Website Mott MacDonald

Mott MacDonald is a global engineering, management, and development consultancy.

Our purpose is to improve society by considering social outcomes in everything we do, relentlessly focusing on excellence and digital innovation, transforming our clients’ businesses, our communities and employee opportunities.

A fundamental part of this is respecting each person’s differences and striving to meet their needs.

Our values: Progress, Respect, Integrity, Drive, Excellence.

About the business unit

Mott MacDonald’s support services are the driving force behind our organisation enabling us to run efficiently and effectively. The team works collaboratively to offer specialist advice, best practice and technology to all areas of our business specifically designed for our global reach.

Overview of role

Mott MacDonald is seeking an accomplished Senior IT Risk Manager to join our IT department and spearhead the Risk Management function. The ideal candidate will have experience leading or serving as a deputy in a Risk Management function adhering to ISO27005 or ISO31000 standards.

Strong leadership skills, effective communication with executive stakeholders, and the ability to take full ownership of the risk management agenda within IT are essential for this role.

Key duties and responsibilities include

  • Work alongside function leads to identify, assess and prioritise risk treatment.
  • Improve processes and maintain a comprehensive IT risk management framework that identifies, assesses, mitigates, and monitors risks across the IT department.
  • Collaborate with senior executives to align the risk management strategy with the company’s
  • Enterprise Risk Management and business goals.
  • Develop and enforce IT risk management policies, procedures, and standards in line with industry best practices and regulatory requirements.
  • Lead the response to IT risk incidents, ensuring timely resolution, root cause analysis, and implementation of corrective actions.
  • Provide regular reports and updates to executive leadership on the status of IT risks, risk mitigation activities, and the overall effectiveness of the IT risk management program.
  • Act as the primary point of contact for risk management within the IT department, engaging with internal and external stakeholders to promote a risk-aware culture.
  • Develop and deliver training programs to educate IT staff and other stakeholders on risk management practices and their role in mitigating IT risks.
  • Stay abreast of the latest developments in IT risk management and cyber security, continuously improving the company’s risk management practices.

Candidate Specification


  • Significant experience in risk management, with at substantial perioed of time in a senior leadership role within a large organisation.
  • Proven track record of successfully implementing risk management frameworks and programs.
  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal skills, with the ability to engage effectively with executives and other stakeholders.
  • Understanding of regulatory requirements.
  • Ability to take ownership, carry the risk management agenda and motivate others.


  • Bachelor’s degree or equivalent work experience desired.
  • Relevant certifications such as CRISC or CISM are preferred.
  • Has, or is eligible for, UK Security Clearance (SC) desired.

Personal Attributes

  • Passionate about technology and learning.
  • Ability to balance demands and priorities and think clearly under pressure.
  • Attention to detail and a focus on quality.
  • Excellent conflict resolution, communication, and collaboration skills.
  • Logical and analytical approach to solving problems.
  • Demonstrated ability to lead cross-functional teams and drive organisational change.
  • Self-motivated and proactive in identifying and addressing risk-related issues.
  • Meticulous attention to detail, ensuring thoroughness and accuracy in all aspects of risk management.

To apply for this job please visit