1 to 25 of 66 Risk Assessment Jobs in the South West

Job Description Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management. As a Tech Risk & Controls Lead in Cloud Foundational Services, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards within our Cloud environment. You will … legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a … diverse team in a dynamic and evolving risk landscape. Job responsibilities Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations in Cloud environments Develop and maintain robust relationships, becoming a trusted partner with business technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared More ❯

of a significant programme, during which you will ensure that the product and associated deliverables are as secure as reasonably practicable, and in accordance with customer's requirements and risk appetite. You will be supported in this role as part of a larger consulting team, engineers and product domain specialists. Your work at Leonardo UK will see you take … and detailed system and security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with More ❯

skills (Data Analytics, IT fundamentals, and GenAI), and Agile methods, and serve as a role model for delivering change. What will you be doing? Input into the overall UK risk assessment and audit planning and, determining the right auditscope, key risks to be addressed and most suitable audit techniques and approaches alongside the Audit Director Keeping the business … Security and new technologies, such as Robotics and Artificial Intelligence. Experience in third-party, outsourcing and project management auditing. Strong understanding and applicability of audit and/or business risk management and control processes. Proven record of working with and influencing executive/senior stakeholders, verbally and through written reports. Demonstrated success in business, functional and people management. Excellent More ❯

this role, you will serve as a Control Manager Executive Director, responsible for leading and building out an enhanced control framework that supports a continuous and integrated approach to risk assessment. You will oversee governance, controls, and tooling strategies for our data, analytics, and AI initiatives, ensuring that our systems are developed, deployed, and maintained in a manner that … and CAO to align data, analytics, and AI governance and tooling strategies with organizational objectives. Provide leadership support for the end-to-end execution of the Control and Operational Risk Evaluation (CORE), including control deficiencies and resolutions, to reduce financial loss, regulatory exposure, and reputational risk. Monitor and assess the performance and impact of data, analytics, and AI systems … with governance policies and procedures. Manage and motivate a team focused on reducing financial loss, regulatory exposure, and reputational risk. Provide ongoing feedback and training and develop employees on risk concepts and the application to risk and control evaluation. Provide guidance and training to team members on data, analytics, and AI governance best practices and tooling usage. Stay More ❯

Social network you want to login/join with: Technology Risk & Controls Lead - Cloud, Bournemouth col-narrow-left Client: Location: Bournemouth, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: 7728931e39d0 Job Views: 10 Posted: 22.06.2025 Expiry Date: 06.08.2025 col-wide Job Description: Join our team to play a pivotal role in … mitigating tech risks and upholding operational excellence, driving innovation in risk management. As a Tech Risk & Controls Lead in Cloud Foundational Services, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards within our Cloud environment. You will also provide subject matter expertise and technical guidance to technology-aligned … legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a More ❯

coupled with our extensive experience of engineering, regulatory practices and operations delivery enable us to develop sustainable, long-term solutions for our clients. The Role As a Senior Consultant - Risk Manager , you will play a key role in delivering risk management solutions to clients, helping them identify, assess, and mitigate risks while ensuring regulatory compliance and operational resilience. … Your key responsibilities will include: Risk Strategy & Project Leadership: Develop and implement risk management frameworks, ensuring effective mitigation strategies Stakeholder Engagement: Collaborate with clients, regulators, and internal teams to align risk initiatives with business goals Risk Assessment & Compliance: Identify, assess, and monitor risks while ensuring adherence to regulatory and industry standards Data Analysis & Reporting: Provide … insights through risk modelling, scenario analysis, and strategic reporting Process Improvement & Advisory: Recommend enhancements to governance, controls, and resilience planning Apply to DAS if you want to work on varied, complex projects within a business that values your development, where no two days are alike, and where you'll have a tangible impact on critical infrastructure in the UK. More ❯

the IT internal control environment for the organization. This position reports to the IT Senior Audit Manager. Primary Duties/Responsibilities: Assist the IT Senior Audit Manager in conducting risk assessment and designing testing strategy during audit planning. Plan and perform assigned audits; prepare audit programs and work papers detailing audit procedures, ensuring adequate evidence is obtained in … to opening, closing, status. Review the work of team members on the project to ensure that standards are met. Mentor audit team members. Assist IT auditors in the identification, assessment, and reporting on exceptions to compliance with Adient policies, procedures, standards and guidelines, and weaknesses in IT internal controls. Document the findings in a clear and concise manner. Lead … plus. IT audit experience with client/server platforms and databases (AIX, Linux, Windows, Oracle Database) Clear understanding of IT audit methodologies and frameworks (COBIT, NIST, ISO, etc.) and risk-based auditing Strong working knowledge of Microsoft Word, Excel, and PowerPoint Ability to travel internationally PRIMARY LOCATION Central Tech Unit Plymouth MI #J-18808-Ljbffr More ❯

crucial role in safeguarding the organisation's sensitive data, intellectual property, and information systems from potential threats and cyberattacks. The CISO collaborates with various departments, including IT, legal, business risk, and business units, to ensure the implementation of effective security measures and adherence to industry best practices and regulatory requirements. As CISO, you will be responsible for: Information Security … Strategy: Develop and communicate a comprehensive information security strategy that aligns with the overall business goals and objectives. Ensure adherence to this strategy across the entire technology estate. Risk Management: Identify, assess, and prioritise security risks, considering potential impact on the organisation's operations, reputation, and finances. Implement security risk mitigation measures and foster a security-aware organisational … continuity in relevant committees. Security Architecture: Collaborate with IT to design and maintain secure infrastructure and applications, ensuring security controls are integrated from the outset. Vendor and Third-Party Risk Management: Assess and monitor the security posture of third-party vendors and service providers. Security Compliance and Auditing: Review security measures, support audits, and ensure remediation of findings. Security More ❯

Role Purpose NCC Group provides Information Assurance consultancy to help companies protect critical systems and information. We do this by defining security strategies, developing policies, conducting security maturity and risk assessments and implementing security solutions. We also provide security staff augmentation to clients so that our consultants may occupy security roles within the client environment in the short, medium … or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity/Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR consulting & implementation Alongside our core services … we have a range of bespoke services to help organisations protect their systems and information: Risk Assessments Security Architecture Review Information Security Awareness and Training Programmes Information Security Policy Development Security Transformation Programmes We have a fantastic new opportunity to join our Consulting & Implementation division for a Senior Consultant. The ideal candidate will have commercial experience within the information More ❯

skills (Data Analytics, IT fundamentals, and GenAI), and Agile methods, and serve as a role model for delivering change. What will you be doing? Input into the overall UK risk assessment and audit planning and, determining the right audit scope, key risks to be addressed and most suitable audit techniques and approaches alongside the Audit Director. Keeping the … Security and new technologies, such as Robotics and Artificial Intelligence. Experience in third-party, outsourcing and project management auditing. Strong understanding and applicability of audit and/or business risk management and control processes. Proven record of working with and influencing executive/senior stakeholders, verbally and through written reports. Demonstrated success in business, functional and people management. Excellent More ❯

on how to move our UK business forward. You will be asked to drive change and improve on a set of already well-established IT Controls and an IT Risk Management Framework to allow senior IT management, business functions and 3rd party service providers to demonstrate they are managing and safeguarding company assets, data, and operations. Your ideas will … Controls Manager and other governance colleagues to gather data and collate, aggregate and interpret information to provide the Boards of Directors, Business Executives and other interested parties with an assessment of the UK IT Risk and Controls landscape. You will also manage multiple demands for IT risk-based information within Zurich, ensuring all reporting commitments are met. … alongside local and regional Group IT functions, Service Providers (through internal and external suppliers), and business functions to ensure that Zurich is proactive in the management of IT Operational Risk and Controls. The role is varied, interesting, and there are genuine opportunities to get stuck in and make a difference Many of our employees work flexibly in a variety More ❯

of the security architecture of the client's IT systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design … solutions Develop secure conceptual, logical and high level designs by identifying appropriate security controls to be embedded in solutions that meet business requirements whilst evidencing alignment to the target risk appetite. Own the design and be able to articulate and justify design recommendations at security architecture assurance gates Draft design documentation, options papers, risk assessments, stakeholder presentations and … architecture of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges Contribute to the development More ❯

Recruitment Service (AFRS). Delivered through a partnership of the MOD, Serco, and our consortium of partners, this service will provide end-to-end support from candidate attraction to assessment, onboarding, and Phase 1 training. Our team brings together best-in-class integrated technology and specialist partners to offer a holistic recruitment and skills solution for the UK Armed … responsibilities of the role: Engage with key industry partners and suppliers to ensure ongoing compliance with MOD standards (e.g., Secure By Design, DefStan 05-138). Conduct information security risk assessment and management using recognized frameworks such as NIST SP800. Perform information security assurance activities and manage incidents. Establish and manage internal and external Security Working Groups. Support … Design, JSP 440, and DefStan 05-138/DCPP. ISO27001 Lead Implementer/Auditor, CISSP or CISM. Strong understanding of data protection compliance and relevant privacy certifications. Proficiency in risk management using recognised frameworks like NIST. Experience in creating and delivering security awareness training. Ability to work effectively with stakeholders to support contract and business unit needs. Clear communication More ❯

Data Governance and management team. •Oversee the acquisition, collection, storage and analysis of our business data with a Data Management best practice and compliance lens. •Actively contribute to Data Risk management and our risk assessment processes by identifying data risk, defining and establishing data management controls to mitigate data risk. •Develop and implement data management strategies More ❯

adheres to best practices and legislation in data protection, information security, quality management, environmental compliance and industry-specific security standards. The ideal candidate will have experience in compliance management, risk assessment, audits, security frameworks and policy implementation. They will need to work across teams such as IT, Operations, Finance, Delivery and Engineering to ensure robust governance, risk … and compliance Information security and Cyber Essentials Plus Oversee Cyber Essentials Plus compliance ensuring security controls are in place Work closely with the IT team to assess vulnerabilities, manage risk and implement cyber security policies Work with the Head of IT to manage incident response planning and ensure security incidents are managed in line with best practices Data protection … Assessments (DPIAs) Implement processes around Data Subject Access Requests (DSARs) and breach management Ensure compliance with any client and third-party data processing agreements (DPAs) and data retention rules Risk management and policy development Review, update, maintain and enforce policies and procedures related to: Information security Data protection Environmental sustainability Business continuity Incident response Supplier security assessment Maintain More ❯

adheres to best practices and legislation in data protection, information security, quality management, environmental compliance and industry-specific security standards. The ideal candidate will have experience in compliance management, risk assessment, audits, security frameworks and policy implementation. They will need to work across teams such as IT, Operations, Finance, Delivery and Engineering to ensure robust governance, risk … and compliance Information security and Cyber Essentials Plus Oversee Cyber Essentials Plus compliance ensuring security controls are in place Work closely with the IT team to assess vulnerabilities, manage risk and implement cyber security policies Work with the Head of IT to manage incident response planning and ensure security incidents are managed in line with best practices Data protection … Assessments (DPIAs) Implement processes around Data Subject Access Requests (DSARs) and breach management Ensure compliance with any client and third-party data processing agreements (DPAs) and data retention rules Risk management and policy development Review, update, maintain and enforce policies and procedures related to: Information security Data protection Environmental sustainability Business continuity Incident response Supplier security assessment Maintain More ❯

strong security culture and advise on security risks and mitigations. Maintain knowledge of security threats, vulnerabilities, and compliance standards. Lead efforts in security monitoring and incident response. Support security risk management and compliance with standards like PCI, GDPR, ISO. Perform other duties as assigned. Qualifications 10+ years of experience in information security, including vulnerability assessment, incident response, and … audits. 5+ years working with business leadership and managing projects in a complex environment. Knowledge of security technologies and concepts such as firewalls, intrusion detection, encryption, cloud security, and risk assessment. 3+ years in security compliance and audit support (PCI DSS, GDPR, etc.). Bachelor’s degree in IT or Security, with relevant certifications like CISSP, CRISC, or CISA. More ❯

not required Ensure adherence to regulatory breach reporting requirements in accordance with the geography and product Facilitate lessons learned reviews ensuring improvement actions are completed within the agreed timescales Risk Management Conduct systematic risk reviews to identify potential compliance gaps and areas of vulnerability. Accurately capture details in Civica's GRC platform Agree and record risk mitigation … level or professional qualification - preferably CIPP/E or similar Possess demonstrable detailed knowledge and understanding of data protection regulations A knowledge of information security controls Proven experience in risk assessment and mitigation strategies Able to analyse complex issues to achieve logical conclusions Confident speaker that can present credible outcomes and influence stakeholders Able to apply active listening More ❯

Principal Cyber Security Risk Manager £54,857+additional allowance up to £25,543 (£80,400) Multiple locations: Newcastle/Leeds/Oldham/Bristol/Swansea/Nottingham/Birmingham Hybrid working: 60% attendance per week Permanent Overview: Principal Cyber Security Risk Manager Sellick Partnership have partnered with the Driver and Vehicle Standards Agency to recruit a Principal Cyber … Security Risk Manager. To ensure agility as part of continuous the organisation, this role is integral to ensure that information and security risk associated with a service group are visible and responded to in a collaborative and visible manner. The role holder identifies, understands, and mitigates cyber-related risks. The role holder provides corporate risk processes, and … the Chief Data & Security Officer and Service Owners with advice to help them make well informed risk-based decisions. The role sits as part of a wider security team reporting to the Head of Cyber Security. Benefits: Principal Cyber Security Risk Manager Flexible working options encouraging work-life balance. Exceptional pension - employer contribution of an average of More ❯

Principal Cyber Security Risk Manager 54,857+additional allowance up to 25,543 ( 80,400) Multiple locations: Newcastle/Leeds/Oldham/Bristol/Swansea/Nottingham/Birmingham Hybrid working: 60% attendance per week Permanent Overview: Principal Cyber Security Risk Manager Sellick Partnership have partnered with the Driver and Vehicle Standards Agency to recruit a Principal Cyber … Security Risk Manager. To ensure agility as part of continuous the organisation, this role is integral to ensure that information and security risk associated with a service group are visible and responded to in a collaborative and visible manner. The role holder identifies, understands, and mitigates cyber-related risks. The role holder provides corporate risk processes, and … the Chief Data & Security Officer and Service Owners with advice to help them make well informed risk-based decisions. The role sits as part of a wider security team reporting to the Head of Cyber Security. Benefits: Principal Cyber Security Risk Manager Flexible working options encouraging work-life balance. Exceptional pension - employer contribution of an average of More ❯

Information Security Manager - Corporate Governance, Risk, and Compliance Information Security Manager - CGRC £70k + Bonus + Package, Based Bristol (Hybrid working) This is an exceptional opportunity to work for our client, a global defence tech organisation. In this exciting role the successful candidate will be responsible for providing Information Security support and advice to meet the needs of the … maintaining effective security processes and procedures. Ensure a robust internal governance framework exists for compliance with company and MoD policies SAL, F1686, DCPP. Develop and manage a program of risk assessment activity and provide support and guidance on the implementation of risk management controls. Develop and manage an information security training awareness programme for all employees and … experience in a similar role working as an information security manager with knowledge and experience of UK MOD and Government information security policies, processes, standards, and guidance. Experience in risk management including the creation of information security risk assessments, risk acceptance criteria, and risk treatment plans. Experience of security audit and compliance in accordance with ISO More ❯

a Product Security Engineer to help shape the security architecture of next–generation defence and technology systems. This is a high–impact role where your expertise in threat modelling, risk assessment, and secure–by–design engineering will drive innovation and resilience from day one. What You'll Be Doing: Leading product risk assessments and driving security improvements More ❯

Corporate Secretariat to define the project plan, manage execution, and establish robust governance structures. You'll build a stakeholder matrix and ensure that design and execution decisions are appropriately risk-assessed and approved through the relevant governance forums. Key Accountabilities: Develop a comprehensive project plan aligned with pre-defined objectives and deadlines. Manage all aspects of project execution, including … stakeholder communication and risk mitigation. Build and maintain a comprehensive stakeholder matrix. Establish effective governance structures for design and execution decisions. Liaise with Compliance, Legal, and Corporate Secretariat teams. Ensure appropriate risk assessment and approval processes are followed. Key Skills: Proven experience in requirements gathering and translation for technology projects. Experience managing senior stakeholders at VP/ More ❯

Corporate Secretariat to define the project plan, manage execution, and establish robust governance structures. You'll build a stakeholder matrix and ensure that design and execution decisions are appropriately risk-assessed and approved through the relevant governance forums. Key Accountabilities: Develop a comprehensive project plan aligned with pre-defined objectives and deadlines. Manage all aspects of project execution, including … stakeholder communication and risk mitigation. Build and maintain a comprehensive stakeholder matrix. Establish effective governance structures for design and execution decisions. Liaise with Compliance, Legal, and Corporate Secretariat teams. Ensure appropriate risk assessment and approval processes are followed. Key Skills: Proven experience in requirements gathering and translation for technology projects. Experience managing senior stakeholders at VP/ More ❯

Corporate Secretariat to define the project plan, manage execution, and establish robust governance structures. You'll build a stakeholder matrix and ensure that design and execution decisions are appropriately risk-assessed and approved through the relevant governance forums. Key Accountabilities: Develop a comprehensive project plan aligned with pre-defined objectives and deadlines. Manage all aspects of project execution, including … stakeholder communication and risk mitigation. Build and maintain a comprehensive stakeholder matrix. Establish effective governance structures for design and execution decisions. Liaise with Compliance, Legal, and Corporate Secretariat teams. Ensure appropriate risk assessment and approval processes are followed. Key Skills: Proven experience in requirements gathering and translation for technology projects. Experience managing senior stakeholders at VP/ More ❯