9 of 9 Contract Risk Management Jobs in the Thames Valley

Security Controls & Patterns Advising and assuring secure configuration baselines Designing identity, access, and privilege models (RBAC, Zero Trust, MFA, PAM). Ensuring encryption, key management, and data-handling controls meet MOD standards. Design Governance Presenting designs Ensuring all designs are traceable to MOD security policies and risk appetite. … Assurance Activities (Compliance, Risk, Accreditation) Risk & Compliance Conduct risk assessments using MOD-approved methodologies (e.g., NIST, ISO 27005). Produce and maintain Security Risk Assessments (SRAs) and Risk Treatment Plans (RTPs). Identify non-compliances and propose compensating controls. Accreditation & Governance Support or lead ...

early in delivery, and ensure compliance with defined processes and customer requirements. This is a hands-on leadership role combining assurance, security design review, risk management, and stakeholder engagement. Key Responsibilities: Security by Design & Compliance - Assure applications, infrastructure, and cloud services throughout their lifecycle in line with … Continuous Assurance - Provide ongoing assurance of infrastructure and cloud environments against defined standards and procedures. Ensure controls remain effective through change and operational use. Risk Management - Identify, assess, and manage security risks. Recommend tactical and strategic improvements aligned to best practice. Leadership & Collaboration - Act as the IT assurance ...

6+ Months Contract with InsideIR35 Job Description: Role Overview: A cross-functional role combining advisory and hands-on responsibilities. Focus areas include security assurance, risk management, architecture review, vulnerability management, cyber defence, and embedding risk-aligned security controls across IT and OT systems. You will work … compliance (Gov Assure, CAF, ISO 27001, Cyber Essentials), and drive secure-by-design practices. Essential Skills: Designing & implementing secure cloud/infrastructure architectures Risk assessment & maintaining risk registers (ISO 31000, FAIR, OWASP) Knowledge of Gov Assure, CAF, ISO 27001, Cyber Essentials, NIST Conducting/supporting security audits & remediation ...

Manager Opportunity with the telecommunications sector. This is an exciting opportunity to be at the forefront of large-scale security transformation projects, driving measurable risk reduction and regulatory alignment across highly regulated environments. About the Role. As Cyber Security Project Manager, you will oversee end-to-end delivery … telecommunications companies (e.g. Verizon, Vodafone, BT or similar). Demonstrable experience managing cyber security initiatives such as security controls implementation, security tooling rollouts, or risk remediation programmes. Solid understanding of information security frameworks and standards (e.g. ISO 27001, NIST). Strong track record in risk assessment, risk ...

Clearance Required Core Responsibilities Design and maintain secure architecture frameworks for enterprise systems across cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define and enforce security standards, reference architectures, and policy controls aligned with frameworks such … NIST, ISO/IEC 27001, and CIS Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps ...

Security Analyst to support and strengthen cyber security across industrial and operational technology environments. This role focuses on securing critical systems through the deployment, management, and enhancement of OT security controls, while helping drive continuous improvements in monitoring, governance, and risk management practices. The successful candidate will … with recognised industry standards and frameworks. This is a hands-on technical role with a strong governance element, involving everything from security implementation and risk assessments through to documentation, standards development, and supplier engagement. Exposure to SIEM/SOC integration within OT environments would be beneficial. Key Responsibilities Implement ...

Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks (e.g., NIST … stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated experience in enterprise security architecture, risk management, and compliance In-depth knowledge of security engineering for cloud platforms (AWS, Azure, GCP), networking, operating systems, and containerized environments Proficiency ...

client a leading consultancy in the Defence & Security sector, is seeking a dynamic Product Owner with significant experience in Identity & Access Management (IAM) to join their team on a contract basis. This role will be based in Reading with hybrid working options available. Key Responsibilities: Partnering with key business … business, translating stakeholders' needs into Product requirements. Eliciting detailed Product requirements and prioritising and managing the IAM Product backlog. Ensuring security, compliance, and risk management for the IAM Product. Providing functional test support to the IAM Product team, ensuring developed solutions align with specifications. Acting as the 'Voice ...

track record of restoring or maintaining project health. Experience working alongside technical delivery leads or architects on security-focused projects. Expertise in structured project management methodologies (e.g., PRINCE2, MSP, Agile governance). Ability to synthesise technical detail into clear, concise, and actionable reporting. Desirable Experience Experience with UK telecoms … operator assurance frameworks, including security baselines, risk management, and regulatory reporting. Familiarity with NCSC Secure Administration principles, Zero Trust, and privileged access hardening. Understanding of Microsoft security and identity ecosystems (Entra ID, Intune, Defender, Conditional Access). Background in endpoint security, identity management, or privileged access tooling. ...