Senior Risk Relationship Manager

Greater Manchester (Hybrid)
Manchester, Greater Manchester
£48,000 per year
Full-time
Permanent

Actively Interviewing

This organisation is scheduling interviews as applications come in. They're ready to hire as soon as they find the right person. Don't miss your opportunity, apply now!

Job description

The Senior Risk Relationship Manager provides pivotal leadership in risk management, operational resilience, governance and data protection across Hope for Justice and Slave-Free Alliance globally.  Advising on both threats, and opportunities across the organisation’s portfolio, producing insights on emerging themes, particularly those affecting modern slavery and human trafficking, and NGO operations

Operating at the second line of defence (L2), the role delivers independent oversight, guidance, and constructive challenge, strengthening risk management and compliance across the organisation. It supports and holds operational teams to account, ensuring risks are effectively identified, managed, and aligned with organisational risk appetite and governance requirements.

Aligned with ISO 31000 principles, the role leads the development, maturation, and embedding of an enterprise risk approach that integrates risk into strategy, operations, and organisational culture, enabling clear ownership across both centralised and decentralised functions.

The postholder works closely with operational and security leaders to strengthen organisational readiness for, and response to, major incidents and crises, ensuring effective escalation, coordination, and learning.

The role also incorporates Data Protection within the remit and is responsible for monitoring and advising on the organisation’s compliance with all applicable data protection laws.  provide objective oversight without conflicts of interest. 

It is not expected that the role holder is an expert in every aspect of data protection legislation from the outset, but must be able to upskill as needed, interpret requirements, and collaborate with external specialists where appropriate. Their role focuses on promoting good data protection practice across the organisation, including ensuring staff awareness and adherence to internal processes (e.g. completion of training, conducting DPIAs, and following approved procedures) and leading on the creation of these where gaps are identified. 

Main Duties

Risk Management

  • Lead the strategic and operational development of the organisation’s risk framework, ensuring alignment with ISO 31000 and organisational context
  • Coordinate appropriate identification and management of risk across all senior leadership and accountable roles, ensuring coverages of all 12 classifications of risk per the HfJ framework: (Security; Safeguarding; Health & Safety; Financial; Corruption; People & Culture; Cyber, Information and IT; Governance; Legal & Compliance; Reputational; Quality; Strategic)
  • Develop and oversee an annual roadmap and schedule to monitor, evaluate, and report on organisational risk maturity, risk strategies and risk transfer.
  • Maintain and continuously improve risk reporting tools, registers, and dashboards for global risk tracking and visibility.
  • Coordinate training and communication that promote collaboration and ownership of risk across functions.
  • Provide clear and accessible risk reporting to senior leadership, country directors, and the Board of Trustees (via subcommittees).

Risk Governance

  • Lead coordination of the Risk & Compliance Committee, supporting the Chair to ensure key risks are accurately reported, well understood, and actively managed with Trustee oversight and governing mandates.
  • Facilitate the setting of risk appetite and thresholds by the Board of Trustees, supporting their legal duties relating to risk, and ensuring organisational accountability.
  • Author and maintain core risk policies in line with governance appetites and policy frameworks.
  • Provide clear, concise and decision-oriented risk reporting to senior leadership and the Board of Trustees

Strategy Integration

  • Support strategy owners to plan and monitor achievement against commitments, identify delivery risks, and develop mitigation strategies.
  • Author the organisation’s annual Strategic Risk Outlook along with relevant country/thematic briefings.
  • Embed risk-based thinking into decision-making, strategic planning and programme delivery to identify both threats and opportunities.

Incident & Crisis Management

  • Serve as a core member of the Incident and Crisis Management Teams (IMT/CMT), advising and supporting leadership and country teams during critical incidents.
  • Coordinate internal investigations into serious incidents, liaising with the Charity Commission as required.
  • Maintain the incident register, ensure robust documentation, and facilitate post-incident reviews, learning and feedback to risk registers.
  • Support development of the organisation’s complaints, accountability and whistleblowing mechanisms. 
  • Strengthen organisational readiness and resilience for potential high-impact events.

Data Protection

Compliance & Governance 

  • Keep the organisation on track with UK GDPR and equivalent laws in other regions. 
  • Make sure policies are up to date and actually used in day-to-day work. 
  • Offer clear, practical advice on what the law requires and how teams can meet it. 
  • Act as the central point of contact to the Information Commissioners Office (and other authorities) in the event of major data related incidents.  

Data Protection Impact Assessments (DPIAs) 

  • Lead the DPIA process and ensure alignment across the organisation. 
  • Help teams understand when a DPIA is needed and how to assess risks. 
  • Step in on complex or high-risk DPIAs to guide decision-making and agree on safeguards. 
  • Initiate DPIAs and involve the right people; providing oversight and guidance. 
  • Check that decisions and DPIA findings align with legal obligations. 

Advisory & Support 

  • Act as the go-to person for data protection questions from staff. 
  • Support project and operational teams to build privacy into new systems and ways of working. 
  • Advise on lawful bases, consent, transparency, and everyday compliance questions. 

Training & Awareness 

  • Lead the organisation’s training and awareness activities relating to data protection. 

Risk Function: 

  • Connect DPIA outcomes with wider organisational risks. 
  • Ensure systems are designed with strong security and privacy controls. 

Key Result Areas

  • Consistent application of the organisation’s risk management framework. 
  • Clear and timely reporting of key risks and opportunities to governance bodies. 
  • Continuous improvement in risk maturity and learning culture. 
  • Professional, transparent, and effective incident and crisis management.
  • Strong collaboration between risk, operations, and programme teams.
  • Integration of risk considerations into major organisational strategies and initiatives. 
  • Consistent DPIAs in line with organizational risk.

Soft Skills

  • Strategic thinking – ability to connect detailed risks to big-picture objectives. 
  • Stakeholder engagement – builds credibility and trust at all levels.
  • Adaptive communication – explains complex issues clearly and constructively.
  • Problem-solving – confident and calm in uncertain situations.
  • Execution – confident in the high-quality delivery of deep and complex work
  • Collaboration – works effectively across teams and geographies.
  • Emotional intelligence – empathetic, balanced, and composed in high-pressure situations.
  • Resilience – maintains professionalism and focus through organisational change. 
  • Integrity – upholds confidentiality and ethical standards at all times. 

Technical Skills

  • Strong understanding of enterprise risk management, ISO 31000, and governance structures.
  • Experience analysing and reporting risks across multiple jurisdictions. 
  • Proven ability to design and maintain risk policies, frameworks, and guidance.
  • Skilled in digital systems for risk and incident management (Power BI, Excel, PowerApps).
  • Understanding of safeguarding, security, and cyber risks within an NGO context.
  • Familiarity with Board governance processes and committee reporting.
  • Experience leading after-action reviews and embedding organisational learning.
  • Knowledge of modern slavery and human trafficking risks in global operations.  

Experience

  • Minimum six years of relevant experience managing programmes, operations, or risk in international development, humanitarian, or human rights contexts.
  • Experience managing serious incidents in security, safeguarding, reputational, or crisis areas.
  • Experience working with Data Protection issues and management thereof
  • Experience working across multiple countries or sectors (desirable). 

Education

  • Educated to degree level
  • Professional certification in risk management (ISO 31000, Institute of Risk Management), Global Governance, or a related field. With two additional years of professional experience desirable. 
  • Project management certification (PMD Pro, PRINCE2, Agile) desirable. 

We expect all our employees to understand and uphold the standards outlined in the Hope for Justice Safeguarding policies, acting with due care and attention to safeguard the wellbeing of anyone that encounters our work and reporting concerns if they do arise.

 

As part of Hope for Justice/Slave Free Alliance, you will benefit from an excellent package including:

  • 28 days annual leave plus bank holidays (pro rata)
  • 1 day Marriage Leave
  • Birthday Day
  • Enhanced employer pension contributions
  • Company sick pay
  • Enhanced maternity and paternity pay
  • Access to our Employee Rewards Platform, providing discounts and offers for well-known retailers
  • Free, confidential Employee Assistance Programme for staff and their family
  • Professional development opportunities
  • Professional memberships paid
  • Flexible and hybrid working

Applications will be reviewed and interviews held on a rolling basis. The advert may be removed prior to the closing date if the position is filled. If you are interested in this role please ensure to submit your application as soon as possible.

Application resources
Organisation
Hope for Justice View profile Organisation type Registered Charity Company size 51 - 100
Posted on: 10 July 2026
Closing date: 09 August 2026 at 23:30
Job ref: RRM100726
Tags: Modern Slavery / Human Trafficking, Risk Management

The client requests no contact from agencies or media sales.