National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

First Line Security Risk Manager

CFC
London
1 week ago
Applications closed

Related Jobs

View all jobs

IT & Cyber Security Risk Manager

IT & Cyber Security Risk Manager

Third Party Risk Management Specialist

Security Operations Manager

Technical IT Manager

Hr Advisor

Join to apply for the First Line Security Risk Manager role at CFC
4 days ago Be among the first 25 applicants
Join to apply for the First Line Security Risk Manager role at CFC
We are seeking a proactive and experienced First Line Security Risk Manager to lead the implementation and management of information security risk practices across our organisation. In this role, you will be the first line of defense for security risk management and play a critical part in ensuring security governance, policy compliance, and operational risk ownership across business functions.
You will report directly to the Group CISO and work closely with business units, IT, compliance, and audit to ensure security risks are effectively identified, assessed, documented, and mitigated in line with our overall risk appetite.
About the role
The ideal manager for this position will lead and maintain the first line Information Security Risk Management function. Additionally, this person will be responsible for:
Conducting and documenting security risk assessments across systems, projects, and processes.
Owning and managing the Group security risk register, ensuring timely updates, mitigation tracking, and escalation where required.
Working closely with the 2nd line to manage security risks across the group.
Supporting the Group CISO in risk reporting to executive stakeholders.
Managing the exception to security policy process, including risk-based reviews, documentation, approvals, and renewals.
Liaising with business stakeholders to assess and document residual risk where security standards cannot be met
Supporting the creation, maintenance, and review of security policies and procedures to ensure alignment with regulatory, industry, and business requirements.
Mapping security policies to procedures and controls to ensure clear operational accountability.
Facilitating awareness and compliance of security policies across business units
And many other security-related activities!
About you
The ideal candidate for this position will have:
Hands-on experience managing risk assessments, policy exceptions, and governance processes.
Proven experience (minimum 5+ years) in security risk management, essential that this is within financial services or a regulated industry.
Strong understanding of information security principles, standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., NYDFS, GDPR).
Experience with risk and control frameworks (e.g., IRAM2, FAIR, COBIT) essential.
Working knowledge of global regulations: GDPR, DORA, APRA CPS 234, CCPA, etc.
Strong familiarity with UK and international regulatory frameworks in the US, Europe and Australia.
Adept at translating complex regulatory or technical requirements into practical business-aligned risk management principles.
Collaborative, adaptable, and capable of operating across time zones and cultures.
Comfortable working with audit and compliance stakeholders during assessments, certifications, or investigations.
Seniority level Seniority level Mid-Senior level
Employment type Employment type Full-time
Job function Job function Information Technology
Industries Insurance and Computer and Network Security
Referrals increase your chances of interviewing at CFC by 2x
Get notified about new Security Risk Manager jobs in London Area, United Kingdom .
Greater London, England, United Kingdom £65,000.00-£70,000.00 10 hours ago
Governance, Risk and Compliance (GRC) Manager London, England, United Kingdom 3 weeks ago
London, England, United Kingdom 1 month ago
London Area, United Kingdom £90,000.00-£110,000.00 7 hours ago
Croydon, England, United Kingdom 4 days ago
London, England, United Kingdom 6 days ago
Greatstone-On-Sea, England, United Kingdom £29,994.00-£29,994.00 3 weeks ago
Croydon, England, United Kingdom 2 weeks ago
Canterbury, England, United Kingdom 2 weeks ago
London, England, United Kingdom 1 week ago
Manager, Security Governance Risk and Compliance (GRC) Defence Digital - Cyber Security Lead Advisor London, England, United Kingdom 1 day ago
Senior Strategy Risk Manager , Worldwide Operations Security London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 2 months ago
Operational Information Security Officer London, England, United Kingdom 1 month ago
London, England, United Kingdom 5 days ago
Operational Risk Manager (IT and Cyber Security - 6 months FTC) London, England, United Kingdom 1 week ago
Security Manager - One Hyde Park Residences London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 1 day ago
Business Information Security Officer, Europe London, England, United Kingdom 5 days ago
Director of Digital and Information Security London, England, United Kingdom 3 days ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 week ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

How to Find Hidden Cyber Security Jobs in the UK Using Professional Bodies like BCS, CIISec & More

The demand for skilled cyber security professionals in the UK has never been higher. With threats increasing in sophistication and frequency, organisations are urgently hiring ethical hackers, threat analysts, GRC specialists, and security architects. But many of the most valuable roles—particularly in government, defence, and critical infrastructure—are never publicly advertised. Instead, these jobs are shared behind the scenes through trusted networks, private communities, and professional bodies. In this article, we explore how to uncover hidden cyber security jobs in the UK using organisations like the BCS (The Chartered Institute for IT), CIISec (The Chartered Institute of Information Security), ISACA, and ISC² UK Chapter. We’ll show you how to use membership directories, special interest groups, CPD events and informal networks to gain early access to roles most people never see.

How to Get a Better Cyber Security Job After a Lay-Off or Redundancy

Redundancy is never easy—especially in a fast-moving field like cyber security, where your skills and experience are constantly evolving. But if you’ve recently been made redundant from a cyber security role, know this: the UK cyber workforce remains in high demand, and your expertise is more valuable than ever. Whether you’re a SOC analyst, penetration tester, incident responder, security architect or GRC specialist, there are still thousands of opportunities across sectors including finance, defence, government, retail, and critical infrastructure. This guide will help you turn redundancy into a career relaunch, with a clear action plan tailored to the UK cyber security job market.

Cyber Security Jobs Salary Calculator 2025: Check Your Market Value in Seconds

Why yesterday’s pay survey no longer protects you. “Could I earn more at a managed SOC?” “Is that fintech’s offer really competitive?” Every UK cyber‑security professional asks some version of those questions—usually after another colleague lands a pay rise, a recruiter sends a tempting JD, or a fresh breach makes headline news. Yet salary guides published even last year feel as out‑of‑date as a forgotten antivirus signature. Since 2024, ransomware gangs switched to double‑extortion, deepfake phishing exploded, & the EU’s NIS2/DORA regulations bled into UK contracts despite Brexit. With each shift, salary bands move. To cut through stale averages, CybersecurityJobs.tech distilled a three‑factor formula that lets you estimate a realistic 2025 salary in under a minute. Feed in your role, your UK region, & your seniority level. The output arms you with data‑driven leverage for your next appraisal, job application, or freelance rate card. This article explains the formula, reveals the forces pushing cyber pay ever higher, & outlines five practical moves to boost your market value within ninety days.