as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security More ❯
as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security More ❯
regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Knowledge of OneTrust risk management toolset or similar preferred Proven ability to communicate with technical teams to elicit More ❯
regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Knowledge of OneTrust risk management toolset or similar preferred Proven ability to communicate with technical teams to elicit More ❯
regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Knowledge of OneTrust risk management toolset or similar preferred Proven ability to communicate with technical teams to elicit More ❯
controls inherent in various technologies, andrelated best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes, operations More ❯
controls inherent in various technologies, andrelated best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes, operations More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
controls inherent in various technologies, andrelated best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes, operations More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
controls inherent in various technologies, andrelated best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes, operations More ❯
Cardiff, South Glamorgan, United Kingdom Hybrid / WFH Options
Deloitte LLP
controls inherent in various technologies, andrelated best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes, operations More ❯
Education: Degree in IT, Information Security, Risk Management or a related field. Strong knowledge of DORA, NIS2, and UK/EU cyber regulations . Familiarity with frameworks: ISO27001, NIST, COBIT, CAF . Recognised certifications such as CISSP, CISM, CISA, CRISC, CTPRP . Experience with European financial regulations (BaFin, AMF, etc.). Proven background in information security, audit, or risk management More ❯
Skills & Experience Essential 10+ years of experience in IT audit, change audit, or technology risk, ideally within financial services. Strong knowledge of IT governance, risk, andcontrol frameworks (e.g., COBIT, COSO, NIST, ITIL). Solid understanding of application controls, SDLC, project governance, and change assurance. Proven experience managing complex audit portfolios and leading multi-disciplinary teams. Exceptional communication, reporting, andMore ❯
/or existing IT General Controls from across access, change, and operations domains drawing on experience to do so independently and/or with minimal support. Working knowledge of COBIT/ITIL Frameworks Comfortable performing IT Risk Assessments across a variety of IT domains. Strong analytical and problem-solving skills, being able to decipher sometimes complex information, analyse and report More ❯
from time to time. What we're looking for: Qualified to degree level or time served experience. CISA, CRISC or similar professional qualifications but training will be provided ITIL, COBIT, SOX knowledge - Desirable 2-3 years of experience working within an IT control testing programme Experience working in an external audit team within a Big 4 or similar corporate environment More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
were looking for: 5+ years in tech risk, IT audit, cyber/digital resilience (FS sector) Strong knowledge of FCA/PRA Operational Resilience, DORA, ISO/NIST/COBIT Experience managing multi-workstream projects & producing board-level deliverables Excellent communicator with proven leadership skills Professional certifications (CISA, CRISC, CISM etc.) and cloud/AI knowledge are a bonus. This More ❯
party regulations across UK and EU such as ECB's EBA, DORA andrelated standards Informationand Cyber Security Frameworks and industry Standards (e.g., NIST/ISO 27001/COBIT/ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management posture reports) Excellent inter-personal communication skills, able to liaise with More ❯
Required 10+ years of experience in IT Risk, Internal/External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA/FCA, BMA, CBI). Strong analytical, verbal, andMore ❯
