Tech Risk Manager & ICT Third Party Risk Management Lead

Ensure Trust in If — Make Risk Part of Everyday Decisions. At If, integrity, transparency, and delivery build lasting confidence with customers, partners, and colleagues. As a modern insurance company, we depend on both technology and third parties — making a solid, well-governed risk framework pivotal for clear oversight, accountability, and informed decision-making.

About the role

As Tech Risk Manager, you will help make technology risk understandable, actionable, and embedded into everyday decision-making. The role has a clear process and collaboration focus rather than a purely control-driven one.

In addition you will act as ICT Third Party Risk Management Lead, with end-to-end responsibility for how ICT supplier-related risks are identified, understood, and managed across If. By working closely with stakeholders across ICT, you provide clear guidance, and influence how decisions are made. It is through you that risk appetite, strategy, and regulatory expectations are turned into ways of working that support both resilience and delivery.

Reporting to the Head of IT Risk Management, you support informed, risk-based decisions by providing structure, transparency, and guidance. While formal risk decisions remain with designated risk owners, you act as a trusted partner who enables dialogue, shared understanding, and sound judgement.

In practice, you help the organisation answer questions such as how to manage supplier risk without slowing progress, how to create clarity and ownership in complex supplier landscapes, and how to meet regulatory expectations in a pragmatic and sustainable way.

In this role, you will:

• Develop and improve business-aligned ways of working to manage technology risk.
• Support teams and leaders with facilitation, tools, and guidance that create clarity and ownership.
• Connect technology and business perspectives in risk discussions and decision forums.
• Contribute to continuous improvement and shared responsibility for risk and resilience.
• Lead the development and application of ICT third-party risk management across the supplier lifecycle.
• Enable consistent supplier risk assessments and clear visibility of overall ICT third-party risk exposure.
• Strengthen governance, reporting, and oversight in collaboration with relevant stakeholders.
• Support audits and regulatory activities and continuously improve data quality, reporting, and use of tools.

We offer

In the same way that we place high demands on you as an employee, we also expect you to place high demands on us as an employer. Here are some of the benefits of working at If:

• An including work environment where everyone is welcome

• Career and development opportunities in the biggest insurance company in the Nordics

• Social activities, as well as highly skilled professional environment

• Possibility of hybrid workplace

• Health promoting workplace with e.g., wellness allowance and various sports activities

• Great insurance benefits

• Additional country-specific benefit(s)

About the team

Technology underpins nearly every part of our business, and we rely on a broad supplier ecosystem. That makes strong governance and risk management essential, with clear ownership, effective oversight, and decision forums that enable timely, risk-based decisions.

The IT Risk Management unit, part of the broader GRC function within IT Security, supports If in making risk-aware decisions that balance delivery, resilience, and regulatory expectations. We enable good risk practices, without unnecessary bureaucracy.

Who are you?

You enjoy creating clarity in complex environments and building structure that actually helps people deliver. You are comfortable working across technology, business, and suppliers, and you see risk management as a way to enable better decisions. The ability to work independently as well as in cooperation with others is essential. Therefore, you easily build new relationships and collaborate with others, turning this into a real asset in your work.

You also have:

• A degree from relevant higher education in technology, business, finance or in equivalent field.

• 3–7 years’ experience in risk, governance, process development, or similar.

• Experience working in (or close to) technology organisations.

• Fluency in English

• Familiarity with IT risk, internal controls, and governance practices.

It´s a plus if you have:

• Experience with third-party/supplier risk and contract-facing stakeholders.

• Experience from financial services or other regulated industries.

Additional facts and the recruitment process

Application deadline: Screening and interviewing will start immediately. However, application deadline is 2026-05-27.

To apply for the position: Please attach your CV in English. Instead of sending in a personal letter we ask you to answer the questions in the following steps.

Work location: Ballerup, Denmark.

Travelling: Occasional travel to other offices.

Start: As soon as possible or by agreement.

For more information, please contact Sara Langåssve, Head of IT Risk Management, sara.langassve@if.se.

Requirement for working in this position is passing the fitness and propriety (fit and proper) assessment. This requirement is based on Chapter 6, Section 9 of the Insurance Companies Act.

We look forward to your application!