controls across infrastructure and platforms. You will also guide teams in applying secure-by-design principles and support both internal audit and external compliance efforts including Gov Assure, CAF, ISO 27001, and Cyber Essentials (CE and CE+) while supporting the secure operation of core services. The role requires strong stakeholder engagement, technical depth, and a sound understanding of UK … in designing and implementing secure infrastructure or cloud architectures. o Proven experience with risk assessment methodologies and maintaining enterprise risk registers. o Working knowledge of risk assessment methodologies (e.g. ISO31000, FAIR, OWASP risk rating). o Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks. o Experience conducting or supporting security audits More ❯
Salford, Lancashire, England, United Kingdom Hybrid/Remote Options
AJ Bell
disaster recovery, business continuity, data governance, privacy, change, and third party risk. At least five years’ experience in a risk focused role. Knowledge of risk management frameworks such as ISO31000, NIST, COBIT or COSO. Understanding of control frameworks and IT general controls. Experience in control assurance is desirable. Certifications such as ITIL Master or Expert, CISA or CRISC would be More ❯
start to finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or SABSA. Why QBE? At My Best? At QBE, we want our people to feel rewarded and inspired to perform More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid/Remote Options
Experian Ltd
What you'll need to bring to the role & Experian Experience in risk, controls, or audit roles, including transformation delivery. Strong knowledge of risk and control frameworks (e.g., COSO, ISO31000); RSA Archer experience is a plus. Proven ability to lead teams and influence senior stakeholders. Excellent communication, analytical, and problem-solving skills. Comfortable working across global teams More ❯
Bradley Stoke, Gloucestershire, United Kingdom Hybrid/Remote Options
Matchtech
embedded from the ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. Collaborate with multi-disciplinary teams … architecture or security engineering roles within the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001/2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who can More ❯
