technical requirements into practical business-aligned risk management principles.
  • Collaborative, adaptable, and capable of operating across time zones and cultures.
  • Comfortable working with audit and compliance stakeholders during assessments, certifications, or investigations.