×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Risk Partner; IT & Product

Job in Leeds, West Yorkshire, ME17, England, UK
Listing for: PEXA Group
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Job Description & How to Apply Below
Position: Risk Partner (IT & Product)

Establishing ourselves within the UK in late 2020, we are committed to collaborating with lawyers, conveyancers, lenders, government and the property industry, to set the new standard for both remortgages and buying and selling property.

We are seeking a commercially minded, second line Risk Partner to join the UK group risk function where technology risk management plays a critical role in safeguarding the group. This is a hands‑on role with responsibility for advice, overseeing regulatory change and monitoring and embedding a strong risk & compliance culture across these functional lines. This is a second line risk partner role that oversees technology and cyber risks – it does not design or operate cyber security controls.

This role will work in close partnership with senior leadership teams across Product, IT, Cyber, Information Security and Operational Resilience with the IT and Product functions. You will provide independent advice, oversight, monitoring and constructive challenge to these functions on their management of technology and cyber security risks. The role acts as a specialist advisor to ensure risk remain with UK defined risk appetite.

The role holder will be expected to take end to end ownership across risk advisory & guidance, risk oversight and support with regulatory returns (including REP
0018 submission on IT Security & Operational Risk).

Second Line Oversight
  • Provide oversight, review and challenge of the cyber risk profile and cyber control environment. Highlight control gaps and collaborate with control owners on remediation plans.
  • Review & assess changes to technology platform and products that impact UK group risks & risk profile.
  • Contribute towards the development and enhancement of technology risk framework and ensure alignment with evolving regulatory expectations.
Business Partnering & Advisory
  • Be the subject matter expert to IT and Product functional leaders, providing guidance on risk identification, controls improvements and risk mitigation for new product features, projects, contracts or business change.
  • Proactive risk engagement and early intervention by engaging early during solution design, procurement etc for IT and product changes to assess risks.
Risk Framework Embedding
  • Drive the adoption of the UK Risk Framework, ensuring processes align with standards.
Incident & Issue Management
  • Support the resolution of risk events, perform root cause analysis and ensure learnings are translated into actionable improvements.
Monitoring & Assurance
  • Track Key Risk Indicators (KRIs) to identify emerging trends.
  • Conduct in depth reviews of the Product, IT & Cyber function, their adoption & implementation of technology and reporting to risk matters to oversight committees.
  • Perform risk-based deep dives to identify and understand product, technology and cyber security related risk drivers and work in partnership with the first line function to identify key programmes/tasks to address these. This is expected across core technology risk domains of resilience and continuity, cloud and third party, data governance and protection, generative AI and broader AI adoption, technology delivery and change.
  • Design, recommend and complete assurance programmes and controls testing, feeding results into risk assessments and reporting.
Qualifications
  • At least 5 years' experience within second line risk management with an EMI, payments or fintech.
  • Prior experience in technology risk management and compliance within regulated environment.
  • Strong understanding of technology, cyber risk, resilience, IT controls & governance frameworks.
  • Familiarity with frameworks and standards such as SOC 2 and ISO 27001.
  • Deep understanding of risk management principles (e.g. ISO 31000, COSO).
  • Strong working knowledge of FCA regulation for EMIs and UK regulatory landscape, including ICO.
  • Practical, commercial approach to risk management.
  • Ability to manage complex analysis, interpret regulatory standards and provide high quality oversight.
  • Demonstrable ability to integrate risk management and control frameworks with sharp commercial insight, enabling responsible and scalable business growth.
  • Excellent analytical & problem‑solving…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search