Cyber Risk Manager

We are looking for a Cyber Risk Manager join our growing IT and Cyber Risk team (second line). If you have a technical background and recent risk management experience with the ability to translate technical concepts to everyday language, we would love to hear from you! A bit about the job: You will be responsible for identifying, assessing, and mitigating risks associated with the organization's information systems. This role requires a proactive approach to ensure the integrity, confidentiality, and availability of information systems in alignment with business objectives, security standards and regulatory requirements. You will lead efforts in developing and implementing risk management frameworks, strategies, and policies while ensuring compliance with relevant regulations. You will work closely with CISO, Infrastructure & Operations and Architecture communities, as well as business partners to understand risk exposure. Part of the role will be to:

• Conduct comprehensive risk assessments and assurance reviews on information assets, programmes, and technologies to evaluate the effectiveness of information security policies and standards.
• Monitor vulnerabilities and threats to the organization's information systems.
• Evaluate the potential impact of identified risks on business operations.
• Get involved in Cyber incident management plans and business continuity plans in response to security incidents.
  
  Experience in Information Security, with exposure and involvement in risk assessment/audit and with some technical, hands-on experience.
• Familiarity with risk assessment frameworks (e.g., NIST, ISO 31000, IRAM) is a plus.
• Professional and up-to-dated certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Risk & Information System Controls (CRISC) or Certified Information Security Auditor (CISA) are strongly preferred.
• Strong understanding of IT and Cyber technical principles and controls including networking, cryptography, identity and access management, Cloud deployment types and controls, SDLC, endpoint security, SIEM/SOC, vulnerability management, penetration testing/ethical hacking, ISO 27001.
• Outstanding communication and stakeholder management skills with the ability to challenge and influence decision making.
  
  What you'll get for this role:
Our purpose - with you today, for a better tomorrow - is a promise we make to our colleagues too. And one of the ways we live up to that promise is by investing in you. We have so much to offer when it comes to being an Aviva colleague.
• National salary: circa £80,000, London salary: circa £95,000 (depending on location, skills, experience, and qualifications)
• Bonus opportunity - 12% of annual salary Actual amount depends on your performance and Aviva's.
• Generous pension scheme - Aviva will contribute up to 14%, depending on what you put in.
• 29 days holiday plus bank holidays, and you can choose to buy or sell up to 5 days
• Make your money go further - Up to 40% discount on Aviva products, and other retailer discounts
• Up to £1,200 of free Aviva shares per year through our Matching Share Plan and share in the success of Aviva with our Save As You Earn scheme
• Brilliantly supportive policies including parental and carer's leave
• Flexible benefits to suit you, including sustainability options such as cycle to work
• Make a difference, be part of our
and use your 3 paid volunteering days to help others
• We take your wellbeing seriously with lots of support and tools
to learn more. Put a salary into this calculator to see what your total Aviva Reward could be. Aviva is for everyone: We're inclusive and - we want applications from all backgrounds and experiences. Excited but not sure you tick every box? Even if you don't, we would still encourage you to apply. We also consider all forms of flexible working, including part time and job shares. We flex locations, hours and working patterns to suit our customers, business, and you. Most of our people are smart working - spending around 50% of their time in our offices every week - combining the benefits of flexibility, with time together with colleagues. To find out more about working at Aviva take a look We interview every disabled applicant who meets the minimum criteria for the job. Once you've applied, please send us an email stating that you have a disclosed disability, and we'll interview you. We'd love it if you could submit your application online. If you require an alternative method of applying, please send an email to