Logo of Huzzle

Senior IT Risk Manager



18d ago

  • Job
    Senior Level
  • IT & Cybersecurity
  • Norwich, +2
  • Quick Apply

AI generated summary

  • You must have a thorough understanding of operational risk management, Third- and Fourth-Party risk, IT & Security governance models, strong interpersonal and written communication skills, and the ability to influence all levels of business.
  • You will provide oversight and challenge to IT & Cyber risk and controls, lead risk and control debate at SLTs, develop strong relationships with risk owners, and support audit reviews to ensure a strong control environment.


  • Thorough understanding of effective operational risk management. Understanding of Third- and Fourth-Party risk management to support and drive forward ongoing improvements in our practices, operating models and systems
  • Awareness of IT & Security governance models and standards e.g. COBIT, ITIL, ISO27001
  • Excellent interpersonal skills with the ability to communicate effectively to both technical and non-technical audiences
  • Excellent written communication skills – the ability to collate and summarise information in plain English is key
  • Ability to adapt style and influence all levels of business, including senior management.


  • A great opportunity to provide 1st line support, oversight and challenge across our CIO markets and Group CIO functions. You will be part of the CIO Risk and Assurance team, leading review of the IT & Cyber risk and control environment to protect our customers and deliver our Risk Goals.
  • The successful applicant will:
  • Lead Market/Functional SME input, guidance and challenge to ensure Operational Risk and Control Management (ORCM) framework compliance, whilst building the understanding of IT/Cyber risk and controls
  • Lead risk and control debate (including reporting and forward view) at functional SLTs
  • Use insight, data and SME opinion to effectively challenge risk assessments, control positions, issue and action remediation, and risk events
  • Develop strong relationships with risk, control and issue owners to provide regular coaching on ORCM framework best practice to ensure consistency and correct application
  • Working with all three lines of defence to ensure effective management of issues and alignment on the strength of the control environment, including support to audit reviews in the functions


What qualifications are required for the Senior IT Risk Manager position?

A good understanding of IT/Cyber risk and supporting control frameworks is crucial for this role. Additionally, strong engagement, influencing, and networking skills are important for the success of the role.

What is the main responsibility of the Senior IT Risk Manager?

The main responsibility of the Senior IT Risk Manager is to work in a complex environment to resolve key issues related to IT/Cyber risk, while establishing relationships with senior stakeholders across the CIO teams.

What kind of experience is necessary for the Senior IT Risk Manager role?

We are looking for a career-driven and experienced individual to fill the Senior IT Risk Manager position. Experience in IT risk management and working with control frameworks is preferred.

What are the key skills needed for the Senior IT Risk Manager role?

The key skills needed for the Senior IT Risk Manager role include a good understanding of IT/Cyber risk and control frameworks, as well as strong engagement, influencing, and networking skills.

Founded Year

Mission & Purpose

Aviva is nothing without our people. Living up to our purpose to be with you today for a better tomorrow applies to those we work with just as much as it does to our customers. We want Aviva to be a place where people can be themselves, and we want our workforce to reflect the customers and communities we serve. This means offering market-leading benefits and challenging ourselves to do more to build a workplace – and society – that works for all. It takes you. It takes Aviva.