- Lead oversight of change projects and third-party engagements, ensuring high-risk items are escalated to risk committees.
- Own and manage PCI compliance, acting as the key liaison with external assessors and partners.
- Drive strategic risk management using GRC tools, shaping policies and frameworks to protect NFU Mutual.
- Hybrid working with 80% homeworking and 20% based in Stratford-upon-Avon.
About the role:
We’re pleased to share a brilliant opportunity within our Risk Division for an Information Security Risk Manager to drive the effective management and mitigation of information security risks across our organisation. This is a pivotal role that ensures compliance with regulatory requirements while safeguarding our business operations.
In this role, you'll take the lead in overseeing change projects and third-party engagements from a second-line perspective, ensuring that any high-risk elements are identified and clearly communicated to risk committees. This is a fantastic opportunity to influence strategic decisions and play a key role in shaping the NFU Mutual’s security posture.
Additional duties include:
- Manage the enterprise-wide Governance, Risk and Compliance (GRC) tool to identify trends and produce actionable insights.
- Define and maintain security policies and risk frameworks aligned with regulations and best practices.
- Define and maintain security control assessment frameworks for use across the business
- Provide expert advice and assurance on information security best practice (e.g., ISO 27001, NIST Cyber Security Framework, etc.)to senior stakeholders and data owners.
- Collaborate with cross-functional teams to ensure risks are integrated into procedures and change programmes.
About you:
As an Information Security Risk Manager, you'll thrive in a role that demands strong stakeholder engagement and relationship-building skills, enabling you to influence key decisions and drive meaningful change. You'll be empowered to take a proactive approach to risk management, continuously seeking opportunities for improvement while delivering impactful results. Your ability to make sound decisions and guide strategic initiatives will be crucial, as will your talent for inspiring confidence and collaboration across the business.
Technical skills required:
- Extensive experience in information, cyber, and technical IT security.
- Expert experience of IRM within a 2nd line cybersecurity assurance function.
- Expert understanding of cybersecurity risk frameworks and risk reporting.
- Strong knowledge of control frameworks, including ISF, ISO 27001:22, NIST, and PCI-DSS.
- User and manager level knowledge of GRC technologies and associated reporting modules
- Ideally have, working towards, or willingness to gain industry certifications – CISSP, CSIM, CRISC.
At NFU Mutual, we support an inclusive workplace and value all the differences that make us unique. We celebrate the creativity and innovation that comes from diverse perspectives and experiences and share a common vision of doing the right thing for our customers and employees.
We recognise that some candidates may experience barriers during the recruitment process. So, we encourage candidates to discuss any adjustments or accommodations they need to be the best they can be throughout our recruitment process.
We're proud to be a Disability Confident Employer, a Race at Work and Women in Finance Charter signatory and welcome applications from people of all backgrounds, regardless of age, ethnicity, disability, neurodiversity, gender, religion, marital status, sexual orientation, or socioeconomic background.
Benefits and Rewards:
When you join our team, you can expect a supportive culture and an attractive range of rewards and benefits including:
- Salary – up to £65,000
- Annual bonus (up to 25% of salary)
- Contributory pension scheme, up to 20%, including your 8% contribution
- 28 days annual leave + bank holidays + buy/sell/save holiday trading scheme
- A Family Friendly policy that helps you balance your work and family responsibilities
- Private medical insurance + options to add family members
- Access to savings at High Street brands, travel and supermarkets
- £20 contribution to a monthly gym membership – subject to T&Cs
- Health and wellbeing plan - cashback for dentist, opticians, physio and more
- Employee Volunteering - volunteer in the community for one day each year
- Unlimited access to Refer a Friend £500 bonus scheme
- Life Assurance cover of 4 x salary
- Employee discounts of 15% on a range of NFU Mutual insurance policies.
Working at NFU Mutual:
We’re one of the UK’s leading general insurance and financial services companies. For over 110 years we’ve put our customers at the heart of everything we do. Our people are just as important to us.
We pride ourselves on being “a great place to work” and our Gallup Exceptional Workplace 2025 award was not only awarded with Distinction but also named us as the first UK-based company to receive a Gallup Exceptional Workplace for ten years in a row. We are also the only Insurer to feature in the LinkedIn Top 15 Companies 2025 list of ‘Best midsize employers to grow your career in the UK’, the Glassdoor Best Places to Work UK List 2023 and 2024, and were recognised as a certified UK Top Employer by the Top Employers Institute in 2023, 2024 and 2025.
We offer a supportive culture where we empower and inspire our people to perform, offer them opportunities to grow, and recognise and reward their contribution. Our people are proud to work for a company that respects them and their communities, and they trust us to be financially sustainable, so we are successful now and in the future.
