9 of 9 Risk Register Jobs in the Thames Valley

Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the … to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers … for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance More ❯

with strategic business engagement, ensuring that security is seamlessly integrated across all commercial activities. This role will oversee the organization’s security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the Group CISO. Responsibilities Strategic Leadership & Business Partnership … to embed security into projects & daily operations. Define and drive the overall security roadmap, ensuring it evolves with the business. Lead security benchmarking and strategic planning Continuous assessment of risk across the organization paired with the ability to implement risk treatment plans that do not hamper innovation. Technical & Operational Oversight Oversee network security architecture, monitoring, and the segmentation … and AWS, including monitoring, workload protection, and identity governance. Oversee vulnerability management for hybrid cloud environments, integrating tools such as Wiz, Axonius, and ServiceNow. Oversee advanced DLP and insider risk management to protect critical IP. Partner with IT and Operations to ensure resilience in the event of cyber incidents or infrastructure outages. Coordinate penetration testing, red team exercises, and More ❯

SLAs, quality gates, secure access, and code ownership. Manage engineering/infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering execution across distributed in-house and outsourced teams. Champion 24/7/365 platform operations with SLAs … capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity/authorisation, privacy … management, and privacy by design. Ability to partner with product and legal teams on security trade-offs and customer due diligence. Skilled in agile delivery, quarterly planning, dependency/risk management, and quality assurance. Ability to drive predictable delivery, manage technical debt, and continuously improve engineering velocity. Strong financial acumen: managing engineering/cloud budgets, AWS FinOps, and tracking More ❯

digital estate, encompassing enterprise IT, operational technology (OT), and research platforms. This role sits within the Information & Cyber Security Group and provides subject matter expertise in security architecture, cyber risk governance, and assurance frameworks. This is a cross-functional role with both advisory and hands-on responsibilities, focusing on security assurance, risk management and supporting architecture reviews, vulnerability … management, risk assessments, cyber defence posture, driving technical assurance, and embedding risk-aligned security controls across IT and OT systems and secure-by-design practices. You will work across hybrid environments including cloud, infrastructure, applications, and OT systems. You will be responsible for designing and advising on security architecture patterns, reviewing and maintaining risk registers, leading assurance … Cyber Essentials (CE and CE+) while supporting the secure operation of core services. The role requires strong stakeholder engagement, technical depth, and a sound understanding of UK-specific cyber risk frameworks. You will help shape and maintain a secure posture across UKAEA. A degree in Cybersecurity, Information Technology, or a STEM subject (or equivalent experience). Essential o Security More ❯

Effectiveness (PUE) improvements, optimising cooling, power, and infrastructure for maximum efficiency. • Client Engagement & Service Delivery - Lead client tours, ensure service excellence, support project delivery, and maintain high client satisfaction. • Risk Management - Maintain an up-to-date Risk Register, oversee all site inspections, ensure compliance with company procedures, and mitigate potential issues. • Capacity Optimisation - Manage and optimise space More ❯

security excellence. Salary - £65,000 per annum Location - South East Key Responsibilities - Act as the primary security advisor to clients or stakeholders - Lead regular security reviews and maintain the risk register and exception process - Ensure services align with relevant security frameworks and demonstrate compliance through clear reporting and metrics - Own the organisation's security posture ensuring tools, processes More ❯

new clients to streamline their transition. Actively resolve any operational roadblocks and ensure that all integration steps are completed efficiently. Oversight of post-completion issues including working to resolve risk register issues to protect the assets we have acquired. 2.Operational & Administrative Oversight Coordinate and execute operational tasks such as accounting consolidation, office and car lease terminations, and other More ❯

IR readiness, and regulatory requirements relevant to SMBs (e.g., HIPAA, PCI-DSS, GDPR nuances as applicable). Customer engagement and discovery: Conduct customer workshops, requirements gathering, current-state assessments, risk analyses, ROI/tco analysis, and roadmaps that translate business outcomes into concrete IT capabilities. Commercial ownership: Collaborate with sales on proposal development, scoping, pricing constructs, RFP/RFI … responses, and executive-level communications; create compelling business cases grounded in the value of reduced downtime, improved productivity, and scalable future-state architectures. Governance and risk management: Define program governance, risk registers, milestone plans, and success metrics; ensure alignment with customer expectations and Teceze delivery standards. People and skills development: Mentor delivery teams on solutioning methods, best practices More ❯

compliance with leading frameworks (Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor translating complex risks into clear business outcomes. Internally, you'll own our security frameworks, guide improvement across tools and teams, and ensure … compliance through measurable posture metrics and ongoing development. Key Responsibilities Lead client Quarterly Security Reviews (QSRs) covering vulnerabilities, incidents, compliance, and risk registers. Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, and NIST . Ensure secure deployment and … shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent certifications. Experience More ❯