25 of 25 Risk Management Jobs in Surrey

driving the attainment and maintenance of the ISO27001, PCI-DSS, and SOC2 compliance. They are the subject matter expert on all things regarding security and compliance, owning the information risk management processes. They are the thought leader on all matters within the security and compliance domain such that the company remains secure against the ever-changing security threat … Work across internal and external stakeholders, communicating the information security strategy to relevant parties and providing assurance of policies, procedures, and systems. Develop, maintain, and expand the information security management system ('ISMS') to optimise compliance for ISO27001, PCI-DSS, and SOC2. Identify gaps in the information security capability, both technical and operational, and propose remediation and mitigation plans and … GDPR, CCPA). Experience with PCI DSS compliance and implementation. Proven success in managing external auditors to achieve positive outcomes. Expert in information security with strong communication and stakeholder management skills. Experience in managing security incidents and leading incident response. Experience with security assessment tools and vulnerability management. Strong vendor management and third-party risk assessment experience. More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. Demonstrate … familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

today! Job Details Position Summary Cencora seeks an attorney with significant experience in data governance, privacy, cybersecurity, and emerging artificial intelligence issues to provide strategic legal advice on data risk management and innovation priorities. This role reports to the Assistant General Counsel - Data Governance, Privacy, and Cybersecurity and collaborates with legal, business, and functional teams across the enterprise. … privacy, cybersecurity, and AI laws, regulations, and guidance. The candidate must have strong analytical skills and deliver pragmatic, business-oriented legal services in a fast-paced technology environment. Project management and prioritization skills are essential, along with the ability to provide strategic insights for compliance and governance in emerging data and technology law areas. Primary Duties and Responsibilities Advise … proposals involving privacy, cyber, and AI risks; provide pragmatic, creative solutions incorporating privacy and security by design. Demonstrate decision-making and communication skills during time-sensitive incidents or high-risk proposals requiring escalation. Manage multiple projects effectively, ensuring high-value and high-risk needs are addressed efficiently and strategically. Experience and Education Requirements Minimum 5-7 years as More ❯

seeks an attorney with significant experience in the areas of data governance, privacy, cybersecurity, and emerging artificial intelligence issues to provide strategic legal advice in addressing Cencora's data risk management and innovation priorities. This role will report to the Assistant General Counsel - Data Governance, Privacy, and Cybersecurity and will collaborate with other legal, business, and functional teams … and the ability to deliver business-oriented, pragmatic, and efficient legal services in a fast-paced, changing technology environment. The successful candidate will also have strong prioritization and project management skills. This suite of skills includes the ability to provide strategic insights to compliance partners tasked with operationalizing privacy and cybersecurity compliance along with developing governance mechanisms for emerging … contract provisions dealing with privacy, cybersecurity, AI, and other data protection and operational continuity issues. This work also envisions creating template agreements and associated playbooks to expedite contracting issue management in privacy, cyber, and AI law arenas. Assess and help mitigate harms associated with privacy and cybersecurity incidents through clear communication, disciplined issue escalation, and partnership with other privacy More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Control management Senior Manager - ServiceNow will be responsible for the following: Shape the development of technology control management including scoping, development of and testing ServiceNow tools for ITRM processes in … DT to allow for an effective, efficient and adaptable risk governance capability and contribute to its continuous improvement. Direct control development across DT, driving a consistent approach utilising the IRM capabilities within ServiceNow. Deliver the DT control library architecture and control data management. Secure commitment from member firms and stakeholders in the global firm to participate in the Technology … assess the member firm's overall IT capability/maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on decisions with technology risk impacts as new activities and other change management/transformational initiatives. Leverage available technical resources More ❯

a hybrid role based in their Guildford office. We offer extensive training, including online, classroom, and in-house courses, leading to nationally recognized qualifications in areas such as Project Management, Agile methodologies, Business Analysis, IT Service Management, Cyber Security, and Technology Procurement. Responsibilities Providing technical assurance that proposed solutions are fit for purpose. Developing new architectures to mitigate … risks posed by emerging technologies and business practices. Advising clients on information assurance, architectural issues, and risks. Supporting the development of Risk Management Accreditation Document Sets (RMADS). Scoping security testing activities, explaining findings, and recommending remedial actions to stakeholders. Investigating security incidents. Promoting security awareness within project teams and the organization. Candidate requirements: HMG Security Policy Framework More ❯

drives us, while a supportive, respectful culture makes it all possible. As a team, we collaborate globally to reach our ultimate goalhelping people. Were searching for a UK-based Risk and Compliance Officer to join our Enterprise Risk & Compliance team, so that we can strengthen and evolve our global compliance program within a dynamic and fast-paced environment. … The Risk and Compliance Officer will collaborate across teams to ensure consistency, uphold best practices, and drive compliance efforts that align with industry standards and regulatory expectations. How Youll Spend Your Time Assistingwith the compliance program and integrated quality/information security management system to maintain alignment with industry standards Facilitatingand conducting risk assessments in order to … promote awareness and adherence Planning and executinginternal audits to identify non-compliance, mitigate risks, and drive continuous improvement What Kind of Things Were Most Interested in You Having Experiencein risk and compliance roles within healthcare tech or regulated industries Proven successin conducting internal audits and managing compliance initiatives In-depth knowledgeof compliance frameworks and industry standards such as ISO More ❯

effective security solutions Provide advisory and consultancy services to ensure achievement of business goals Provide oversight to secure solutions that are scalable and portable across the business Support security risk assessment and problem mitigation Deliver technical consultancy on 3rd party and vendor involvement Build up expertise in a range of subject matter areas Champion future proofing and threat mitigation … functions such as Security Architect, Security Project Lead, Security Technical expert, DevSecOps A technical breadth to include enterprise, distributed systems and cloud technologies. Strong practical understanding of Information Security risk management processes and best practice Advanced communication and interpersonal skills, including the ability to negotiate and resolve conflict, and to engage effectively with a mixed technical, non-technical … and business community Strong demonstrable stakeholder management skills, (internal and external) Desirable to hold security certification such as CISSP, CISM Desirable to hold PenTest certification such as CEH, GIAC Desirable to understand risk driven architecture such as Sherwood/SABSA/SANS Highly desirable to have exposure to DevSecOps functions. Please note: This role requires you to be More ❯

best interests, exercising reasonable care and skill in its decision-making, managing TCT's resources responsibly and avoiding exposing the charity's assets or beneficiaries or reputation to undue risk; Contributing to the strategic development and planning process, including providing commercial acumen, insight into the external market and wider sector, or bringing experience of strategy development at similar organisations. … Ensuring the organisational culture and values, governance arrangements, management and operational structures are fit for purpose, helping TCT achieve its strategic aims and objectives and minimise risk; Reviewing and approving budgets and business plans to ensure alignment with strategic objectives; Supporting the board fulfil the full range of its statutory and oversight responsibilities. This includes oversight of operational … and financial performance, risk management, governance (corporate, clinical and educational), quality and regulatory compliance and in providing assurance on these matters to the board; Coaching and mentoring senior leadership or providing subject matter expertise on specific topics/challenges; Participating and contributing to the activities of any working party groups the board or its committees may set up More ❯

Dashboards, KIPs, Reports & Insights (e.g. from SAP/Finance, R&D, Quality and Assurance, Procurement, Sustainability, Local Teams (e.g. Adriatics) Conduct monthly data refresh of the following built dashboards: Risk management dashboard Spend cubes Payment terms Logistics KPI tracker Coverage tracker Conduct monthly Market Research presentation update (Primes deck) Existing Dashboards, KPIs, Reports & Insights Produce, manage and update … issues with the Senior Analytics Manager in the Middle Office Conduct regular data reviews, data cleanse and gap analysis Qualifications Bachelor's degree in Business, Data Analytics, Supply Chain Management, Finance, or related field Solid experience in analytics, reporting, or related roles, preferably gained within Procurement or a multi-national FMCG environment Strong proficiency in data visualisation software (e.g. More ❯

and procedures. Testing & Qualification: Leading testing and qualification activities to validate the system's design and integration. Customer Interaction: Engaging with customers through project design reviews and acceptance events. Risk Management: Identifying and managing technical risks and opportunities throughout the project lifecycle. Product Lifecycle Support: Contributing to the safety, reliability, and ongoing support of products. Supplier & Customer Relationships More ❯

An exciting opportunity has opened up with a well-established financial services organisation. They’re seeking a Senior IT Risk & Governance Analyst to join their IT team and play a critical role in supporting cyber, information security, IT governance and risk management across the business. 💼 The Role This is a hybrid position (3 days onsite). You … ll work closely with senior stakeholders, internal/external audit teams, and 2LoD, helping shape risk culture, improve governance frameworks, and drive cyber awareness. From managing KRIs and ethical phishing campaigns to reporting, training, and ensuring alignment with group-level standards, this role offers real breadth and influence. 🔍 What we're looking for ✔ Proven experience in IT risk … and training delivery skills ✔ Deep understanding of control frameworks like COBIT, ISO2700x, CRISC, ITIL ✔ Comfortable working in a regulated environment with high attention to detail ✔ Skilled in Excel and risk reporting ✔ A proactive mindset and adaptability to change More ❯

An exciting opportunity has opened up with a well-established financial services organisation. They’re seeking a Senior IT Risk & Governance Analyst to join their IT team and play a critical role in supporting cyber, information security, IT governance and risk management across the business. The Role This is a hybrid position (3 days onsite). You … ll work closely with senior stakeholders, internal/external audit teams, and 2LoD, helping shape risk culture, improve governance frameworks, and drive cyber awareness. From managing KRIs and ethical phishing campaigns to reporting, training, and ensuring alignment with group-level standards, this role offers real breadth and influence. What we're looking for ✔ Proven experience in IT risk … and training delivery skills ✔ Deep understanding of control frameworks like COBIT, ISO2700x, CRISC, ITIL ✔ Comfortable working in a regulated environment with high attention to detail ✔ Skilled in Excel and risk reporting ✔ A proactive mindset and adaptability to change More ❯

on continuous improvement and regulatory excellence. This is a hands-on, dual-focus role, equally split between business systems analysis and regulatory compliance. You'll work closely with Legal, Risk & Compliance teams as well as global IT, Cloud Ops, and R&D functions to implement high-impact solutions and ensure technology operations meet international regulatory standards. Key Responsibilities Business … compliance efforts aligned with international standards (e.g., FDA 21 CFR Part 11, GAMP 5, ICH GCP) Conduct internal audits and support external audits from regulatory authorities and partners Drive risk assessments and implement mitigation strategies Maintain and enhance compliance documentation (SOPs, policies, validation protocols) Ensure systems validation, security, and governance are embedded in IT and software practices What We … oversight Bachelor’s degree in IT, Business, Compliance, or equivalent professional experience Proven ability to manage cross-functional projects and regulatory initiatives Strong knowledge of system validation, documentation, and risk management practices Excellent communication, documentation, and stakeholder management skills Familiarity with global regulatory frameworks and enterprise IT operations Ability to work independently, manage multiple priorities, and drive More ❯

on continuous improvement and regulatory excellence. This is a hands-on, dual-focus role, equally split between business systems analysis and regulatory compliance. You'll work closely with Legal, Risk & Compliance teams as well as global IT, Cloud Ops, and R&D functions to implement high-impact solutions and ensure technology operations meet international regulatory standards. Key Responsibilities Business … compliance efforts aligned with international standards (e.g., FDA 21 CFR Part 11, GAMP 5, ICH GCP) Conduct internal audits and support external audits from regulatory authorities and partners Drive risk assessments and implement mitigation strategies Maintain and enhance compliance documentation (SOPs, policies, validation protocols) Ensure systems validation, security, and governance are embedded in IT and software practices What We … oversight Bachelor’s degree in IT, Business, Compliance, or equivalent professional experience Proven ability to manage cross-functional projects and regulatory initiatives Strong knowledge of system validation, documentation, and risk management practices Excellent communication, documentation, and stakeholder management skills Familiarity with global regulatory frameworks and enterprise IT operations Ability to work independently, manage multiple priorities, and drive More ❯

small cells, supporting Smart Cities & Connected infrastructure. Want to come and be a part of it? What will you be doing? Project planning and scheduling Action tracking Stakeholder communication Risk management Process improvement Site Access Booking Site Permit booking Risk Assessments and Method statement control What youll bring? Organisational skills Communication Skills Time Management Attention to More ❯

user needs, creating and implementing clear roadmaps to ensure all systems are kept in support and up to date. Maintain up-to-date IT policies, cyber security protocols, and risk management plans. Manage tech budgets, procurement, and vendor relationships. Team and Project Management Lead and support internal tech/data staff. Manage digital and IT projects from … successful as our new Head of IT/IT Manager, you should have the below skills and experience:- Essential Significant experience in IT, digital or data leadership. Strong project management and stakeholder engagement skills. Technical knowledge: relational databases, MIS/VLEs and Microsoft Office. Ability to communicate technical matters clearly to non-technical audiences. Desirable Experience in education or More ❯

private 5G networks, small cells, supporting Smart Cities & Connected infrastructure. Want to come and be a part of it? What will you be doing? Provide end-to-end commercial management of a mobile telecoms upgrade project, covering Acquisition, Design, and Build services. Negotiate pricing and terms with the supply chain. Administer contracts, including issuing notices and payments. Minimise waste … via effective risk management and cost control. Offer critical commercial support to the project team to safeguard business interests. Handle management accounts and reporting. Ensure proactive and timely cash recovery. Perform any other commercial management activities considered good industry practice. What youll bring? UK Driving Licence and willingness to travel. Able to lead a team, support … meeting deadlines under pressure, and maintaining a customer-focused approach. Proven ability to work independently and in teams. Flexible, adaptable, enthusiastic, self-motivated, and capable of influencing beyond direct management control. Whats in it for you? We offer a range of benefits designed to support your life in and out of work, some of which include. Matched or contributory More ❯

you'll join a growing SAP Finance team as Senior SAP Treasury Consultant and could work with other experienced colleagues on a variety of different Finance Treasury and Cash Management related SAP projects including Finance Transformation, S/4HANA migrations, Proof of concepts and Strategic studies. The role will provide the exposure to complex treasury concepts allowing for individual … continuous years, and unspent criminal record check (known as Disclosure and Barring Service) Your role Lead client workshop sessions to drive out requirements. Design SAP Treasury and Cash Management solutions and lead a team for delivery on larger projects. Prepare Functional Specs for the build of WRICEF objects. Work alone or within a team reporting to a Solution Architect. … to meet contractual obligations. Your skills and experience Innovative and open minded in your thinking with a passion for change and new ideas An experienced SAP Treasury and cash management consultant who has learned from working on project lifecycles including the use of derivatives and hedging concepts Strong core Treasury knowledge Hands on experience of Treasury and cash management More ❯

and enhancing telecom networks – including private 5G, small cells, and connected infrastructure for Smart Cities. The ideal candidate must possess the following skills and experience: End-to-end commercial management of mobile telecoms upgrade projects (Acquisition, Design, and Build). Negotiating pricing and contract terms with the supply chain. Administering contracts, including notices and payments. Risk management More ❯

be rewarded with a generous salary, 32 days holiday PLUS Bank Holidays, excellent pension contribution, and a unique and vibrant working environment. Role & Responsibilities: The Director is responsible for risk management, regulatory compliance, and leading incident response efforts in the event of security breaches, including incident investigations. Additionally, you'll work closely with other University senior managers to … effectively safeguard the organisation's information infrastructure. Key responsibilities include: Accountability for the University's cyber security strategy, direction, and vision, ensuring alignment with the organisation's objectives and risk appetite. Implement and drive policy changes to promote business resilience and security of operations. Work with technical teams to ensure cyber security services delivered internally conform to our security More ❯

with legal, regulatory, and policy requirements. Develop strong relationships with key internal stakeholders, venue security teams, and local law enforcement to ensure compliance with safety standards. Support event crisis management planning and response activities, including responding to emergencies and documenting incidents. Manage relationships with security vendors and monitor compliance with event safety, security, and service agreements. Facilitate communication with … Strong organizational skills and attention to detail. Excellent verbal and written communication skills, capable of engaging with senior audiences. Key Qualifications: Experience in law enforcement, corporate security, or security risk management preferred. 1-3 years of relevant work experience in a similar role. Collaborative team player with a proven ability to manage resources effectively within a budget. Special More ❯

eligible for eSC (ideally cleared with the Home Office or another Govt department in the past 12 months). The role involves full lifecycle project leadership, from planning and risk management to stakeholder engagement, governance, and technical oversight. You'll ensure minimal disruption to services and full compliance with security and regulatory standards. Essential: Proven experience delivering data … centre/infrastructure migrations Strong knowledge of IT infrastructure (networking, servers, firewalls, cloud, etc.) Familiarity with Govt projects, change management, DR, and BCP Proficient with tools like MS Project, JIRA, Confluence Apply now to lead a high-impact programme in a secure, mission-critical environment More ❯

a busy tech team. Proven project coordination and multitasking abilities: You can juggle multiple priorities with ease. Highly desirable skills that will set you apart: IT Operational Support Project & Risk Management Reporting and analytics (including Pivot Tables) KPI & SLA Administration IT Governance & Compliance IT Security If you're looking for a role where your organisational prowess genuinely makes More ❯

that the as-built electrical systems reflect the design intent. Assist with Factory Acceptance Testing (FAT), Site Acceptance Testing (SAT), and Integrated Systems Testing (IST) for critical electrical infrastructure. Risk Management & Programme Support Identify and manage electrical design and delivery risks such as long-lead items (e.g., MV/LV switchgear, transformers), supply chain constraints, or grid delays. More ❯