Information Risk Manager

Description

AXA - Global Healthcare are seeking a pivotal senior Risk Management professional to join our team as a key information risk lead. Reporting to the Head of Operational Risk & Internal Control, you'll provide oversight and challenge of information risks to ensure first-line management identifies, assesses and mitigates them in line with AXA Group policies and standards. Bringing deep subject-matter expertise in information security, technology, data, third-party risk and operational resilience, you will help safeguard our information assets and support resilient, customer-focused services.

At AXA we work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team and our customers. You'll work at least two days a week (40%) away from home, moving to three days a week (60%) in the future. Away from home means either attendance at one of our office locations, visiting clients or attending industry events.

We're also happy to consider flexible working arrangements, which you can discuss with Talent Acquisition.

What you'll be doing:

• Develop, implement and embed AXA Health's information and technology risk framework, aligned with Group Risk Management and regulatory requirements.
• Develop and maintain the information risk appetite framework, including qualitative statements and quantitative KPIs for operational and information risks.
• Provide 2nd line oversight and challenge to the 1st line on security, technology and data risk initiatives, ensuring robust risk identification, assessment, mitigation and governance reporting.
• Lead 2nd line delivery and challenge of key IT projects, ensuring the 1st line has robust project risk management methodologies and governance reporting.
• Plan and deliver a risk-based information risk oversight programme with high-quality fieldwork and timely, well-written reports.
• Provide 2nd line opinions on 1st line information risk management in line with AXA Group standards; support audit, risk and compliance reporting and governance forums.
• Ensure regulatory projects (Operational Resilience UK, DORA EU) are delivered on scope, on time, on budget and to required quality; review 1st line MI to ensure actions are taken.
• Develop and deliver information risk management training; maintain relationships with Risk, Compliance and Internal Audit SMEs and AXA Group; contribute to internal control framework testing and strategic risk planning.
Due to the number of applications we expect to receive for this role, we reserve the right to close this advert earlier than the listed closing date to ensure we're able to effectively manage interest. Therefore, if you're interested in joining us at AXA, please don't hesitate to apply.

We know that some candidates may be discouraged from applying if they don't meet every requirement. If you're excited by this job and the prospect of working at AXA but you're not sure you tick every box, we'd still encourage you to apply.

What you'll bring:

• Essential: Risk/Audit experience in a regulated environment and a degree in computer science, information systems, or a related field.
• Experience delivering resilience-based regulatory programmes, such as Operational Resilience (UK), with preferred experience in DORA (EU).
• Industry qualifications preferred: CISP, CISA, CISM, or other recognized information security certifications.
• Thorough knowledge of information and technology risks in financial services, with emphasis on security and operational resilience.
• Expertise in Technology Risk Frameworks (e.g., COBIT, ISF, ISO27001) and strong understanding of IT systems, processes and controls.
• Experience developing risk assessments, prioritising risk and control testing, and conducting internal control testing.
• Excellent report writing, analytical, organisational and influencing skills; strong stakeholder management and credibility to challenge at all levels, including executives.
• Ability to work effectively in a matrix organisation; understanding of Solvency II risk environment and key risk issues is desirable.
As a precondition of employment for this role, you must be eligible and authorised to work in the United Kingdom.

What we offer:

At AXA Global Healthcare, we're appreciative of the people who work for us and our rewards package is reviewed regularly to reflect that. You can expect to receive:

• Competitive annual salary of up to £97,000
• Annual company & performance-based bonus
• Contributory pension scheme (up to 12% employer contributions)
• Life Assurance (up to 10 x annual salary)
• Private medical cover
• 28 days annual leave plus Bank Holidays
• Opportunity to buy up to 5 extra days leave or sell up to 5 days leave
• Wellbeing services & resources
• AXA employee discounts
To apply, click on the 'apply for this job' button, you'll then need to log in or create a profile to submit your CV. We're proud to be an Equal Opportunities Employer and don't discriminate against employees or potential employees based on protected characteristics. If you have a long-term condition or disability and require adjustments during the application or interview process, we're proud to offer access to the AXA Accessibility Concierge. For our support, please send an email to ruth.tennant@axa-uk.co.uk.

#LI-Hybrid

Who we are:

Proud to be part of the AXA Group, AXA - Global Healthcare specialise in supporting the healthcare needs of globally mobile citizens, around the world. From a routine medical check up to a lengthy hospital stay, individuals and businesses have relied on the global support and protection we offer, for more than 55 years. Today, we support members living in more than 200 countries from our global hubs in the UK, Europe, Asia, India, USA and Middle East.