Security Risk Specialist

Security Risk Specialist - 6-Month Contract - Inside IR35 - Hybrid London (2-3 Days Onsite)

A leading technology-driven organisation is seeking an experienced Security Risk Specialist to support the ongoing development and operation of its security risk function. This role sits within a growing security team and will focus on strengthening how the business identifies, evaluates, and manages security-related risks across a modern, cloud-centric environment.

Working closely with the Head of Security Risk & Assurance, you will play an integral part in shaping risk methodology, enhancing processes, and advising stakeholders across engineering, product, operations, and wider business units. This is a hands-on contract suitable for someone who enjoys driving practical improvements and embedding risk management into day-to-day operations.

Key Responsibilities

You will:

  • Contribute to the operation, enhancement, and governance of the security risk management framework, ensuring alignment with business goals, regulatory needs, and recognised industry practices.
  • Conduct detailed security risk assessments and support the creation of appropriate risk responses, mitigation plans, and treatment recommendations.
  • Review, refine, and optimise existing risk processes-highlighting inefficiencies, identifying gaps, and advising on improvements, including automation and tooling opportunities.
  • Collaborate with engineering, technology, and non-technical teams to embed risk-aware thinking into projects, initiatives, and operational decision-making.
  • Develop and improve risk dashboards, reporting packs, and metrics to increase visibility and support stakeholder decision processes.
  • Contribute to the creation and evolution of security awareness materials and internal training related to risk management.
Required Experience

You will have:

  • Hands-on experience in security risk management within a dynamic, high-growth, or highly regulated environment.
  • A background designing, maintaining, or enhancing governance processes and procedures, ideally related to security or technology risk.
  • Strong experience performing risk assessments across cloud environments and modern technology stacks.
  • Good understanding of how agile, product-led, and engineering-focused organisations operate.
  • Experience producing and interpreting security metrics, plus building reporting that supports risk-based decision-making.
  • Confidence engaging stakeholders of varying technical levels, from engineers to senior non-technical leaders.
  • Familiarity with frameworks and standards such as ISO 27001, NIST CSF, NIST 800-53, SOC 2, PCI DSS, etc.
  • Practical experience applying Large Language Models (LLMs) in security workflows, including:
    • Speeding up risk analysis and documentation
    • Supporting control assessments and evidence evaluation
    • Drafting and refining policies, standards, and procedures
    • Improving reporting, insights, and communication
  • Ability to identify where automation, AI, or LLM-based tooling can improve consistency and operational efficiency.
Nice to Have
  • A blend of consultancy and in-house experience within security, assurance, or risk management.
  • Exposure to enterprise GRC / integrated risk management platforms.
  • Relevant certifications such as CISM, CRISC, CISSP, CISA, or similar.
Apply Now
Apply Now

Job Details

Company
Tenth Revolution Group
Location
London, South East, England, United Kingdom
Employment Type
Contractor
Salary
£650 per day
Posted