OverviewJob Type: IT Risk Manager, Permanent, Technology, Resilience & Cyber Specialist Band 1, UKLocation: Hybrid – based in Edinburgh, London or Birmingham. Time spent weekly in both office and home. Office days vary by business need.Flexible working: All roles open to part-time, job-share and other flexibility. Details discussed during recruitment. Read more about Phoenix Flex here.Closing Date: 10.10.2025Salary and benefits: Up to £70,000 depending on experience, with 16-32% bonus potential, private medical cover, 38 days annual leave, pension, 12x salary life assurance, career breaks, income protection, 3x volunteering days and more.Who we are: Phoenix Group is a long-term savings and retirement business with brands including Standard Life, SunLife, Phoenix Life and ReAssure. We are FTSE 100 and focused on transitioning our portfolio to net zero by 2050.The roleNon-Financial Risk is part of Group Risk. The Technology, Resilience & Cyber Risk Manager will join the IT/IS/Resilience and Supplier Risk Oversight Team as a Second Line SME. You will advise, oversee and challenge Line 1 on design and operation of Technology, Resilience, Cyber and AI standards, risks and controls.You will lead and support a rolling programme of Thematic and Risk-based reviews, shaping scope, conducting fieldwork, validating findings and delivering clear recommendations to Line 1 via written reports.Key AccountabilitiesProvide ongoing oversight and challenge to Line 1 led Technology, Resilience, Cyber and AI risk and control managementAnalyse risk indicators and reporting to determine where Line 2 effort should focus; develop formal Line 2 opinions on Technology, Resilience & AI mattersProvide insight and challenge within assigned monthly ForumsLead Line 2 led Thematic/Risk Reviews across Planning/Terms of Reference, Fieldwork, Findings Validation and ReportingProvide oversight on material projects and programmesOversee Line 1 activity to ensure adherence to the Group’s Risk Management FrameworkSupport the broader team with Line 2 activity related to Information/Cyber Security, Operational Resilience and Third-Party ManagementDevelop and build relationships with Line 1 and Line 3 stakeholdersWhat are we looking for?Essential: Proven experience managing Technology, Cyber and Resilience Risk (including third‑party oversight) in a second or third-line capacity within a highly regulated UK industry such as Financial ServicesEssential: Strong stakeholder, relationship management and influencing skills; able to produce clear, insightful written reports and remain calm during challenging risk discussionsPreferred: Professional qualification in IT, Cyber, Resilience or Third Party risk management (e.g., IRM, BCS, ISACA, ISC2)Preferred: Knowledge of Artificial Intelligence (AI) and its risk implicationsPreferred: Knowledge of cloud computing, shared responsibility models and common risksPreferred: Experience in IT for large UK corporations with a solid baseline understanding of IT Risk Management and resilience control frameworksWe are committed to welcoming applicants from all backgrounds. If your experience differs from the advertised role, we’d love to hear from you. If you require adjustments to the recruitment process, please let us know so we can help you perform at your best.Note: We reserve the right to remove adverts earlier than the closing date. Apply at the earliest opportunity.Find out moreGuide for Candidates: thephoenixgroup.pagetiger.com/guideforcandidatesTalk to us: www.thephoenixgroup.com/careers/talk-to-usSeniority level: Mid-Senior levelEmployment type: Part-timeJob function: Information Technology #J-18808-Ljbffr