35 hours per week
Hybrid workingClosing Date:Sat, 4 Jul 2026
Join us as a Technology Risk Lead and play a key role in securing our digital landscape ️
We are currently seeking a highly motivated and experienced Technology Risk Lead to join our team. This position is well-suited for professionals with a proven track record in leading the identification and mitigation of technology-related risks, as well as substantial experience in controls assurance. The ideal candidate will thrive in a dynamic, fast-paced environment and demonstrate exceptional analytical and problem-solving abilities. If you are committed to upholding digital integrity and driving effective risk management, we welcome your application.
Who Are We?
Not just another building society. Not just another job.
We're the fourth biggest building society in the UK and what makes us different is that we're a mutual organisation. We don't have shareholders; we're owned by our members.
Our colleagues say Skipton's a great place to work, and you could be one of them, bringing new ideas on how we can keep customers at the heart of what we do.
Whatever your background and goals, we'll help you take the next step towards a better future.
As the Technology Risk team, our primary focus is to manage and mitigate technology-related risks within the Society. We work closely with teams under the Technology Transformation and Resilience (TTR) function, including IT, Security, Operational Resilience, Change Delivery, Data Capability, and Engineering, as well as other teams across the Society like Operational Risk, Internal Audit, and Compliance amongst others. Our core role is to ensure the stability and security of our technology infrastructure. Additionally, we engage in various exciting initiatives such as enhancing cybersecurity measures, improving operational resilience, driving technological innovation, and supporting TTR during audits by improving the effectiveness of our controls.
What’s In It For You?
Skipton values work/life balance and we are proud to support hybrid and flexible working, where possible. We have a newly refurbished head office which offers a vibrant and collaborative working space.
We have a range of other benefits available to you including;
· Annual discretionary bonus scheme
· 25 days standard annual leave + bank holidays + rising 1 day per year of service to a maximum of 30 days
· Holiday trading scheme allowing the ability to buy and sell additional annual leave days
· Matching employer pension contribution (up to 10% per annum)
· Colleague mortgage (conditions apply)
· Salary sacrifice scheme for hybrid & electric car
· A commitment to training and development
· Private medical insurance for all our colleagues
· 3 paid volunteering days per annum
· Diverse and inclusive colleague networks available for you to join including our Carers and Pride Alliance groups
· We care about your health and wellbeing – we provide a range of benefits that support this including cycle to work initiative and discounted gym membership
What Will You Be Doing?
You will lead the implementation of risk management processes in alignment with the Group Risk Management Framework (GRMF). This includes managing Risk and Control Self-Assessments (RCSAs), conducting control assurance reviews, and analysing risks, issues, and policy non-compliances to ensure accurate risk profiling. You will also maintain a central repository of technology risks and controls, delivering reports to support informed decision-making.
In this role, you will collaborate with stakeholders to ensure effective operation of technology controls, identify areas for improvement, and ensure compliance with internal policies, industry standards, and regulatory requirements. You will also conduct periodic reviews to assess control maturity and support continuous improvement.
Additionally, you will support business continuity, disaster recovery, and audit activities, guiding stakeholders in providing appropriate evidence. You will lead relevant forums and produce regular reports and dashboards for Senior Management.
What Do We Need From You?
Strong report writing, communication, and stakeholder engagement skills are essential. You should have a foundational understanding of technology risk management and controls, making familiarity with IT frameworks like ISO 27001, PCI DSS, or NIST important. Experience in conducting risk assessments, audits, compliance activities, and producing MI reports is beneficial.
