1 to 25 of 130 Risk Assessment Jobs

Security Risk Assessment Specialist - Freelance Contractor - Brussels Rate: Flexible Duration: 1 year - freelance contract Hybrid: 8 days onsite in Brussels office in a month, the rest can be worked remotely Division : CISO - IT Risk About the Role: We are looking for an experienced and dynamic Senior Security … Analyst to join our IT Risk Transformation team. In this role, you will contribute to the design and enhancement of our application security risk assessment process and will perform security risk assessments across a wide range of applications. To achieve it, you will work closely with ...

Information Security & Risk Specialist Role: Information Security & Risk Specialist Specialism(s): Global Information Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract … Inside IR35 Duration: 12 Months Location: London, On-Site Working (1 day remote per week) Start: ASAP/Urgent Information Security & Risk Specialist CPS Group UK are delighted to be working with a leading, global Entertainment brand to appoint an Information Security & Risk Specialist to join their Global ...

Information Security & Risk Specialist Role: Information Security & Risk Specialist Specialism(s): Global Information Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract … Months Pay Rate: £400 - £495 per day Location: London, On-Site Working (1 day remote per week) Start: ASAP/Urgent Information Security & Risk Specialist CPS Group UK are delighted to be working with a leading, global Entertainment brand to appoint an Information Security & Risk Specialist to join ...

Title: GRC Risk Analyst Location: London, UK Duration: 6+ months Working Mode: hybrid Summary Seeking an experienced GRC Risk Analyst to support technology, information security, and regulatory risk activities. The role focuses on risk assessments, risk register management, reporting , and working with stakeholders across business … technology. Key Responsibilities Perform technology, information security, data, and third-party risk assessments. Apply ISO 27001, NIST, GDPR, and UK/EU regulatory frameworks. Maintain and monitor enterprise risk registers and remediation actions. Engage stakeholders across business, IT, security, privacy, and compliance. Prepare risk reports and senior ...

Risk Manager 6 months Remote £700 per day inside IR35 - Umbrella only Active SC clearance required Role overview: Risk Management is anticipating, mitigating, and managing bid, contract and operations risks in every phase of the contract lifecycle, being focused on early detection and being ready to intervene. This … avoiding and minimizing slippages and/or failures in contract execution and delivery to protect the objectives of the business, notably its profitability. The Risk Manager monitors contract performance and carries out risk assessment within a limited portfolio or local market. You will apply the applicable risk ...

Security Risk Principal £110,000–£120,000 + Bonus Hybrid | London (2–3 days per week) We’re partnered with one of the UK’s most recognisable brands, seeking a Security Risk Principal to play a pivotal role in shaping and safeguarding their global cyber‐risk posture. … This is a senior, high‐visibility position where you’ll define risk strategy, operationalise a new cybersecurity risk assessment framework, and influence decision‐making across business and technology functions. As Security Risk Principal, you’ll act as the organisation’s authority on cyber risk — blending ...

operating with autonomy in production environments. If you've been following the trajectory from static models to agentic systems—and the corresponding explosion in risk surface area—you know why this matters now. About governr governr is the AI risk platform for regulated enterprises. We provide complete … visibility, real-time risk eval and quantification, and audit-ready compliance docs for enterprises deploying agentic AI. We've built the industry's most comprehensive AI risk assessment framework: We're currently in active discussions with tier-1 financial institutions and have secured design partners with leading ...

operating with autonomy in production environments. If you've been following the trajectory from static models to agentic systems—and the corresponding explosion in risk surface area—you know why this matters now. About governr governr is the AI risk platform for regulated enterprises. We provide complete … visibility, real-time risk eval and quantification, and audit-ready compliance docs for enterprises deploying agentic AI. We've built the industry's most comprehensive AI risk assessment framework: We're currently in active discussions with tier-1 financial institutions and have secured design partners with leading ...

ONLYKey Responsibilities Lead and continuously improve The organisation's third-party cyber risk assurance process, covering onboarding, risk assessment, due diligence, and ongoing monitoring. Develop and maintain a robust vendor criticality assessment model, ensuring assurance activities are aligned to supplier risk level. Define … diligence requirements for critical and high-risk third parties in alignment with DORA, NIS2, PRA, FCA, and other emerging regulatory obligations. Produce dashboards, scorecards, and MI reports that provide senior stakeholders with meaningful insight into the organisation's third-party cyber risk posture. Embed third-party security controls ...

policy and regulatory frameworks Lead technical security design across infrastructure, cloud and application environments Collaborate with SMEs across Identity, Security Testing and Privacy Conduct risk assessments and support threat modelling activities Provide clear justification of design decisions to both technical and non-technical stakeholders Ensure alignment to industry standards … Azure or Google Cloud Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing me directly ...

Risk & Compliance Officer My client based near Stratford-upon-Avon are looking for a Risk & Compliance Officer to join their team. This is a hybrid role – 2 – 3 days per week in the office. Salary approx. £70,000 - £85,000 + Bonus + Excellent Benefits The Role This …/PRA regulations, PCI DSS standards and broader industry requirements. Working cross-functionally with product, technology, legal and senior leadership teams, you’ll embed risk management into day-to-day operations and product development, while acting as a trusted advisor to the Executive Team and Board. This ...

Team utilising the support of other team members where necessary. The role is to be an active participant and, where appropriate, leader of risk-based audit reviews, and will assist the IT Team to issue recommendations to remediate any identified issues and weaknesses. Key Responsibilities Leads or acts … other team members involved in an assignment. At all times, the role holder will have regard for the main risks detailed in the Risk and related Control Matrix and, where acting in a management capacity, will plan and organise an assignment (including the allocation of staff) as well ...

Senior Security Risk Specialist – Contract Location - London (Hybrid – 2 days onsite in Bank) Term: 6 months Rate: £800 per day (Inside iR35) We’re looking for a Senior Security Risk Specialist to support a technology company’s Security Risk Management function. Reporting to the Head of Security … Risk & Assurance, this hands-on role focuses on designing, improving, and operating security risk management frameworks in a fast-paced, cloud-first environment. Key responsibilities: Run and improve the security risk management framework Conduct security risk assessments and define mitigation strategies Advise engineering and product teams ...

Infrastructure services, assess and classify identify security threats and define threats mitigation solutions in alignment with the stakeholders. Monitor for vulnerabilities, perform ongoing risk assessment and collaborate with cross-functional teams to mitigate the risk. Define the pentesting scope and scenarios. Develop and maintain documentation providing clear guidelines … environments. Cloud Security: Competent understanding and experience of securing at minimum AWS cloud infrastructure environments, CI/CD pipelines, containerized environment and Linux systems. Risk Assessment: Experience with assessing security findings and mitigation strategies Security Savvy: Competent knowledge of common security frameworks and tactics, including STRIDE, MITRE ...

Infrastructure services, assess and classify identify security threats and define threats mitigation solutions in alignment with the stakeholders. Monitor for vulnerabilities, perform ongoing risk assessment and collaborate with cross-functional teams to mitigate the risk. Define the pentesting scope and scenarios. Develop and maintain documentation providing clear guidelines … environments. Cloud Security: Competent understanding and experience of securing at minimum AWS cloud infrastructure environments, CI/CD pipelines, containerized environment and Linux systems. Risk Assessment: Experience with assessing security findings and mitigation strategies Security Savvy: Competent knowledge of common security frameworks and tactics, including STRIDE, MITRE ...

this role, you'll be: Providing the Secure by Design risk and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. … Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite. Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate security and risk ...

able to work across multi-cloud setups such as Azure. - Excellent communication skills, able to explain security clearly to cross-functional teams. - Skilled in risk assessment, threat modeling, secure design, and architecture reviews. - Solid documentation skills for risks, decisions, and technical designs. - Ability to guide and mentor DevOps … . - Familiarity with connected services, PKI (onboarding/offboarding), UNECE R155, and distributed systems is a plus. Required Skills: - Cloud security (AWS) - DevSecOps tools - Risk Assessment - IAM (Identity Access Management) - Threat Modeling - Security frameworks - Security Architecture - Secure SDLC practices Preferred Skills: - Distributed systems - UNECE R155 - PKI management - Multi ...

background in Cyber Security Assurance within a high-threat government environment. Skills and experience. Experience in producing GovAssure and Secure-By-Design assessments, including Risk Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience with security architecture and Security Information … System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework, ISO 27001, NIST, COBIT, as well as SABSA and TOGAF. Experience in risk and threat modelling within high-threat government environments. Preferred ...

Cyber & Data Risk Lead - Financial Services c 60,000- 80,000 (DOE) + Performance Bonus East Midlands A high-growth privately owned financial services organisation is seeking to appoint a Cyber & Data Risk Lead to take ownership of its data governance framework, security control environment, and third-party … data risk oversight. This is a senior and highly visible role, operating at the intersection of Technology, Risk, Compliance, and Commercial decision-making. The successful candidate will play a pivotal part in ensuring that sensitive customer, partner, and business data is protected, well-governed, and used responsibly ...

Cyber & Data Risk Lead - Financial Services c£60,000-£80,000 (DOE) + Performance Bonus East Midlands A high-growth privately owned financial services organisation is seeking to appoint a Cyber & Data Risk Lead to take ownership of its data governance framework, security control environment, and third-party … data risk oversight. This is a senior and highly visible role, operating at the intersection of Technology, Risk, Compliance, and Commercial decision-making. The successful candidate will play a pivotal part in ensuring that sensitive customer, partner, and business data is protected, well-governed, and used responsibly ...

governance frameworks, policies, and controls aligned with recognised international standards, including ISO 27001 and the NIST Cybersecurity Framework. * Own and evolve the cyber security risk management strategy to enable proactive identification, assessment, and mitigation of cyber risks. * Lead cyber security risk assessment activities, applying the Enterprise … Risk Management Framework, Information Security Management System (ISMS), and NIST risk management practices. * Partner with senior leaders and cross-functional teams to embed cyber security considerations into business processes and decision-making. * Work closely with procurement teams to identify, assess, and manage cyber security risks associated with suppliers ...

Markets is seeking an experienced Information Security Manager to play a pivotal role in shaping and strengthening our global security governance and risk framework. Operating across multiple regulatory jurisdictions, CMC develops and delivers its own retail and B2B trading and investment platforms. This role sits at the heart … Group-wide security strategy — ensuring robust governance, effective risk management, and regulatory alignment across the business. This is a governance-focused position. It is not a hands-on cyber operations role, but one that requires strategic oversight, regulatory confidence, and the ability to influence across distributed international teams. ...

that is must be undertaken with regard to the Trust Information Governance and Information Security policies. The post holder must adhere to the Trust risk assessment and risk management processes. The post holder must adhere to infection control policies and procedures. Undertake mandatory training and any other ...

appropriate analysis to develop robust business cases and contribute to project products.Analyse, interpret and present data to highlight issues, risks and support decision making.Undertaking risk assessments in line with the G&SCP risk assessment processDevelop efficient processes for data collection, transformation and extraction.Develop robust and efficient datasets … fit.Awareness and practice of NHS Englands relevant external processes for decision making in progressing options, business cases or policy development. For example, economic impact assessment, health impact assessment and strategic needs assessments.They will manage projects to deliver key reporting enhancements to support the collaboration of existing work. They ...

Vendor Onboarding & Third Party Risk Management Consultant Contract until end of 2027 Remote with some travel to site (England, Ireland or Poland based) £(Apply online only) per day (IR35 status dependent on location of role) My client, in the Fintech industry are looking for an experienced Vendor Onboarding/… Third Party Risk Management Consultant to join a fast-paced, global organisation supporting vendor onboarding and risk assessment activities. You ll play a key role in ensuring vendors are onboarded efficiently, risk assessed appropriately, and fully compliant with internal governance and regulatory requirements. This ...