MERJE are partnering with an innovative platform in their search for a Technology Risk Manager.

This is a second-line risk role, focused on providing independent oversight, challenge, and assurance across cyber and information security. You’ll work closely with the business to ensure risks are effectively identified, assessed, and managed, while supporting innovation and delivery.

Key Responsibilities

• Own and develop cyber and information security policies and frameworks
• Support first-line teams in embedding and operationalising security controls
• Provide second-line oversight, challenge, and risk advice
• Conduct control testing and thematic risk reviews across the organisation
• Assess third-party and outsourcing security risk controls
• Oversee security incidents from a risk perspective, ensuring lessons learned
• Track security issues and remediation activities
• Review security implications of technology and change initiatives
• Contribute to operational resilience and data protection risk oversight
• Produce risk MI, reporting, and assurance outputs
• Support risk appetite and control maturity assessments

Experience & Knowledge

• Strong background in cyber / information security risk (2nd line preferred)
• Experience within financial services, payments, or regulated environments
• Knowledge of key frameworks such as ISO 27001, NIST, CIS
• Experience in control assurance, thematic reviews, and RCSAs
• Understanding of emerging security threats and risk landscape

Skills & Attributes

• Strong stakeholder management and influencing skills
• Highly organised with strong attention to detail
• Clear and confident communicator
• Pragmatic, delivery-focused approach
• Collaborative and able to build relationships across teams

Why Apply?

• Opportunity to shape cyber risk practices in a high-impact, national-scale environment
• Work in a collaborative, purpose-driven organisation
• Influence senior stakeholders and drive meaningful change
• Be part of a team focused on innovation, resilience, and security excellence

Applicants must be located and eligible to work in the UK without sponsorship.

Please note, should feedback not be received within 28 days, unfortunately your application has been unsuccessful. In applying for this role, you may be registered on our database so we can contact you about suitable opportunities in future. Your data will be managed in accordance with our Privacy Policy, which can be found on our website.

If you would like this job advertisement in an alternative format, please contact MERJE directly.