Collinson is a global company dedicated to helping the world travel with ease and confidence. We are seeking an IT Risk Manager to join our team, responsible for ensuring IT and data risks are assessed, managed, and mitigated in line with regulatory requirements and best practice. The role will provide guidance and expertise on First Line of Defence (FLOD) activities for technology and data, ensuring compliance with regulatory, industry, and best practice standards.
Requirements
- Provide guidance and expertise on FLOD activities for technology and data, ensuring compliance with regulatory, industry, and best practice standards.
- Act as the primary contact for IT risk matters, supporting the Head of Engineering in maintaining adherence to IT General Controls, FCA/PRA guidelines, MFSA requirements, DORA, and related regulations.
- Coordinate with internal and external second and third line of defence functions, and on the compliance teams across the enterprise.
- FLOD Accountability: Own all FLOD activities, processes, and improvements for technology and data assets, collaborating with relevant stakeholders.
- Control Design & Assurance: Ensure internal controls for IT and data risks are designed, implemented, and maintained. Provide assurance of control effectiveness through indicators and reviews.
- Reporting: Deliver regular updates on IT and data control health to committees, boards, and relevant third parties.
- Education & Consultation: Advise on best practice control design and risk management across technology, product, and service teams.
- Risk Assessment: Conduct focused risk assessments for new and existing services and technologies.
- Agile Engagement: Participate in planning and design sessions, helping prioritise IT, security, and data risk items.
- Policy & Control Implementation: Identify and implement appropriate controls, maintain draft policies, and improve risk posture through remediation and mitigation strategies.
- Collaboration: Work closely with Group CISO, Insurance and Group Risk & Compliance, and Internal Audit teams.
- Continuous Improvement: Stay updated on regulatory and industry changes, mature the IT and data risk framework, and pursue recognised accreditations.
- Incident Management: Ensure robust security and data incident practices, lead resolution of priority incidents (P1/P2), and coordinate with internal and external stakeholders
Benefits
- Generous Paid Time Off
- 401k Matching
- Retirement Plan
- Visa Sponsorship
- Four Day Work Week
- Generous Parental Leave
- Tuition Reimbursement
- Relocation Assistance
