Skipton Building Society
Information Risk Manager

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Hours
Permanent, full time role (35 hours per week) with hybrid and flexible working. You'll spend 3 days per week collaborating with colleagues at our Head Office in Skipton.
Closing Date
Wed, 22 Jul 2026
In a world of rapid technological change and evolving external threats
The Information Risk Lead plays a key role in keeping the Society secure, resilient and future ready. You will lead second line oversight of risk management activity across cyber, technology (including AI), data, change and operational resilience, ensuring robust protection while enabling innovation and progress. Through trusted assurance and insightful challenge, you will help safeguard the Society’s ability to operate safely, confidently and in line with regulatory expectations.
Skipton values work/life balance
We are proud to support hybrid and flexible working. For this opportunity, you'll spend 3 days per week collaborating with colleagues at our Head Office in Skipton.
Who Are We?
Not just another building society. Not just another job. We're the fourth biggest building society in the UK and what makes us a bit different is that we're a mutual organisation. We don't have shareholders; we're owned by our members. Our colleagues say Skipton's a great place to work, and you could be one of them, bringing with you new ideas on how we can keep customers at the heart of what we do. Whatever your background, and whatever your goals, we'll help you take the next step towards a better future.
What Will You Be Doing?
As a subject matter expert across information security, technology (including AI), data, change and operational resilience, you will provide independent second line oversight, challenge and assurance to ensure risks are effectively identified, assessed and managed. Key responsibilities include:
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
- Provide strong independent second line oversight and challenge of first line activities, including risk assessments, control testing and mitigation actions, ensuring effective framework implementation and escalation of key risks.
- Provide oversight, guidance and support to ensure risks are managed in line with the Group Risk Management Framework, Group Risk Policy Framework and Board Risk Appetite.
- Lead oversight and provide assurance across cyber and technology risk, AI and emerging technologies, data risk, operational resilience and strategic change, aligned to evolving industry practice and regulatory expectations.
- Deliver high quality, timely risk reporting and insight to senior committees, including thematic reviews and emerging risk identification.
- Support senior leadership in delivering annual Enterprise Risk objectives, while leading priority information risk initiatives.
- Oversee risk events, incidents and issues, including independent review of root cause analysis, timely escalation, and challenge of remediation effectiveness.
- Provide technical leadership and coaching to colleagues, supporting capability development and consistent application of the Group Risk Management Framework.
What Do We Need From You?
To be successful in this role, you’ll have:
- A recognised certification (e.g. CISA, CISM, CISSP, CRISC) or an equivalent qualification in risk, IT or information security.
- Strong technical experience in IT, information security, technology risk and resilience, including frameworks such as NIST and ISO 27001.
- Proven second line experience in risk oversight, assessment, control evaluation and embedding enterprise risk frameworks and risk appetite.
- Demonstrated leadership and delivery capability coordinating multiple workstreams and delivering initiatives.
- Strong analytical and strategic thinking skills, with the ability to interpret complex issues, identify emerging risks and translate these into actionable insights.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
What’s In It For You?
We have a newly refurbished head office which offers a vibrant and collaborative working space. We have a range of other benefits available to you including:
- Annual discretionary bonus scheme
- 25 days standard annual leave + bank holidays + rising 1 day per year of service to a maximum of 30 days
- Holiday trading scheme allowing the ability to buy and sell additional annual leave days
- Matching employer pension contribution (up to 10% per annum)
- Colleague mortgage (conditions apply)
- Salary sacrifice scheme for hybrid & electric car
- A commitment to training and development
- Private medical insurance for all our colleagues
- 3 paid volunteering days per annum
- Diverse and inclusive colleague networks available for you to join including our Carers and Pride Alliance groups
- We care about your health and wellbeing – we provide a range of benefits that support this including cycle to work initiative and discounted gym membership
Why?
It’s just the way we are. We care about sustainability and look to the long-term for both colleagues and customers. And we know that when we build better futures as individuals, we build better futures as a business.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location