Data Security Risk Manager

Job Title: Data Security Risk Manager

Contract Type: Permanent

Location: Edinburgh or Alderley Park

Working style: Hybrid 50% home/office based

Closing date: 10th October 2024

We are looking for Data Security Risk Manager to join our growing team in either Edinburgh or Alderley Park.

Our Group Risk & Compliance department is responsible for providing independent oversight and challenge over the first line’s identification, assessment, and management of all risks. The Technology & Resilience Risk team perform this role with a focus on Technology, Cyber, Change, Third-Party and Resilience risks.

About the role

With a focus on Data and Information Security Risk, you will:

• Advise the Board and senior management in relation to strategic planning and decision-making.
• Independently oversee and challenging the Group’s strategic and business risk profiles and risk appetite assessments.
• Provide a formal independent opinion in relation to significant risks.
• Monitor and report on Group-wide risk exposures compared to risk appetite.
• Conduct risk-based independent assurance.
• Facilitate risk management activity by supporting risk related communication and management information flows across the Group.
• Promote strong risk culture and behaviours across the Group such as communications, education, and training.

About you

• Relevant Professional Certifications such as, but not limited to, Certified Information Systems Security Professional (CISSP), Certified Data Privacy Solutions Engineer (CDPSE), Certified Data Management Professional (CDMP) and Certified in Risk and Information Systems Control (CRISC).
• Solid understanding of key legislative and regulatory requirements, e.g. General Data Protection Regulation (GDPR).
• Understanding of Information Risk Management processes to protect information assets, maintain regulatory compliance, meet operational resilience objectives, and deliver outcomes for customers, regulators and the business.
• Understanding and application of the 3 lines framework, risk management framework, control risk self-assessment process.
• Understanding of the RLG business vision, values and strategy, and the wider industry.

About Royal London

We’re the UK’s largest mutual life, pensions, and investment company, offering protection, long-term savings and asset management products and services.   

Our People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values; Empowered, Trustworthy, Collaborate, Achieve. 

We've always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme and private medical insurance. You can see all our benefits here - Our Benefits  

Inclusion, diversity and belonging 

We’re an Inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected – whatever their background.