1 to 25 of 67 Risk Assessment Jobs in the UK excluding London

split of 50% home working and 50% onsite. This role supports the OMNIA Security Assurance Lead by carrying out a comprehensive Initial Security Risk Assessment for the MOD CTTP programme-analysing risks, threats, vulnerabilities, architectures and compliance requirements, and producing the formal assessment report. It also supports … coordinating with delivery partners, and helping present the final assessment. Key Responsibilities: Working closely with the OMNIA Security Assurance Lead to conduct Initial Security Risk Assessment Report activities in alignment with MOD Secure by Design (ISN2023/09) assurance activities. Attending workshops and meetings, both in-person ...

Security Risk Assessment Specialist - Freelance Contractor - Brussels Rate: Flexible Duration: 1 year - freelance contract Hybrid: 8 days onsite in Brussels office in a month, the rest can be worked remotely Division : CISO - IT Risk About the Role: We are looking for an experienced and dynamic Senior Security … Analyst to join our IT Risk Transformation team. In this role, you will contribute to the design and enhancement of our application security risk assessment process and will perform security risk assessments across a wide range of applications. To achieve it, you will work closely with ...

months initially (will extend, 6 month rolling) Location: Ipswich 3 days, 2 days remote Position Summary: We are seeking a highly skilled Security Risk Analyst with a strong background in application security, vulnerability management, and risk assessment. In this role, you will be responsible for conducting security diagnostics … across a suite of applications, identifying potential vulnerabilities, and delivering detailed risk assessment reports to the CISO. This position does not involve remediation but plays a critical role in uncovering and reporting risks within the organization’s application landscape. Key Responsibilities: Conduct security risk diagnostics on enterprise ...

Operational Risk Specialist Up to £34k per year Nelson 2/3 days on site An Operational Risk Specialist is responsible for identifying, assessing, and monitoring risks across various business units within an organization. They facilitate risk workshops, maintain risk registers, and track key risk indicators to ensure effective risk management. The role involves collaborating with stakeholders to embed a strong risk culture and supporting governance through reporting and assurance activities. Additionally, they stay informed about regulatory developments and promote risk awareness through training and communication. Skills Strong understanding of regulatory ...

ONLYKey Responsibilities Lead and continuously improve The organisation's third-party cyber risk assurance process, covering onboarding, risk assessment, due diligence, and ongoing monitoring. Develop and maintain a robust vendor criticality assessment model, ensuring assurance activities are aligned to supplier risk level. Define … diligence requirements for critical and high-risk third parties in alignment with DORA, NIS2, PRA, FCA, and other emerging regulatory obligations. Produce dashboards, scorecards, and MI reports that provide senior stakeholders with meaningful insight into the organisation's third-party cyber risk posture. Embed third-party security controls ...

Risk & Compliance Officer My client based near Stratford-upon-Avon are looking for a Risk & Compliance Officer to join their team. This is a hybrid role – 2 – 3 days per week in the office. Salary approx. £70,000 - £85,000 + Bonus + Excellent Benefits The Role This …/PRA regulations, PCI DSS standards and broader industry requirements. Working cross-functionally with product, technology, legal and senior leadership teams, you’ll embed risk management into day-to-day operations and product development, while acting as a trusted advisor to the Executive Team and Board. This ...

Team utilising the support of other team members where necessary. The role is to be an active participant and, where appropriate, leader of risk-based audit reviews, and will assist the IT Team to issue recommendations to remediate any identified issues and weaknesses. Key Responsibilities Leads or acts … other team members involved in an assignment. At all times, the role holder will have regard for the main risks detailed in the Risk and related Control Matrix and, where acting in a management capacity, will plan and organise an assignment (including the allocation of staff) as well ...

this role, you'll be: Providing the Secure by Design risk and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. … Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite. Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate security and risk ...

Join us as Risk and Control Analyst within IBCOO Technology Risk and Control and be involved in taking ownership of the risk event and issues management process and helping build a collaborative, innovative risk management environment with our stakeholders. To be successful as a Risk and Control Business Partner in this specific team, you should: Have previous experience within Risk and Control in financial services Be able to prioritise risk and multitask Be comfortable in a fast-paced environment and context switching daily Some other highly valued skills may include: Previous experience ...

Cyber & Data Risk Lead - Financial Services c£60,000-£80,000 (DOE) + Performance Bonus East Midlands A high-growth privately owned financial services organisation is seeking to appoint a Cyber & Data Risk Lead to take ownership of its data governance framework, security control environment, and third-party … data risk oversight. This is a senior and highly visible role, operating at the intersection of Technology, Risk, Compliance, and Commercial decision-making. The successful candidate will play a pivotal part in ensuring that sensitive customer, partner, and business data is protected, well-governed, and used responsibly ...

governance frameworks, policies, and controls aligned with recognised international standards, including ISO 27001 and the NIST Cybersecurity Framework. * Own and evolve the cyber security risk management strategy to enable proactive identification, assessment, and mitigation of cyber risks. * Lead cyber security risk assessment activities, applying the Enterprise … Risk Management Framework, Information Security Management System (ISMS), and NIST risk management practices. * Partner with senior leaders and cross-functional teams to embed cyber security considerations into business processes and decision-making. * Work closely with procurement teams to identify, assess, and manage cyber security risks associated with suppliers ...

Markets is seeking an experienced Information Security Manager to play a pivotal role in shaping and strengthening our global security governance and risk framework. Operating across multiple regulatory jurisdictions, CMC develops and delivers its own retail and B2B trading and investment platforms. This role sits at the heart … Group-wide security strategy — ensuring robust governance, effective risk management, and regulatory alignment across the business. This is a governance-focused position. It is not a hands-on cyber operations role, but one that requires strategic oversight, regulatory confidence, and the ability to influence across distributed international teams. ...

that is must be undertaken with regard to the Trust Information Governance and Information Security policies. The post holder must adhere to the Trust risk assessment and risk management processes. The post holder must adhere to infection control policies and procedures. Undertake mandatory training and any other ...

Vendor Onboarding & Third Party Risk Management Consultant Contract until end of 2027 Remote with some travel to site (England, Ireland or Poland based) £(Apply online only) per day (IR35 status dependent on location of role) My client, in the Fintech industry are looking for an experienced Vendor Onboarding/… Third Party Risk Management Consultant to join a fast-paced, global organisation supporting vendor onboarding and risk assessment activities. You ll play a key role in ensuring vendors are onboarded efficiently, risk assessed appropriately, and fully compliant with internal governance and regulatory requirements. This ...

management support, ensuring the delivery of tasks to time, cost, and quality standards. Lead the planning, execution, and monitoring of projects, including resource management, risk assessment, and progress reporting. Apply agile methodologies (Scrum, SAFe) and hybrid frameworks to drive consistency and efficiency. Act as Scrum Master, facilitating ceremonies … required. (Predominantly South and South-West Regions), and the opportunity for occasional international travel. Desirable Technical specialism in aspects of project management e.g. risk management, benefits assessment/realisation, stakeholder analysis, requirements management, Cost budgeting and forecasting. Familiarity with frameworks such as Lean, or Six Sigma. What ...

management support, ensuring the delivery of tasks to time, cost, and quality standards. Lead the planning, execution, and monitoring of projects, including resource management, risk assessment, and progress reporting. Apply agile methodologies (Scrum, SAFe ) and hybrid frameworks to drive consistency and efficiency . Act as Scrum Master, facilitating … South-West Regions) , and the opportunity for occasional in ternational travel . Desirable Technical specialism in aspects of project management e . g . risk management, benefits assessment/realisation, stakeholder analysis, requirements management, Cost budgeting and forecasting . Familiarity with frameworks such as Lean, or Six Sigma ...

data protection, privacy, and information security. You will act as a trusted expert, advising senior leadership and teams across the organisation, ensuring compliance, managing risk, and embedding privacy- and security-by-design practices. Your Tasks Advise leadership and teams on data protection obligations, ensuring compliance with GDPR, UK GDPR … report on security posture, risks, and KPIs to senior management. Stay informed on emerging cyber threats, regulatory changes, and best practices, advising leadership on risk mitigation. Your Profile Strong knowledge of data protection and privacy laws (GDPR, UK GDPR, UK DPA) and sector-specific regulations. Experience in a similar ...

with real-world national security impact, while enjoying hybrid working and strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident … systems Operating in regulated, high-assurance, or defence-related environments Working across engineering teams to embed security early in design Producing security architecture artefacts, risk assessments, and design assurance Engaging with stakeholders to translate security risk into business impact Eligibility for SC clearance (or ability to obtain ...

independent and objective assurance, along with advisory support, to the Audit Committee, Board, and senior management on the effectiveness of the Group’s governance, risk management, and internal control frameworks. You will be responsible for producing high-quality analysis to support the annual risk assessment and audit … through to closure, and ensuring timely escalation where necessary. The role involves proactive collaboration across the Internal Audit function to achieve departmental goals, delivering risk-based audits and reviews in line with methodology, and performing business monitoring to identify changes requiring audit response. You will build strong relationships with ...

working collaboratively across teams. You will be involved in day-to-day security operations while also contributing to longer-term security improvements, projects and risk reduction initiatives across the organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling … remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability assessments, web application scanning and remediation as part of BAU operations Perform risk assessments, identify security gaps and define remediation options Work closely with IT, Infrastructure, Cloud and Service teams to improve security controls across the organisation Review ...

Manager - Real Estate - London - Up to £70,000 Your new company Are you an experienced IT Audit or Technology Risk professional looking to take ownership of a global IT SOX programme? Our client, a fast‐growing international organisation undergoing significant systems transformation, is seeking an IT SOX Manager … role As the IT SOX Manager, you will be responsible for delivering the end‐to‐end IT SOX assurance programme, including: Leading scoping, risk assessment, test planning, execution, and reporting Performing ITGC testing across key domains including change management, logical access, and IT operations Reviewing and validating ...

meet customer requirements. Anticipating that systems will be attacked or misused, Project Security features 2 key areas; Minimising cyber-attack vulnerabilities Minimising the risk of abuse/exploitation What you’ll do Routine : Undertake Project Security risk analysis Ensure project Security deliverables and processes are developed and delivered … series. Experience in delivering project documentation using SbD principles. Experience in Security/Information Assurance e.g. CESG Good Practice Guides. Experience in Security risk assessment e.g. NCSC methodology Commitment to quality, performance and cost, delivering on-time to the highest standard. A collaborative team player. The ability ...

management support, ensuring the delivery of tasks to time, cost, and quality standards. Lead the planning, execution, and monitoring of projects, including resource management, risk assessment, and progress reporting. Apply agile methodologies (Scrum,SAFe) and hybrid frameworks to drive consistency and efficiency. Act as Scrum Master,facilitatingceremonies … England asrequired.(Predominantly South and South-West Regions), andthe opportunity foroccasional international travel. Desirable Technical specialism in aspects of project management e.g.risk management, benefits assessment/realisation, stakeholder analysis, requirements management, Costbudgetingand forecasting. Familiarity with frameworks such asLean, or SixSigma. What we offer We offer a combination of mentoring ...

assurance activities within regulated sectors. Familiarity with HMG Security Policy Framework and NCSC/CPNI guidance. Understanding of information security threats, risks, and risk assessment methodologies (ISO27005, NIST, IRAM2). Excellent written and oral communication skills, with the ability to translate complex findings to non-security audiences. Strong ...

role carries no direct line management responsibility, but you will provide technical direction and guidance across programmes and stakeholders. Responsibilities Acting as a strong risk practitioner, identifying and assessing security risks associated with complex physical systems Conducting risk analysis aligned to structured engineering lifecycles rather than live operational … environments Reviewing and shaping security requirements to ensure appropriate mitigation strategies are embedded early Producing and maintaining key security artefacts including RMADS, Risk Registers, Security Assurance Case Reports and SIOPs evidence Writing and reviewing security test plans, and overseeing outsourced testing activity Presenting and defending the security case ...