1 to 25 of 193 Risk Analysis Jobs in London

although some interaction with clients and third parties may be required. This position requires a senior management professional with relevant experience and a strong working knowledge of IT security, risk management, regulatory compliance, information and public cloud service technology, IT operations management principles, and third-party security management. A little more about your role... Specific areas of responsibility may … implementation and maintenance of its ISO27001 aligned Data and Information Security Management System. Establish and maintain the Information Security Governance framework; including running the Information Security Committees; coordinating IS risk management, executive reporting and participate in other forums where information security input and approval is required based on documented policies and processes. Risk Management: Oversee the identification, reporting … assessment, and mitigation of information security risks. Work closely with cross-functional teams to ensure risk management practices are embedded in business processes and projects. Monitor the effectiveness of risk mitigation measures and drive continuous improvement. Security Awareness and Training: Develop and deliver comprehensive security awareness and training programs to promote a security-conscious culture. Collaborate with stakeholders More ❯

CI/CD workflows and providing evidence as a service. According to Gartner, by 2026, 70% of enterprises will have integrated compliance as code into their DevOps toolchains, reducing risk management and improving lead time by at least 15%. Hence this is a significant opportunity to drive a positive transformation across the DevSecOps landscape delivering value to our … like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis, threat modeling, and vulnerability assessments Experience in coordinating with diverse cross-functional teams, including software engineers, designers, and stakeholders to drive the necessary outcomes. Strong technical abilities … reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information More ❯

CI/CD workflows and providing evidence as a service. According to Gartner, by 2026, 70% of enterprises will have integrated compliance as code into their DevOps toolchains, reducing risk management and improving lead time by at least 15%. Hence this is a significant opportunity to drive a positive transformation across the DevSecOps landscape delivering value to our … like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis, threat modeling, and vulnerability assessments Experience in coordinating with diverse cross-functional teams, including software engineers, designers, and stakeholders to drive the necessary outcomes. Strong technical abilities … reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information More ❯

We can consider hybrid or fully remote work in the UK. We’re looking for a self-motivated and driven individual with a passion for technology risk management who is looking for an exciting role as a technology risk subject matter expert within the second line of defence (2LoD) Chief Risk Office. You will provide expertise, advice … and independent challenge around the Technology risk and control environment and play a crucial role in developing the technology risk strategy to protect Aztec from technology-related threats while enabling business growth and innovation. This role offers the successful candidate extensive opportunities for development and the opportunity to apply their knowledge of technology risk at a senior … level within a financial services environment. Key responsibilities: Development and delivery of Aztec’s technology risk strategy in line with the ERMF and the Chief Risk Office roadmap, regulatory requirements and industry best practice, such as COBIT5/ITIL. Ensure that key strategic risks and controls associated with cloud infrastructure, AI, data management, and wider digital transformation are More ❯

designs. Conduct security reviews and assurance activities to validate security compliance across IT and OT systems. Provide security guidance and direction to stakeholders, ensuring alignment with security frameworks and risk management practices. Participate in cyber analysis activities, assessing outputs to help shape security direction and strategy. Implement security tools and technologies, supporting their integration into existing security architecture. … the utilities sector or similar critical infrastructure environments. Strong understanding of how enterprise security architecture fits into broader business and IT strategies. Hands-on experience conducting security assessments and risk analysis within IT and OT environments. Seniority level Mid-Senior level Employment type Contract Job function Information Technology Industries Utilities and IT Services and IT Consulting #J More ❯

meaningful security transformation. Key Responsibilities As part of a versatile consulting team, you’ll support clients across various industries with end-to-end security services. Responsibilities include: Security Assessments & Risk Management : Conduct security assessments, risk analysis, and provide incident response guidance. Identify and prioritise remediation actions. Security Solution Design : Design and implement bespoke cyber security solutions using More ❯

Cyber Security operation's function is responsible for the day-to-day provision of enterprise cyber security services to support the business. These services include all aspects of Cyber Risk Management, implementation and maintenance of technical security controls, vulnerability and patch management and operate effective incident management and cyber investigations. The department’s key objective is to ensure Insight … policies and standards • Supporting internal and external audits evidence gathering of cyber security • Chairing Vulnerability management meetings and following through on reports and remediations with the tech teams. Performing risk analysis on when vulnerability management incidents • Being integral to projects related to Security Operations • Staying up to date with the latest threat intelligence and threat hunting methodologies to More ❯

Consultant EBRD London, United Kingdom Apply now Posted 21 hours ago Permanent Competitive Information Security and Privacy Consultant Requisition ID 35706 Office Country United Kingdom Office City London Division Risk Management Contract Type Short Term Contract Length 12 months Posting End Date 03/06/2025 About the Role The European Bank for Reconstruction and Development (EBRD) is … ensure that the Bank maintains high standards of security, privacy, and compliance, contributing to our mission of promoting sustainable development across our regions of operation. About the Department Operational Risk Management (ORM) is part of the Bank's Risk Management group and forms the second line of defence . ORM is responsible for independently identifying, assessing, and supporting … data subject requests and support the Personal Data Review Panel on personal data-related complaints. Advise on IT and business projects with respect to InfoSec and privacy risks. Maintain risk registers , provide ongoing risk analysis, and contribute to risk mitigation plans. Support completion and review of Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs More ❯

Ensure security is prioritised through automation tools, security testing, and vulnerability scanning as part of the continuous delivery process. Security Assessments & Incident Response : Conduct security assessments, vulnerability scans and risk analyses to identify and address potential security weaknesses within cloud environments. Support the security operations team in incident response efforts related to cloud security incidents, ensuring timely detection, containment More ❯

security vulnerabilities and threats through automation and proactive monitoring. Define and enforce security policies and best practices for cloud usage across the organization. Conduct regular security assessments, audits, and risk analysis on cloud-based systems. Collaborate with DevOps to integrate security into CI/CD pipelines (DevSecOps). Manage identity and access controls (IAM) to enforce least privilege … principles. Respond to security incidents and lead root cause analysis for cloud-related security breaches. Stay current with the latest cloud security trends, threats, and technologies. Required Qualifications Bachelors degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). 3+ years of experience in cybersecurity with at least 2 years focused on cloud security. Hands-on More ❯

and requirements, such as: Working with AWS Cloud Infrastructure team to secure our cloud infrastructure Working with the development team in embedding security in the SDLC Provide assistance in risk management activities Support security-related incidents Support our log monitoring operations Take part in threat modelling sessions Support the teams in risk analysis of technical vulnerabilities Support More ❯

ongoing threat detection and response. Integrate Security in SDLC: Collaborate with product and engineering teams to integrate security into every stage of the software development lifecycle. Threat Modeling and Risk Analysis: Perform structured threat modeling using frameworks such as STRIDE and PASTA to proactively mitigate security risks. Champion Developer Education: Promote secure development practices by educating engineers on More ❯

performance strategy and ensuring best practices Participate actively in functional, system and regression testing activities Capture quality assurance data and metrics to provide insights and conclusions Estimate and perform risk analysis for quality delivery Should contribute in programming using Python/C#/Java or Tosca Design and develop the automated tests using automation tools using Pyraft/ More ❯

employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. Job Description As a Technology Risk and Controls Lead in our Corporate and Investment Banking division, you will play a crucial role in identifying and managing data-related risks whilst ensuring alignment to our strategic … objectives. You will utilize your expertise in risk management, data protection, and data management to effectively communicate complex technical information to senior management and support global stakeholders in understanding and executing their data related risk and controls obligations. Your ability to influence and collaborate across all organizational levels will be essential in driving our data risk management … regulatory engagements, you will ensure our compliance with industry standards and regulations. You will identify, assess, and monitor risks while ensuring effective cyber and technology controls. Your contributions to risk identification, control evaluation, and governance will be vital in enhancing the firm's data risk posture. Through your technical aptitude, customer first mindset, organizational and analytical skills, you More ❯

Associates have collaborated with our consultancy division to help in their search for an Information Security GRC Manager. You will work towards refining the entire GRC programme - frameworks, audits, risk assessments, stakeholder communication - across a regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine information security … governance and risk frameworks Lead audits (internal/external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science/IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead … legal/security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first More ❯

to the following: Manage, optimize and maintain ownership of core credit reporting processes, documentation and tools with the aim to deliver timely, accurate and insightful data to senior management, risk management, regulators, treasury, accounting teams. Contribute to the development of current and new Credit MI, metrics, dashboards and decision tools in order to gain accurate and timely insight into … bps Credit Risk drivers. Develop strong understanding of bp Credit Risk frameworks, quantitative approach, and risk metrics as well as acquire strong commercial awareness. Support various technology and systems initiatives, including automation, data integrity and data integration. Create, implement, and support credit risk quantitative models leveraging mathematical and computer science methods and tools including Python , SQL … verbal and written, to understand data needs and communicate report results. Remain up to date with the latest technology, techniques and methods. Stay curious and enthusiastic about exploring new risk modelling concepts, algorithms and data exploration methods to solve problems and enthuse others to see the benefit of your work. Essential Experience & Job Requirements Prior experience in financial risk More ❯

to the following: Manage, optimize and maintain ownership of core credit reporting processes, documentation and tools with the aim to deliver timely, accurate and insightful data to senior management, risk management, regulators, treasury, accounting teams. Contribute to the development of current and new Credit MI, metrics, dashboards and decision tools in order to gain accurate and timely insight into … bps Credit Risk drivers. Develop strong understanding of bp Credit Risk frameworks, quantitative approach, and risk metrics as well as acquire strong commercial awareness. Support various technology and systems initiatives, including automation, data integrity and data integration. Create, implement, and support credit risk quantitative models leveraging mathematical and computer science methods and tools including Python , SQL … verbal and written, to understand data needs and communicate report results. Remain up to date with the latest technology, techniques and methods. Stay curious and enthusiastic about exploring new risk modelling concepts, algorithms and data exploration methods to solve problems and enthuse others to see the benefit of your work. Essential Experience & Job Requirements Prior experience in financial risk More ❯

to the following: Manage, optimize and maintain ownership of core credit reporting processes, documentation and tools with the aim to deliver timely, accurate and insightful data to senior management, risk management, regulators, treasury, accounting teams. Contribute to the development of current and new Credit MI, metrics, dashboards and decision tools in order to gain accurate and timely insight into … bps Credit Risk drivers. Develop strong understanding of bp Credit Risk frameworks, quantitative approach, and risk metrics as well as acquire strong commercial awareness. Support various technology and systems initiatives, including automation, data integrity and data integration. Create, implement, and support credit risk quantitative models leveraging mathematical and computer science methods and tools including Python , SQL … verbal and written, to understand data needs and communicate report results. Remain up to date with the latest technology, techniques and methods. Stay curious and enthusiastic about exploring new risk modelling concepts, algorithms and data exploration methods to solve problems and enthuse others to see the benefit of your work. Essential Experience & Job Requirements Prior experience in financial risk More ❯

to the following: Manage, optimize and maintain ownership of core credit reporting processes, documentation and tools with the aim to deliver timely, accurate and insightful data to senior management, risk management, regulators, treasury, accounting teams. Contribute to the development of current and new Credit MI, metrics, dashboards and decision tools in order to gain accurate and timely insight into … bps Credit Risk drivers. Develop strong understanding of bp Credit Risk frameworks, quantitative approach, and risk metrics as well as acquire strong commercial awareness. Support various technology and systems initiatives, including automation, data integrity and data integration. Create, implement, and support credit risk quantitative models leveraging mathematical and computer science methods and tools including Python , SQL … verbal and written, to understand data needs and communicate report results. Remain up to date with the latest technology, techniques and methods. Stay curious and enthusiastic about exploring new risk modelling concepts, algorithms and data exploration methods to solve problems and enthuse others to see the benefit of your work. Essential Experience & Job Requirements Prior experience in financial risk More ❯

complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that … technical), coordination, monitoring and managing these plans) Assessing our clients' cybersecurity posture against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005/EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting … enterprises and SMEs, across private and public sectors – industry, energy, luxury, maritime, transportation, institutions... in France and Worldwide. Hard Skills Required: You understand basic security concepts (CIA triad, vulnerability, risk, threat...) You have a technical mindset and understand core security components, their principles: systems and networks, security devices (firewalls, AV/EDR, VPN...), cloud (AWS, Azure, Google...) Familiarity with More ❯

complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that … technical), coordination, monitoring and managing these plans) Assessing our clients' cybersecurity posture against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005/EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting … enterprises and SMEs, across private and public sectors – industry, energy, luxury, maritime, transportation, institutions... in France and Worldwide. Hard Skills Required: You understand basic security concepts (CIA triad, vulnerability, risk, threat...) You have a technical mindset and understand core security components, their principles: systems and networks, security devices (firewalls, AV/EDR, VPN...), cloud (AWS, Azure, Google...) Familiarity with More ❯

Associates have collaborated with our consultancy division to help in their search for an Information Security GRC Manager. You will work towards refining the entire GRC programme - frameworks, audits, risk assessments, stakeholder communication - across a regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities Build and refine information security … governance and risk frameworks Lead audits (internal/external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and policies across the business Support KPI development and risk strategy planning Requirements Degree in Computer Science/IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead … legal/security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first More ❯

branch environments Lead strategic network transformation projects, focusing on Cisco-based security technologies (Firepower, ASA, ISE, Umbrella, etc.) Develop network security policies, best practices, and high-availability solutions Perform risk analysis, vulnerability assessments, and network hardening Collaborate with cross-functional teams to align network architecture with business goals What We’re Looking For: CCIE (Security or Enterprise Infrastructure More ❯

Overview: Our client is currently seeking an experienced Security Risk Analyst to join their team on a contract basis through the end of the year. This role sits inside IR35 and will require three days per week onsite at their Central London office. You ll play a key role in assessing and managing information security risks across the business … and IT landscape. Key Responsibilities: Conduct risk assessments across both IT and business units , ensuring compliance with internal security policies and relevant regulatory frameworks (eg, ISO 27001, NIST, FCA ). Collaborate with key stakeholders to gather and analyze technical security data for accurate risk evaluation and remediation. Work closely with Vulnerability Assessment & Penetration Testing (VAPT) , Threat Intelligence , and … Incident Response teams to understand technical risks and validate that appropriate controls are in place. Contribute to the ongoing improvement of Governance, Risk, and Compliance (GRC) practices by incorporating findings from technical assessments and adapting to emerging threat landscapes. Prepare clear and concise documentation and reporting for senior leadership, audit committees, and regulatory authorities. Support internal and external audit More ❯

and Insights team - Develop and implement strategies to improve audit processes and methodologies - Manage the transition of new audit procedures and tools across the organization 2. Audit Intake and Risk Analysis: - Evaluate incoming audit requests based on comprehensive risk impact analysis - Prioritize audit engagements according to organizational risk exposure and potential impact - Collaborate with key … a thorough understanding of various sampling methodologies and their applications in auditing - Apply advanced statistical knowledge to design and implement robust sampling methodologies for various audit types based on risk impact analysis. - Ensure that sampling strategies align with audit objectives and provide statistically valid results 4. Audit Program Health Management: - Monitor and track the overall health and performance of … e-commerce platform. BASIC QUALIFICATIONS - Bachelor's degree in Technology, Business Administration, Finance, Accounting, or a related field - 7+ years of experience in program management, preferably in audit or risk management roles - Strong understanding of risk assessment methodologies and audit processes - Excellent analytical and problem-solving skills - Proven ability to manage complex projects and drive change in large More ❯