1 to 25 of 44 Risk Management Jobs in Bristol

diverse personalities, characters, and perspectives. There really is a place for you here. Why Join KPMG as a Manager - IGH GRCS? KPMG's Governance, Risk and Compliance Services (GRCS) practice within IGH is an area of the firm with tremendous growth potential. GRCS is an integral part of our … Enterprise Risk advisory practice. We provide services relating to internal audit, internal control, corporate governance, risk management and related assurance projects. Clients are based in the public sector and our services deliver added value to clients using modern control assessment, risk management and audit techniques … focusing on strategic, management and operational issues as well as financial management and reporting controls. We also work closely with other consulting teams including our colleagues in Technology Risk and Cyber Risk to ensure our clients receive the best possible advice and assurance. What will you More ❯

allowance, plus up to 10% performance bonus*, plus excellent benefits package. Logiq is a fast-growing Technology Company, providing cutting-edge solutions to high-risk clients across Private and Public Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our … team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves applying risk-based decision-making to ensure security measures are proportionate … MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business More ❯

Experience Proven experience in security assurance and risk management within defence, government, or high-security environments. Strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. Experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo … Secure by Design, and security impact assessments (SIAs). Responsibilities 1. Documentation & Security SME Advice Security Documentation Management: Prepare, review, and manage comprehensive security documentation to support project security objectives. Subject Matter Expert (SME) Review: Assess supplier security outputs to ensure alignment with security requirements and best practices. RMADS … Management: Collaborate with suppliers to ensure the Risk Management and Accreditation Document Set (RMADS) is appropriate for the current stage of the programme. 2. Security Impact Assessments & Integration Security Impact Assessments (SIAs): Support the identification, assessment, and mitigation of security risks associated with system changes. Codes of More ❯

us to deliver impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/… IPS, Email protection amongst others. In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing … data relating to insider threats and legal matters. Build and maintain PowerBI dashboards. Support the cyber risk management team with data requests to support cyber risk management tasks. Work with and articulate highly complex datasets and analysis concisely. Connect to your skills and professional experience Do More ❯

Overview Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness unrelenting technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide. As part of the Expleo Digital and Technology (DigiTech … or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases, control matrices, and evidence submissions. Ensure alignment with applicable defence and industry standards and other MOD-aligned frameworks. Engage with engineering … suppliers, and accreditation authorities to support the assurance lifecycle and manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance More ❯

Overview Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness unrelenting technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide. As part of the Expleo Digital and Technology (DigiTech … or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases, control matrices, and evidence submissions. Ensure alignment with applicable defence and industry standards and other MOD-aligned frameworks. Engage with engineering … suppliers, and accreditation authorities to support the assurance lifecycle and manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance More ❯

This individual will provide architectural leadership across IT infrastructure, applications, and cybersecurity domains, with a strong emphasis on secure-by-design principles and NIST Risk Management Framework compliance. The role requires effective communication with senior client stakeholders and the ability to influence technical decisions through sound governance and … the product lifecycle. Ensure architecture and solution designs comply with NIST controls, regulatory requirements, and internal cyber security policies. Collaborate with information architecture, security, risk, and compliance teams to assess architectural risk and apply appropriate mitigation measures. Governance & Assurance Lead architectural governance forums, ensuring all solutions align with … environments. Expertise in IT infrastructure architecture (eg networks, servers, storage, virtualisation), application architecture (eg integration, APIs, data), and cyber security architecture (eg identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven More ❯

a Senior Cyber Security Consultant, you'll have a role that is out of the ordinary. You will join our Information Assurance and Cyber Risk team that provides expert risk assessments, analysis and advice to clients within the Defence Sector. Day-to-day, you'll be a key … stakeholder in the Security Risk Management process, working closely with our clients to identify and respond to cyber threats and security risks. Your responsibilities will include: Providing subject matter expertise, advice, and guidance on security matters relating to the secure configuration and operation of MoD systems throughout the … requirements and vulnerabilities, escalating unresolved vulnerabilities when appropriate. Managing the effective coordination of all security-related activities, including but not limited to, queries, incident management, document reviews and testing. This role is 37 hours per week based at our customer site near Corsham. Hybrid working patterns available. Essential experience More ❯

edge products and technology. Key Accountabilities : Identify security requirements and ensure the integration of security controls during the product development lifecycle. Develop and implement risk management strategies using relevant risk assessment frameworks & perform security threat modelling and risk assessments using various threat modelling tools Communicate risk findings and recommendations to stakeholders, including senior management and product teams, while collaborating with the development teams to ensure the adoption of secure by design principles to reduce risk. Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter measures to mitigate … by Design. Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Why Join? You'll gain More ❯

AtkinsRéalis is one of the world's leading design, engineering, and project management consultancies. We have the breadth and depth of expertise to respond to the most technically challenging and time critical projects. Protecting the security of our home and of our citizens abroad is one of government's … manage security assurance activities of Defence systems, ensuring compliance with Defence, corporate or regulatory requirements and secure use in operational environments. Perform Cyber Security risk assessments, determining the most cost-effective deployment of security controls and solutions in line with business risk appetite, protecting information assets from loss … services we deliver. What you can bring? Essential: Experience of delivering technical Cyber Security consultancy in multi-disciplined environments. Experience of Information Assurance, including risk assessments, risk management and the deployment of appropriate controls. An excellent communicator, verbal (active listener) and written (able to write concisely). More ❯

requirements. Prepare and present reports and dashboards (including in SAP) on IT control effectiveness to senior management. Support Senior Manager and key stakeholders in Risk and compliance teams. Work as part of a small team of ICOFR controls and assurance specialists. Support horizon scanning for new emerging risks and … in driving complex IT controls with business sponsors and IT technical delivery teams. Comfortable managing stakeholders in a complex environment of business and audit risk demand. Good knowledge of risk management and Enterprise Risk Management practices. Experience of ICOFR controls, compliance controls, and frameworks to … ensure assurance through the three lines of defence model. Experience in ensuring compliance with regulatory requirements and internal policies. Core project and programme management skills. About us BT Group was the world's first telco, and our heritage in the sector is unrivalled. As home to several of the More ❯

overseeing security infrastructure to protect products and systems from security threats. This role ensures security controls are integrated throughout the software development lifecycle, performs risk assessments, and collaborates with stakeholders to mitigate vulnerabilities. The Security Architect will also contribute to security compliance and best practices, ensuring products meet regulatory … and industry standards. The Role Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. … across the organization. The Person Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP). Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling More ❯

individual will provide architectural leadership across IT Infrastructure, Applications, and Cyber Security domains, with a strong emphasis on Secure by Design principles and NIST Risk Management Framework compliance. The role requires effective communication with senior client stakeholders and the ability to influence technical decisions through sound governance and … lifecycle. o Ensure architecture and solution designs comply with NIST controls, regulatory requirements, and internal cyber security policies. o Collaborate with Information Architecture, Security, Risk, and Compliance teams to assess architectural risk and apply appropriate mitigation measures. · Governance & Assurance o Lead architectural governance forums, ensuring all solutions align … environments. · Expertise in IT infrastructure architecture (e.g. networks, servers, storage, virtualisation), application architecture (e.g. integration, APIs, data), and cyber security architecture (e.g. identity & access management, threat modelling, security controls). · Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. · Proven More ❯

individual will provide architectural leadership across IT Infrastructure, Applications, and Cyber Security domains, with a strong emphasis on Secure by Design principles and NIST Risk Management Framework compliance. The role requires effective communication with senior client stakeholders and the ability to influence technical decisions through sound governance and … lifecycle. o Ensure architecture and solution designs comply with NIST controls, regulatory requirements, and internal cyber security policies. o Collaborate with Information Architecture, Security, Risk, and Compliance teams to assess architectural risk and apply appropriate mitigation measures. Governance & Assurance o Lead architectural governance forums, ensuring all solutions align … environments. Expertise in IT infrastructure architecture (e.g. networks, servers, storage, virtualisation), application architecture (e.g. integration, APIs, data), and cyber security architecture (e.g. identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven More ❯

aiming to achieve chartership. What you'll do As a Project Engineer, you will be working with the Lead Design Engineers and the Project Management team based in the South and Southwest Area of the Wessex Water region, in Bristol, Bath, Dorchester and Poole. It is envisaged that the … with third party stakeholders regarding land use, environmental constraints, power supply. The key focus of this role is facilitating delivery through active communication. Contract Management You'll work with our Project Managers to oversee the delivery of all phases of engineering schemes in accordance with the NEC4 contract. You … ensuring improvements found on one scheme are translated across a whole programme. Costing Supporting with the development of Operational and Carbon costing of schemes. Risk Management Working together with our Capital Delivery Partner to identify and mitigate risks as early as possible. Continuous Improvement Facilitating and where possible More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams … Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something … Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including More ❯

AtkinsRéalis is one of the world's leading design, engineering, and project management consultancies. We have the breadth and depth of expertise to respond to the most technically challenging and time critical projects. Protecting the security of our home and of our citizens abroad is one of government's … manage security assurance activities of Defence systems, ensuring compliance with Defence, corporate or regulatory requirements and secure use in operational environments. Perform Cyber Security risk assessments, determining the most cost-effective deployment of security controls and solutions in line with business risk appetite, protecting information assets from loss … What you can bring? Essential: Experience of delivering technical Cyber Security consultancy in multi-disciplined environments. Experience of Information Assurance, and developing Information Security Management Systems (ISMS), including risk assessments/management and the deployment of appropriate controls. An excellent communicator, verbal (active listener) and written (able More ❯

manage security assurance activities of Defence systems, ensuring compliance with Defence, corporate or regulatory requirements and secure use in operational environments. Perform Cyber Security risk assessments, determining the most cost-effective deployment of security controls and solutions in line with business risk appetite, protecting information assets from loss … What you can bring: Essential- Experience of delivering technical Cyber Security consultancy in multi-disciplined environments. Experience of Information Assurance, and developing Information Security Management Systems (ISMS), including risk assessments/management and the deployment of appropriate controls. An excellent communicator, verbal (active listener) and written (able … professional body such as the Institute of Information Security Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in More ❯

manage security assurance activities of Defence systems, ensuring compliance with Defence, corporate or regulatory requirements and secure use in operational environments. Perform Cyber Security risk assessments, determining the most cost-effective deployment of security controls and solutions in line with business risk appetite, protecting information assets from loss … What you can bring: Essential- Experience of delivering technical Cyber Security consultancy in multi-disciplined environments. Experience of Information Assurance, and developing Information Security Management Systems (ISMS), including risk assessments/management and the deployment of appropriate controls. An excellent communicator, verbal (active listener) and written (able … professional body such as the Institute of Information Security Professionals (IISP), IS2, BCS and Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding More ❯

and services—by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance with defence-grade standards. Key Responsibilities Risk Assessments & Vulnerability Management Conduct comprehensive security risk assessments at each product phase (design, implementation, deployment). Identify vulnerabilities in architectures, codebases, and …/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement … practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/ More ❯

line capability wherever and whenever required. We are looking for an experienced product security practitioner with expertise in developing and maintaining robust product security management systems for defence and government customers. The Chief Product Security Engineer will take responsibility for ensuring that all security aspects of the design, development … as a Chief Product Security Engineer: Provide security advice and support to product development teams, including in terms of: Deriving security requirements Undertaking security risk assessments for products Preparing security risk mitigation plans Review and approval of Security Management plans Security policy maintenance and monitoring Production of … LoB security metrics Management of attendance at external security forums Attendance and support to the Security Special Interest Group Lead security incident management teams during incident/crisis situations in conjunction with the Lead Product Security Engineer(s) The Chief Product Security Engineer has delegated authority within the More ❯

ranging set of clients and cutting-edge technologies. Our work covers a broad range of topics including architecture development, cyber security, programme and project management through to data engineering/analytics and AI. We have a long track record of successful delivery and, as a result, are trusted to … risks posed by new technologies and business practices; Providing advice to customers on Information Assurance and architectural problems and risks; Supporting the development of Risk Management Accreditation Document Sets (RMADS); Scoping security testing activities, and explaining the findings and required remedial actions to project stakeholders; Investigating security incidents … Promoting security awareness within project teams, and within the company; Conducting Cyber Security Risk Assessments; Providing Assurance of cyber security management controls and processes. Amongst other things you will gain experience in a manner that will provide the right level of support and challenge to ease the transition More ❯

testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response processes. Risk Management & Compliance - Proficiency in identifying potential security risks, conducting risk assessments, and ensuring compliance with legal and regulatory standards. Security Architecture & System … Hardening - Experience designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential More ❯

testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response processes. Risk Management & Compliance - Proficiency in identifying potential security risks, conducting risk assessments, and ensuring compliance with legal and regulatory standards. Security Architecture & System … Hardening - Experience designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential More ❯

service products are designed, developed, and maintained with strong security features. The role involves identifying and mitigating security risks throughout the product lifecycle, conducting risk assessments, and collaborating with development teams to integrate secure coding practices. The Role Key Responsibilities: Conduct risk assessments, identify vulnerabilities, and implement mitigation … NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and More ❯