- Interim Technology focused risk management
- 3-6 month contract
- Remote based
Role Summary: We are seeking an experienced
Technology Risk Consultant on a
3–6 month contract to establish and embed a more structured and effective approach to managing technology and cyber-related risks across our telecommunications services business.This hands-on role is ideal for a proactive and independent risk professional who can assess the current environment, identify key gaps, and design and implement a practical, scalable risk management framework tailored to the needs of a complex, high-availability telecom services environment.
Key Deliverables: - Technology Risk Framework Design & Implementation:
- Review existing risk management structures, policies, and practices within Technology and Network functions.
- Design a fit-for-purpose Technology Risk Management Framework that aligns with business needs and industry standards (e.g. ISO 27001, NIST, COBIT).
- Develop practical tools such as risk registers, heatmaps, control libraries, and risk assessment templates.
- Stakeholder Engagement & Knowledge Transfer:
- Work closely with internal stakeholders to understand current risks and control environment.
- Facilitate risk workshops and interviews to assess and document current risk landscape.
- Deliver training or briefings to upskill teams on the new risk framework, tools, and processes.
- Governance & Reporting Structure:
- Define or refine risk governance processes and reporting mechanisms, including escalation paths and risk committee inputs.
- Draft or enhance policy documents, reporting templates, and risk dashboards for use by management.
- Initial Risk Assessments & Prioritization:
- Conduct rapid risk assessments of critical IT and network functions to identify top risks, emerging threats, and areas requiring immediate mitigation.
- Recommend and prioritize risk mitigation activities with clear action plans and ownership.
- Handover & Embedding Plan:
- Ensure a comprehensive handover document is produced, outlining framework components, process documentation, and embedding strategy for the internal team.
Skills & Experience Required: - 7+ years of experience in Technology Risk, IT Governance, or Information Security roles.
- Strong background in building or enhancing risk management structures in technology-intensive or regulated sectors, ideally telecoms.
- Familiarity with regulatory and compliance requirements relevant to telecom (e.g., GDPR, NIS2, national telecom regulations).
- Experience working with risk and control frameworks such as ISO 31000, ISO 27001, NIST CSF, COBIT, or COSO.
- Ability to communicate clearly and influence senior stakeholders.
- Self-starter, capable of driving outcomes independently in a short time frame.
Preferred Certifications: - CRISC, CISM, CISSP, CISA, or equivalent.
What We Offer: - Immediate-start contract for 3–6 months (with potential to extend).
- Opportunity to shape and formalize risk practices in a key industry.
- Flexible/hybrid working options.
- Competitive day rate.
