Information Security & Cyber Risk Senior Manager

Job Type:  Permanent  

Location: This role could be based in either our London, Birmingham, Telford or Edinburgh offices with time spent working in the office and at home. 

Flexible working: All of our roles are open to part-time, job-share and other types of flexibility. We will discuss what is important to you and balancing this with business requirements during the recruitment process. You can read more about Phoenix Flex here. 

Closing Date: 30.5.25 

Salary and benefits: Up to £90,000 dependant upon experience, plus bonus potential, private medical cover, 38 days annual leave, excellent pension, 12x salary life assurance, career breaks, income protection, 3x volunteering days and much more. 

Who are we?

We want to be the best place that any of our 6,600 colleagues have ever worked.

We’re the UK’s largest long-term savings and retirement business. We offer a range of products across our market-leading brands, Standard Life, SunLife, Phoenix Life and ReAssure. Around 1 in 5 people in the UK has a pension with us. We’re a FTSE 100 organisation that is tackling key issues such as transitioning our portfolio to net zero by 2050, and we’re not done yet.

What are we looking for? 

We’re looking for a Senior Manager – Information Security & Cyber Risk to join us. You’ll play a key role in overseeing how Phoenix manages the rapidly evolving landscape of cyber threats, information security risks and digital resilience—helping the business move forward with confidence. You’ll also be Supporting the implementation and oversight of the Group’s Risk Management Framework and the effectiveness of risk management and compliance across the Group and promoting the effectiveness of the Group’s management of risk externally.  

 You’ll lead the oversight of information security and cyber risk across the Group—working closely with our Group CISO, IT leadership, and risk teams to challenge, advise, and support the business in making secure decisions. 

You’ll be instrumental in ensuring that Phoenix’s systems, data and critical services are protected from both current and emerging threats, while supporting the development of a strong security culture and risk-aware mindset across the organisation. 

You’re a confident and experienced information security risk leader—someone who’s just as comfortable engaging with CISOs and tech teams as you are with ExCo and Boards. You understand the fast-moving cyber environment, and you know how to make risk meaningful and business-relevant. 

Key responsibilities 

Providing independent second-line oversight of information security, cyber, and digital risk 

Advising on the effectiveness of security strategies, controls and incident response processes 

Supporting the embedding of cyber resilience in line with regulatory expectations (e.g. DORA, NIS2, FCA/BoE guidance) 

Challenging major technology and transformation programmes through a security risk lens 

Leading thematic reviews and providing risk opinions to senior committees 

Translating technical risk insights into clear, actionable advice for business stakeholders 

Monitoring emerging threats, trends and regulatory developments across the cyber landscape 

Promoting a strong information security culture across all levels of the organisation 

 Essential 

Proven track record for building strong relationships and influence with senior stakeholders across business areas and working across boundaries. Including at C suite and their direct reports level.  

Proven strategic thinker and creative problem solver with the ability to analyse and synthesise sophisticated issues and identify common themes and commercial solutions. 

Deep specialism in Cyber Risk & Information Security. 

Ability to operate independently across complex, concurrent risk activities. 

Ability to navigate ambiguous situations, drive decision making, manage change, and learn quickly in a multifaceted business environment. 

Strong communicator, who understands others’ perspective and sensitivities surrounding different issues and adapts language, tone, style and content of communications to suit a broad range of audiences, including the Board and Regulators. 

We want to hire the whole version of you. 

We are committed to ensuring that everyone feels accepted and welcome applicants from all backgrounds. If your experience looks different from what we’ve advertised and you believe that you can bring value to the role, we’d love to hear from you.  

 If you require any adjustments to the recruitment process, please let us know so we can help you to be at your best.  

Please note that we reserve the right to remove adverts earlier than the advertised closing date. We encourage you to apply at the earliest opportunity. 

Find out more about #LifeAtPhoenix  

Guide for Candidates: thephoenixgroup.pagetiger.com/guideforcandidates  

Find or get answers from our colleagues: www.thephoenixgroup.com/careers/talk-to-us  

#LI-TT2

#LI-HYBRID

#LI-REMOTE