.Job PurposeInformation risk refers to the risks related to Technology, Information Security, and Data quality. Given Admiral's focus on being a data and technology-driven company, Information Risk is a key risk area. The role is based in the AECS Risk team, with responsibility for oversight and challenge of all Information risks including Technology, Information Security, and Data. The successful applicant will work collaboratively with other teams including all areas of IT, Information Security, and Data.Main DutiesResponsible for oversight and challenge of Information risks across EU entities, including Information Security, Technology, and Data quality risks.Act as the subject matter expert within the EU Corporate Governance functions for Information risk management and security-related matters.Leading on independent risk/security assessments of the key Information and Security risks and controls across EU, identifying, assessing, escalating, and reporting on potential information risks and issues to Admiral.Responsible for oversight and challenge of the business response to Technology and Information Security risk incidents and events throughout EU.Providing review and challenge for EU change projects related to Technology, Information Security, and Data via steering committee membership or undertaking project risk reviews.Developing the Information risk framework within EU including the implementation and embedding of the tools, policies, standards, and procedures required to support the risk oversight and assessment activities.Promote and embed Enterprise Risk Management (ERM) processes, awareness, and understanding across the EU Technology, Information Security, and Data teams in order to maintain operational resilience, minimising customer detriment and financial losses.Assess the impact of Technology and Data change within the business against Admiral's risk profile, ensuring timely identification of key themes and emerging risks, issues, and exposure, and providing recommendations to management to mitigate and resolve potential issues.Reporting and escalating on risks and issues to senior managers, heads of department, Corporate governance teams, and relevant working groups, management committees, and Boards.Monitoring and assessing EU's compliance with Group & AECS/AIS Policies and Group Minimum Standards in relation to IT and Information Security.Represent EU Risk in relevant Committees, working groups, and meetings.Develop and maintain key stakeholder relationships across EU, performing the role as a 'critical friend' to the business.Behavioural CompetenciesProfessional Expertise: Possess the ability to make effective and informed decisions. Keep up to date with the latest legislation and regulations that apply to Information Risks.Initiative and pro-activity: Demonstrate an ability to seize opportunities without waiting for an event or having to be told