1 to 25 of 109 Risk Assessment Jobs

split of 50% home working and 50% onsite. This role supports the OMNIA Security Assurance Lead by carrying out a comprehensive Initial Security Risk Assessment for the MOD CTTP programme-analysing risks, threats, vulnerabilities, architectures and compliance requirements, and producing the formal assessment report. It also supports … coordinating with delivery partners, and helping present the final assessment. Key Responsibilities: Working closely with the OMNIA Security Assurance Lead to conduct Initial Security Risk Assessment Report activities in alignment with MOD Secure by Design (ISN2023/09) assurance activities. Attending workshops and meetings, both in-person ...

Security Risk Assessment Specialist - Freelance Contractor - Brussels Rate: Flexible Duration: 1 year - freelance contract Hybrid: 8 days onsite in Brussels office in a month, the rest can be worked remotely Division : CISO - IT Risk About the Role: We are looking for an experienced and dynamic Senior Security … Analyst to join our IT Risk Transformation team. In this role, you will contribute to the design and enhancement of our application security risk assessment process and will perform security risk assessments across a wide range of applications. To achieve it, you will work closely with ...

Information Security & Risk Specialist Role: Information Security & Risk Specialist Specialism(s): Global Information Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract … Inside IR35 Duration: 12 Months Location: London, On-Site Working (1 day remote per week) Start: ASAP/Urgent Information Security & Risk Specialist CPS Group UK are delighted to be working with a leading, global Entertainment brand to appoint an Information Security & Risk Specialist to join their Global ...

Information Security & Risk Specialist Role: Information Security & Risk Specialist Specialism(s): Global Information Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract … Months Pay Rate: £400 - £495 per day Location: London, On-Site Working (1 day remote per week) Start: ASAP/Urgent Information Security & Risk Specialist CPS Group UK are delighted to be working with a leading, global Entertainment brand to appoint an Information Security & Risk Specialist to join ...

months initially (will extend, 6 month rolling) Location: Ipswich 3 days, 2 days remote Position Summary: We are seeking a highly skilled Security Risk Analyst with a strong background in application security, vulnerability management, and risk assessment. In this role, you will be responsible for conducting security diagnostics … across a suite of applications, identifying potential vulnerabilities, and delivering detailed risk assessment reports to the CISO. This position does not involve remediation but plays a critical role in uncovering and reporting risks within the organization’s application landscape. Key Responsibilities: Conduct security risk diagnostics on enterprise ...

Title: GRC Risk Analyst Location: London, UK Duration: 6+ months Working Mode: hybrid Summary Seeking an experienced GRC Risk Analyst to support technology, information security, and regulatory risk activities. The role focuses on risk assessments, risk register management, reporting , and working with stakeholders across business … technology. Key Responsibilities Perform technology, information security, data, and third-party risk assessments. Apply ISO 27001, NIST, GDPR, and UK/EU regulatory frameworks. Maintain and monitor enterprise risk registers and remediation actions. Engage stakeholders across business, IT, security, privacy, and compliance. Prepare risk reports and senior ...

Operational Risk Specialist Up to £34k per year Nelson 2/3 days on site An Operational Risk Specialist is responsible for identifying, assessing, and monitoring risks across various business units within an organization. They facilitate risk workshops, maintain risk registers, and track key risk indicators to ensure effective risk management. The role involves collaborating with stakeholders to embed a strong risk culture and supporting governance through reporting and assurance activities. Additionally, they stay informed about regulatory developments and promote risk awareness through training and communication. Skills Strong understanding of regulatory ...

Security Risk Principal £110,000–£120,000 + Bonus Hybrid | London (2–3 days per week) We’re partnered with one of the UK’s most recognisable brands, seeking a Security Risk Principal to play a pivotal role in shaping and safeguarding their global cyber‐risk posture. … This is a senior, high‐visibility position where you’ll define risk strategy, operationalise a new cybersecurity risk assessment framework, and influence decision‐making across business and technology functions. As Security Risk Principal, you’ll act as the organisation’s authority on cyber risk — blending ...

ONLYKey Responsibilities Lead and continuously improve The organisation's third-party cyber risk assurance process, covering onboarding, risk assessment, due diligence, and ongoing monitoring. Develop and maintain a robust vendor criticality assessment model, ensuring assurance activities are aligned to supplier risk level. Define … diligence requirements for critical and high-risk third parties in alignment with DORA, NIS2, PRA, FCA, and other emerging regulatory obligations. Produce dashboards, scorecards, and MI reports that provide senior stakeholders with meaningful insight into the organisation's third-party cyber risk posture. Embed third-party security controls ...

Risk & Compliance Officer My client based near Stratford-upon-Avon are looking for a Risk & Compliance Officer to join their team. This is a hybrid role – 2 – 3 days per week in the office. Salary approx. £70,000 - £85,000 + Bonus + Excellent Benefits The Role This …/PRA regulations, PCI DSS standards and broader industry requirements. Working cross-functionally with product, technology, legal and senior leadership teams, you’ll embed risk management into day-to-day operations and product development, while acting as a trusted advisor to the Executive Team and Board. This ...

Team utilising the support of other team members where necessary. The role is to be an active participant and, where appropriate, leader of risk-based audit reviews, and will assist the IT Team to issue recommendations to remediate any identified issues and weaknesses. Key Responsibilities Leads or acts … other team members involved in an assignment. At all times, the role holder will have regard for the main risks detailed in the Risk and related Control Matrix and, where acting in a management capacity, will plan and organise an assignment (including the allocation of staff) as well ...

Senior Security Risk Specialist – Contract Location - London (Hybrid – 2 days onsite in Bank) Term: 6 months Rate: £800 per day (Inside iR35) We’re looking for a Senior Security Risk Specialist to support a technology company’s Security Risk Management function. Reporting to the Head of Security … Risk & Assurance, this hands-on role focuses on designing, improving, and operating security risk management frameworks in a fast-paced, cloud-first environment. Key responsibilities: Run and improve the security risk management framework Conduct security risk assessments and define mitigation strategies Advise engineering and product teams ...

Infrastructure services, assess and classify identify security threats and define threats mitigation solutions in alignment with the stakeholders. Monitor for vulnerabilities, perform ongoing risk assessment and collaborate with cross-functional teams to mitigate the risk. Define the pentesting scope and scenarios. Develop and maintain documentation providing clear guidelines … environments. Cloud Security: Competent understanding and experience of securing at minimum AWS cloud infrastructure environments, CI/CD pipelines, containerized environment and Linux systems. Risk Assessment: Experience with assessing security findings and mitigation strategies Security Savvy: Competent knowledge of common security frameworks and tactics, including STRIDE, MITRE ...

Infrastructure services, assess and classify identify security threats and define threats mitigation solutions in alignment with the stakeholders. Monitor for vulnerabilities, perform ongoing risk assessment and collaborate with cross-functional teams to mitigate the risk. Define the pentesting scope and scenarios. Develop and maintain documentation providing clear guidelines … environments. Cloud Security: Competent understanding and experience of securing at minimum AWS cloud infrastructure environments, CI/CD pipelines, containerized environment and Linux systems. Risk Assessment: Experience with assessing security findings and mitigation strategies Security Savvy: Competent knowledge of common security frameworks and tactics, including STRIDE, MITRE ...

this role, you'll be: Providing the Secure by Design risk and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. … Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite. Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate security and risk ...

able to work across multi-cloud setups such as Azure. - Excellent communication skills, able to explain security clearly to cross-functional teams. - Skilled in risk assessment, threat modeling, secure design, and architecture reviews. - Solid documentation skills for risks, decisions, and technical designs. - Ability to guide and mentor DevOps … . - Familiarity with connected services, PKI (onboarding/offboarding), UNECE R155, and distributed systems is a plus. Required Skills: - Cloud security (AWS) - DevSecOps tools - Risk Assessment - IAM (Identity Access Management) - Threat Modeling - Security frameworks - Security Architecture - Secure SDLC practices Preferred Skills: - Distributed systems - UNECE R155 - PKI management - Multi ...

background in Cyber Security Assurance within a high-threat government environment. Skills and experience. Experience in producing GovAssure and Secure-By-Design assessments, including Risk Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience with security architecture and Security Information … System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework, ISO 27001, NIST, COBIT, as well as SABSA and TOGAF. Experience in risk and threat modelling within high-threat government environments. Preferred ...

Join us as Risk and Control Analyst within IBCOO Technology Risk and Control and be involved in taking ownership of the risk event and issues management process and helping build a collaborative, innovative risk management environment with our stakeholders. To be successful as a Risk and Control Business Partner in this specific team, you should: Have previous experience within Risk and Control in financial services Be able to prioritise risk and multitask Be comfortable in a fast-paced environment and context switching daily Some other highly valued skills may include: Previous experience ...

Cyber & Data Risk Lead - Financial Services c 60,000- 80,000 (DOE) + Performance Bonus East Midlands A high-growth privately owned financial services organisation is seeking to appoint a Cyber & Data Risk Lead to take ownership of its data governance framework, security control environment, and third-party … data risk oversight. This is a senior and highly visible role, operating at the intersection of Technology, Risk, Compliance, and Commercial decision-making. The successful candidate will play a pivotal part in ensuring that sensitive customer, partner, and business data is protected, well-governed, and used responsibly ...

Cyber & Data Risk Lead - Financial Services c£60,000-£80,000 (DOE) + Performance Bonus East Midlands A high-growth privately owned financial services organisation is seeking to appoint a Cyber & Data Risk Lead to take ownership of its data governance framework, security control environment, and third-party … data risk oversight. This is a senior and highly visible role, operating at the intersection of Technology, Risk, Compliance, and Commercial decision-making. The successful candidate will play a pivotal part in ensuring that sensitive customer, partner, and business data is protected, well-governed, and used responsibly ...

governance frameworks, policies, and controls aligned with recognised international standards, including ISO 27001 and the NIST Cybersecurity Framework. * Own and evolve the cyber security risk management strategy to enable proactive identification, assessment, and mitigation of cyber risks. * Lead cyber security risk assessment activities, applying the Enterprise … Risk Management Framework, Information Security Management System (ISMS), and NIST risk management practices. * Partner with senior leaders and cross-functional teams to embed cyber security considerations into business processes and decision-making. * Work closely with procurement teams to identify, assess, and manage cyber security risks associated with suppliers ...

subpar performance Conduct in-depth audits on all assigned group homes/day programs Incident management assistance, including closing incidents and monitoring quality improvements Risk Manager Serves as the agency's Risk Manager who oversees and monitors Risk Management activities in accordance with DBHDS regulations and company … requirements. Identifies, monitors, and helps to reduce existing factors and potential risks. Reviews clinical assessment and reassessment processes to mitigate risks unique to program participants. Assesses the effectiveness of risk management systems within the program using baseline data. Conducts systemic risk assessment reviews at least annually ...

Markets is seeking an experienced Information Security Manager to play a pivotal role in shaping and strengthening our global security governance and risk framework. Operating across multiple regulatory jurisdictions, CMC develops and delivers its own retail and B2B trading and investment platforms. This role sits at the heart … Group-wide security strategy — ensuring robust governance, effective risk management, and regulatory alignment across the business. This is a governance-focused position. It is not a hands-on cyber operations role, but one that requires strategic oversight, regulatory confidence, and the ability to influence across distributed international teams. ...

that is must be undertaken with regard to the Trust Information Governance and Information Security policies. The post holder must adhere to the Trust risk assessment and risk management processes. The post holder must adhere to infection control policies and procedures. Undertake mandatory training and any other ...

Vendor Onboarding & Third Party Risk Management Consultant Contract until end of 2027 Remote with some travel to site (England, Ireland or Poland based) £(Apply online only) per day (IR35 status dependent on location of role) My client, in the Fintech industry are looking for an experienced Vendor Onboarding/… Third Party Risk Management Consultant to join a fast-paced, global organisation supporting vendor onboarding and risk assessment activities. You ll play a key role in ensuring vendors are onboarded efficiently, risk assessed appropriately, and fully compliant with internal governance and regulatory requirements. This ...