Information Risk Manager
Information Risk Manager
Contract Type | Permanent |
Employment Type | Full-Time |
Working Requirements | Dynamic Working |
Hours | 9:30am to 5:30pm |
Salary | Competitive |
Division | Business Services |
Location | 55 Baker Street |
Knight Frank is looking to hire an Information Risk Manager to improve the identification and governance of risks related to data privacy, information security and data management.
We are the world’s leading independent international property consultancy, headquartered in the UK, offering agency and professional advice across Commercial, Residential and Rural sectors. Established in 1896, Knight Frank now comprises a global network of over 20,000 people in 600+ Offices across 50 Territories.
Role:
The Information Risk Manager will strengthen the governance of data privacy, information security, and data management risks, aligning with our obligations to clients, regulators, and the public. We seek an experienced risk management professional who understands best practices in information risk. This role involves identifying and articulating risks, designing and monitoring controls, defining management reporting, and collaborating with senior stakeholders, IT leads, suppliers, and clients.
Responsibilities:
- Collaborate with business stakeholders and risk colleagues to identify and record potential risks, facilitating the assessment of risk and evaluation of impact and probability.
- Monitor performance of risk mitigation, control reviews and delivery of identified actions.
- Ensure risk treatment plans for information risks align to related policies and desired outcomes, agreed through governance.
- Contribute to the development and maintenance of the risk register, controls library and overarching Enterprise Risk Management (ERM) framework.
- Identify and document relationships between identified risks and business objectives/divisional plans.
- Advise on data protection and information security matters across the organisation, identifying new requirements/risks and advocating information risk best practice.
- Act as the risk business partner to Business Services sub-divisions, including Technology, Data and Digital and Marketing.
- Prepare and present divisional risk reports for senior leadership, highlighting key risks and mitigating actions.
- Contribute to the development of the firm's strategic information risk management roadmap, including requirements development and business case design.
- Lead in the delivery of strategic Information Risk initiatives, working, as required, with the firm’s project office and other stakeholder groups/interested parties.
- Provide support and guidance to subject matter experts in data protection and information security.
- Input into audit activity to ensure the effectiveness of risk assurance controls and response plans.
- Monitor the regulatory and risk horizon to anticipate and respond to changes in the information risk landscape as they apply to our business, globally.
- Represent information risk management in related governance groups.
- Foster a culture of continuous improvement and professional development within the team.
Key Experience Required:
- 5+ years of experience in the field of risk management, with alignment to data protection and/or information security.
- Bachelor’s degree in risk management or a related field (preferred).
- Relevant certifications such as CERA, CIPP/E, ISO27001 Lead Implementer/Auditor, or equivalent.
- Good familiarity with ISO31000, ISO27001, BS 10012, data protection and privacy regulations (e.g., the GDPR and PECR), and best practice ERM methodologies.
#LI-MM1
Please note: this is a Direct Search led by Knight Frank. Applications from recruitment agencies will not be accepted nor will fees be paid for unsolicited CVs, even if provided by PSL agencies.
We are committed to creating an inclusive, diverse and equitable workplace. We welcome applications from all individuals and provide equal opportunities for everyone. We also offer reasonable adjustments to ensure all candidates have a fair chance during the recruitment process.
Contract Type | Permanent |
Employment Type | Full-Time |
Working Requirements | Dynamic Working |
Hours | 9:30am to 5:30pm |
Salary | Competitive |
Division | Business Services |
Location | 55 Baker Street |
Knight Frank is looking to hire an Information Risk Manager to improve the identification and governance of risks related to data privacy, information security and data management.
We are the world’s leading independent international property consultancy, headquartered in the UK, offering agency and professional advice across Commercial, Residential and Rural sectors. Established in 1896, Knight Frank now comprises a global network of over 20,000 people in 600+ Offices across 50 Territories.
Role:
The Information Risk Manager will strengthen the governance of data privacy, information security, and data management risks, aligning with our obligations to clients, regulators, and the public. We seek an experienced risk management professional who understands best practices in information risk. This role involves identifying and articulating risks, designing and monitoring controls, defining management reporting, and collaborating with senior stakeholders, IT leads, suppliers, and clients.
Responsibilities:
- Collaborate with business stakeholders and risk colleagues to identify and record potential risks, facilitating the assessment of risk and evaluation of impact and probability.
- Monitor performance of risk mitigation, control reviews and delivery of identified actions.
- Ensure risk treatment plans for information risks align to related policies and desired outcomes, agreed through governance.
- Contribute to the development and maintenance of the risk register, controls library and overarching Enterprise Risk Management (ERM) framework.
- Identify and document relationships between identified risks and business objectives/divisional plans.
- Advise on data protection and information security matters across the organisation, identifying new requirements/risks and advocating information risk best practice.
- Act as the risk business partner to Business Services sub-divisions, including Technology, Data and Digital and Marketing.
- Prepare and present divisional risk reports for senior leadership, highlighting key risks and mitigating actions.
- Contribute to the development of the firm's strategic information risk management roadmap, including requirements development and business case design.
- Lead in the delivery of strategic Information Risk initiatives, working, as required, with the firm’s project office and other stakeholder groups/interested parties.
- Provide support and guidance to subject matter experts in data protection and information security.
- Input into audit activity to ensure the effectiveness of risk assurance controls and response plans.
- Monitor the regulatory and risk horizon to anticipate and respond to changes in the information risk landscape as they apply to our business, globally.
- Represent information risk management in related governance groups.
- Foster a culture of continuous improvement and professional development within the team.
Key Experience Required:
- 5+ years of experience in the field of risk management, with alignment to data protection and/or information security.
- Bachelor’s degree in risk management or a related field (preferred).
- Relevant certifications such as CERA, CIPP/E, ISO27001 Lead Implementer/Auditor, or equivalent.
- Good familiarity with ISO31000, ISO27001, BS 10012, data protection and privacy regulations (e.g., the GDPR and PECR), and best practice ERM methodologies.
#LI-MM1
Please note: this is a Direct Search led by Knight Frank. Applications from recruitment agencies will not be accepted nor will fees be paid for unsolicited CVs, even if provided by PSL agencies.
We are committed to creating an inclusive, diverse and equitable workplace. We welcome applications from all individuals and provide equal opportunities for everyone. We also offer reasonable adjustments to ensure all candidates have a fair chance during the recruitment process.