IT Risk Manager
Collinson is the global, privately-owned company dedicated to helping the world to travel with ease and confidence. The group offers a unique blend of industry and sector specialists who together provide market-leading airport experiences, loyalty and customer engagement, and insurance solutions for over 400 million consumers.
Collinson is the operator of Priority Pass, the world’s original and leading airport experiences programme. Travellers can access a network of 1,500+ lounges and travel experiences, including dining, retail, sleep and spa, in over 650 airports in 148 countries, helping to elevate the journey into something special. We work with the world’s leading payment networks, over 1,400 banks, 90 airlines and 20 hotel groups worldwide. We have been bringing innovation to the market since inception – from launching the first independent global VIP lounge access Programme, Priority Pass to being the first to sell direct travel insurance in the UK through Columbus Direct and creating the first loyalty agency of its kind in the travel sector with ICLP. Today we still invest heavily in innovation to ensure that we continue to deliver superior customer experiences. Key clients include Mastercard, American Express, Cathay Pacific, British Airways, LATAM, Flying Blue, Accor, EasyJet, HSBC, Chase, HDFC. Our mission is focused on doing good beyond profit, which for us means we seek out opportunities for our people to share in our success and that we give back to the communities and people within which we work. Never short of ambition, the success of our business is delivered through the diverse and talented team of over 2,200 global colleagues.
Purpose of the job
This role is a key part of the First Line of Defence (FLOD) for Collinson Insurance. Its purpose is to ensure IT and data risks are assessed, managed, and mitigated in line with regulatory requirements and best practice.
The role will:
· Provide guidance and expertise on FLOD activities for technology and data, ensuring compliance with regulatory, industry, and best practice standards.
· Act as the primary contact for IT risk matters, supporting the Head of Engineering in maintaining adherence to IT General Controls, FCA/PRA guidelines, MFSA requirements, DORA, and related regulations.
· Coordinate with internal and external second and third line of defence functions, and on the compliance teams across the enterprise.
Key Responsibilities
· FLOD Accountability: Own all FLOD activities, processes, and improvements for technology and data assets, collaborating with relevant stakeholders.
· Control Design & Assurance: Ensure internal controls for IT and data risks are designed, implemented, and maintained. Provide assurance of control effectiveness through indicators and reviews.
· Reporting: Deliver regular updates on IT and data control health to committees, boards, and relevant third parties.
· Education & Consultation: Advise on best practice control design and risk management across technology, product, and service teams.
· Risk Assessment: Conduct focused risk assessments for new and existing services and technologies.
· Agile Engagement: Participate in planning and design sessions, helping prioritise IT, security, and data risk items.
· Policy & Control Implementation: Identify and implement appropriate controls, maintain draft policies, and improve risk posture through remediation and mitigation strategies.
· Collaboration: Work closely with Group CISO, Insurance and Group Risk & Compliance, and Internal Audit teams.
· Continuous Improvement: Stay updated on regulatory and industry changes, mature the IT and data risk framework, and pursue recognised accreditations.
· Incident Management: Ensure robust security and data incident practices, lead resolution of priority incidents (P1/P2), and coordinate with internal and external stakeholders
Knowledge, skills and experience required
· Strong practical knowledge of IT security technologies and business solutions, including firewalls, IDS/IPS, identity and access management, SIEM, remote working, and cloud technologies (AWS and Azure).
· Solid understanding of application security threats, current and emerging information security risks, and organisational challenges in addressing them.
· In-depth knowledge of IT risk frameworks and experience deploying them for business advancement, regulatory compliance, and security management (e.g., ISO 27000, COBIT, NIST 800).
· Familiarity with legislation and regulations impacting information security, such as GDPR.
· Ability to work within and leverage a security framework for continuous improvement.
· Demonstrable experience in a First Line of Defence (FLOD) role, ideally as an IT Risk Analyst or Manager in a regulated industry (preferably Insurance).
· Proven track record of delivering continuous improvements in IT and Data Risk areas.
· Comfortable operating in a fast-paced, commercially focused environment.
· Strong communication skills to explain security and risk concepts to both technical and non technical audiences.
· Ability to build relationships, influence decisions, and overcome organisational barriers to achieve goals.
· Excellent analytical skills, with the ability to challenge norms and take a pragmatic approach, balancing commercial needs with security and data protection requirements.
· Ability to identify, assess, and communicate risks, driving objective, fact-based decisions that optimise risk mitigation and business performance.
· Professional certifications such as CISSP, CISM, and/or CISA are desirable.
Personal Specification:
· Ability to manage multiple tasks simultaneously, prioritise effectively, and break work into manageable parts.
· Strong decision-making, problem-solving, and troubleshooting skills, with sound judgement and a sense of urgency.
· Innovative thinker with the ability to generate original ideas and apply creative solutions.
· Clear understanding of business needs and commitment to delivering high-quality, efficient service.
· Skilled at influencing others, building positive relationships, and managing stakeholder engagement at all levels.
· Excellent communication skills (written and spoken English), with the ability to present, guide, and bridge technical and business discussions.
· Personable, enthusiastic, and adaptable, thriving in a fast-paced, changing environment.
· Comfortable working independently, showing initiative, and taking on varied responsibilities.
· Strong ethical standards, integrity, and commitment to compliance and business values.
· Ability to collaborate effectively with teams, business units, and technology partners.
Collinson is an equal opportunity employer and welcomes differences in all their forms including: colour, race, ethnicity, gender identity, sexual orientation, neurodivergence, family status, age, individuals with disabilities and people from all backgrounds, cultures and experiences as we strongly believe this contributes to our on-going success.
We are focused on continually evolving our purpose driven, high performing culture, providing an environment where our people have the opportunity to achieve their full potential and do interesting and meaningful work. Our company values are: Take Action, Do the right thing, One team and Be insight led. These help guide everything we do internally in terms of how we think, act and interact, right through to how we deliver value to our customers and clients.
In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc).
If you need any extra support throughout the interview process, then please email us at [email protected]
Recommended Jobs
Nursery Teacher | Brent
Our client is seeking a passionate and caring Nursery Teacher to join a successful primary school in Brent. The Nursery Teacher will deliver the EYFS curriculum, focusing on early communication, soci…
MFL (German) Teacher (ECT support) - Enfield Outstanding...
School Status & Location Sector: Outstanding Ofsted Secondary School. Borough: Enfield (England). Start Date: Permanent, full-time role commencing ASAP or April 2026. The Opportunity & Sc…
Health Care Assistants Vacancy
JOB OVERVIEW We are looking for Health Care Assistants to join with our new client in London You will provide direct care under the supervision of a registered nurse as a member of a multidi…
Head of Growth (9-12 Month FTC)
ABOUT RIXO A rail of vintage dresses. A London flat. Two best friends who wanted to build the brand they couldn't find. That was 2015. Today, RIXO is six stores across London, New York, and Irelan…
EA - Global Tech Firm - 6 Month Contract
A fantastic opportunity has arisen for an immediately available candidate who thrives working in a fast pace, ever changing environment. It is a 6 month EA contract to support 4 Execs for a global US…
Compliance Manager - Anti-Bribery & Corruption (ABC)
The Compliance Manager, reporting into the Compliance Business Partner will be a key member of the Legal & Compliance team at this FTSE50. They will be responsible for the implementing of compliance …
Full-Time Dental Nurse - Acton - Indeed
JOB OVERVIEW Date Posted: 24 September 2025 Employment Type: Full-Time Salary: £27,000 – £35,000 per year (depending on experience) About the Role We are seeking a Full-Time Dental N…
Store Manager Operations (Head Coach) - NEW NIKE LONDON FLAGSHIP
Become a Part of the NIKE, Inc. Team NIKE, Inc. does more than outfit the world’s best athletes. It’s a place where passionate individuals come together to create the futur…
Attendance & Admissions Officer - Permanent Role | Newham...
An Ofsted Outstanding secondary school in Newham is seeking an Attendance & Admissions Officer to join its support staff team on a permanent basis. This role would suit an experienced administrato…
Interim Transformation Chief of Staff (6-month FTC)
Interim Transformation Chief of Staff (6 month FTC) Position Overview We are looking for an Interim Chief of Staff to join us for an initial 6-month fixed term contract. You will have the oppor…