Senior Cyber Security Risk Manager

Company: Al Rayan Bank
Apply for the Senior Cyber Security Risk Manager
Location: London
Job Description:

The Senior Cyber Security Risk Manager will sit within the 2nd Line of Defence Risk team and be responsible for providing independent advice, support, guidance, testing, reporting, and challenge to the bank’s information security activities and control environment.

Key Responsibilities

  • Manage and maintain cyber/IS policies, standards, and governance processes to set clear expectations for managing cyber/IS risks, in close liaison with 1st line teams to ensure alignment of expectations, deliverables and proportionate outcomes based upon a changing threat landscape.
  • Provide independent second‑line oversight and challenge to cyber/IS threats, exposures, risks and controls across infrastructure, cloud services, applications, digital banking services, and third‑party providers.
  • Review, support and challenge risk and control assessments, security exceptions, penetration testing outcomes, vulnerability management activities, and remediation plans.
  • Provide second‑line oversight over the management of cyber/IS incidents, including escalation and reporting internally and externally.
  • Provide cyber/IS risk input into existing risk governance, committee and reporting structures to ensure alignment with the bank’s Risk Management Framework and Risk Appetite Statement.
  • Coordinate and support assurance over cyber/IS risk, including execution of assurance reviews, commissioning of third‑party assurance reviews, and managing regulatory and audit engagements relating to cyber/IS risk.
  • Assist with cyber/IS maturity assessments and benchmarking activities (e.g., CQUEST maturity questionnaire).
  • Support security awareness and security culture initiatives across the organisation, including phishing tests, social engineering susceptibility and red team security tests.

AI Governance & Emerging Technology Risk

  • Review the use of Artificial Intelligence and Generative AI solutions across the organisation in collaboration with IT colleagues.
  • Support the establishment and enhancement of the bank’s AI governance and risk management framework.
  • Assess risks relating to AI adoption, such as data leakage, bias, explainability, model misuse, and third‑party AI dependencies.
  • Provide second‑line oversight and challenge regarding AI‑related controls, policies, and risk assessments.
  • Support alignment with emerging frameworks (e.g., NIST AI Risk Management Framework) and relevant regulatory guidance.

Qualifications & Experience

  • Relevant professional certifications such as CISM, CISSP, CRISC, or CISA.
  • Significant experience in cybersecurity risk or information security governance within financial services.
  • Knowledge of security accreditations and standards, including NIST, CIS, DPA, ISO 207001, Cyber Essentials Plus, and UK regulatory expectations from PRA and/or FCA.
  • Strong understanding of Second Line of Defence responsibilities and regulated banking environments.
  • Demonstrable experience in process improvement and implementation, including behavioural change.
  • Experience providing challenge and oversight to technology and security teams.
  • Ability to communicate effectively with senior stakeholders and non‑technical audiences.

Knowledge & Skills

  • Ability to build positive relationships with senior executives, cyber security SMEs and across the wider organisation to instil a cyber security culture.
  • Demonstrable SME level expertise in information security risk management processes, frameworks, and procedures within regulated Financial Services environments.
  • Knowledge of application, infrastructure and networking security controls and systems covering physical, procedural and IT technical areas.
  • Ability to understand complex technical systems or solutions and document them for non‑technical readers.
  • Ability to identify risks and provide pragmatic advice on mitigation using agreed risk management methodology.
  • Willingness and ability to collaborate with other Risk colleagues and the first line to align risk processes across a regulated or complex business.
  • Ability to build relationships and work collaboratively with IT and key third‑party security suppliers for effective process delivery and improvement.

Behavioural Competencies

  • Trusted to do the right thing – act with total integrity, put the customer first, and keep promises.
  • Empowered to own – embrace change, take responsibility, and ask for help when needed.
  • Able to deliver – draw on strengths, show resilience, and foster a no‑blame, no‑ego mindset.
  • Motivated to succeed – pursue growth opportunities, celebrate success, and maintain enthusiasm for the role.

Conduct

  • Act with integrity.
  • Act with due skill, care and diligence.
  • Be open and co‑operative with regulators.
  • Pay due regard to the interests of customers and colleagues and treat them fairly.
  • Observe proper standards of market conduct.
  • Act to deliver good outcomes for retail customers.

This is a fantastic opportunity to join our growing bank where you can make a significant impact and advance your career in a diverse, ethical environment.

Empowering your career, together we’ll deliver banking you can believe in.

#J-18808-Ljbffr…

Posted: July 7th, 2026