1 to 25 of 36 Permanent Risk Management Jobs in Berkshire

Head of Technology Governance, Risk, and Compliance (GRC) Because your new ideas are our way new ways of working. Evolve, your way. The Head of Technology Governance, Risk, and Compliance (GRC) is a key leadership role within the Primark Tech, reporting to the Chief Technology Security & Risk Officer (CTSRO). The role is responsible for ensuring effective … a crucial role in interacting with internal and external auditors and is responsible for the development and guidance of a team responsible for second line of defence activities, technology risk management and assessments, compliance monitoring, and developing a tech wide governance framework of policies, standards, and controls to ensure a strong control environment is in place to manage … risk, yet provide agility to deliver. What You'll Get People are at the heart of what we do here, so it's essential we provide you with the right environment to perform at your very best. Let's talk lifestyle: Healthcare, pension, and potential bonus. 27 days of leave, plus bank holidays and if you want, you can More ❯

packages. Most specifically SFDC but others as well. • Train and coordinate with systems application owners, data custodians, technical leads, and business impact analysts on security standards, guidelines, and vendor risk management of the systems within the organization and sub organizations. • Build relationships with Dynatrace Business Systems application teams. • Create, conduct, and report on security audits and assessments for … all systems applications (custom, SaaS and 3rd Party applications). • Provide guidance and support over the teams and ensure they can meet risk management requirements and industry control frameworks for their systems/applications. • Contribute to the development and implementation of security policies, procedures, and controls. • Serve as a bridge between the Dynatrace business units and the Security … Risk Management organization to promote and facilitate the adaptation and involvement with the Dynatrace Risk Management Framework What will help you succeed Technical skills: Experience with Salesforce (SFDC) implementations and integrations. Experience performing secure application configurations of other large ERP type Software packages. Knowledge of configuration and integration security (API, etc.) for SaaS solutions Understanding Secure More ❯

and family. Working Pattern: Permanent Full Time Flexible First options available The role The role holder is responsible for leading the development and implementation of a standardised cyber security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and … the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting More ❯

We use data to help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it? Reporting to the Senior Governance, Risk & Compliance Officer, the Information Security Officer will assist in strengthening the organisation's security posture within a large, complex, and fast-paced environment. This role supports the development and … implementation of GRC policies, risk management frameworks, and control processes to ensure the confidentiality, integrity, and availability of Keyloop's information assets. The Information Security Officer will work cross-functionally with stakeholders across diverse teams and departments to embed strong information security practices throughout the business. The role also includes identifying and tracking risks within the supply chain … and supporting the organisation's broader information security governance, risk, and compliance efforts. A critical part of this role is helping to promote a strong risk-aware culture and embedding positive security behaviours across the organisation. Role & Responsibility : The job holder will be responsible for assisting and supporting in a range of activities across the Governance, Risk More ❯

Senior Cyber Security Risk Analyst Berkshire– 4 days per week on site £70- £85,000 + bonus + benefits My client, a leading global manufacturer based in Berkshire are actively looking for Senior Cyber Security Risk Analyst to join their dynamic team. This role is an exciting opportunity to be a part of really helping to define and … shape what governance and risk assurance looks like for the organisation. This will include areas such as building out and developing their education and awareness programme as well as taking ownership over third party assurance. If you are looking for a role where you can be a part of building out something exciting, with a fantastic long term career … path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance More ❯

Senior Cyber Security Risk Analyst Reading - 4 days per week on site £70,000- £85,000 + bonus + benefits My client, a leading global manufacturer based in Berkshire are actively looking for Senior Cyber Security Risk Analyst to join their dynamic team. This role is an exciting opportunity to be a part of really helping to define … and shape what governance and risk assurance looks like for the organisation. This will include areas such as building out and developing their education and awareness programme as well as taking ownership over third party assurance. If you are looking for a role where you can be a part of building out something exciting, with a fantastic long term … career path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and More ❯

for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Create & Maintain an information security management system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including … existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders, published, and communicated. Also, ensure that policies are managed throughout their lifecycle and updated through yearly or ad-hoc reviews. … in consultation with Technical teams. Lead on providing information to Three UK Customers (B2B) regarding Three UK's security practices. Support proactive and effective oversight of technology and security risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Assist in designing, building, and implementing a Technology and Security Risk framework in collaboration with More ❯

Flexible First options available The role The Head of Cyber Security for our Energy Customer Solutions (ECS) business will champion and deliver the day-to-day cyber security strategy, risk management and human behaviours for the ECS business unit. ECS is SSE's 'shopfront' - providing energy and low carbon solutions to over 1.3 million customers in GB and … Ireland. The role holder will advise on cyber security input and assurance into agile system delivery and product management of systems. They will drive and manage compliance with the NIS and NIS2 regulatory requirements and will provide specialist support into any cyber transformation initiatives. You will Drive, influence and embed the cyber security strategy, risk management and … demand. This includes the co-ordination of cyber security requirements, engagement with stakeholders and use of standard architecture patterns and planning of assurance. Champion cyber security and lead specific risk assessments and strategic initiatives as required including pushing awareness, behaviours and culture. Work with peer Heads of Cyber Security to align and challenge cyber security risk positions to More ❯

compliance with UK Corporate Governance Code, Companies Act, and competition law. Maintain governance frameworks, statutory filings, and compliance controls. Support due diligence, KYC processes, and policy updates. Assist with risk management and regulatory reporting. Lead automation and streamlining of governance processes. Stakeholder Engagement Liaise with shareholders, senior management, and legal advisors. Ensure compliance sign-offs and facilitate … effective communication between key stakeholders. Build strong relationships with compliance, legal, and risk teams. Reporting & Risk Management Contribute to monthly reporting, maintain the corporate risk register, and support implementation of mitigation strategies. Insurance Administer company insurance coverage and compliance in coordination with the risk team. People Management Manage team performance, workload, and development. Act … as escalation point and ensure high standards are maintained. Person Specification: Required: Company Secretarial knowledge. Understanding of competition law. Relevant qualification in Corporate Governance. Strong organisational and time management skills. Excellent communication, attention to detail, and confidentiality. Proactive team player with analytical and problem-solving skills. Knowledge of UK company law and governance. Experience in compliance or corporate governance. More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. Demonstrate … familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

We seek a strategic, solutions-focused leader with deep technical expertise and a passion for innovation. You will work closely with OT engineers, IT, operations, asset management, and external partners to lead the design, deployment, and governance of cutting-edge Operational Technology (OT) solutions across Thames Water's water and wastewater networks. We are seeking an OT Engineering Solutions … Ensure solutions meet security, performance, regulatory, and operational requirements. Oversee high-level design, integration, and documentation of OT architecture to support real-time control, automation, and data acquisition. Team Management & Innovation: Manage a team of OT solution engineers, defining goals and monitoring performance against KPIs. Foster a collaborative, high-performing, and innovative team culture. Champion the adoption of emerging … external stakeholders. Collaborate with engineering, cybersecurity, procurement, and control room teams to align technical and business goals. Lead discussions to translate complex technical requirements into actionable solutions. Supplier & Resource Management: Manage supplier and contractor relationships to ensure transparent and effective collaboration. Oversee resource planning and allocation to ensure the timely delivery of integrated OT solutions. Ensure effective cross-charging More ❯

procedures, templates, and standards. Assist in the development and localisation of standard test scripts, ensuring they are tailored to specific control environments and aligned with the organisation's Enterprise Risk Management Framework. Conduct control testing activities to evaluate the design and operational effectiveness of assigned controls, documenting results clearly and raising issues where appropriate Ensure timely delivery of … thrive in this role, the essential criteria you'll need are: Proven experience in performing control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, risk management, and control frameworks. Experience in IT, OT and Cloud environments. Clear and professional verbal and written communication, including the ability to explain technical issues to non-technical … supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy. Strong understanding of Cyber Security Domains including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to have/bring More ❯

contact, within the framework of integrated Cyber governance including Data Privacy, Ethics & Compliance, Environmental & industrial risks and Safety Activate & integrate cybersecurity "by design" in all technology projects, in particular: Risk analysis and definition of associated mitigation measures, and Ensuring that these mitigation measures are properly implemented, and validating them for any project involving critical assets Monitor the performance of … cybersecurity suppliers and services, ensure Cyber Security Insurance is appropriate to meet UK requirements Participate in the management of major Cyber incidents and crisis concerning technology assets, monitor and implement associated action plans Raise awareness of Cyber risks, particularly among Division/UK top management and Technology contacts (development security, application security Deploy a Cyber Essentials Plus program … multi-site environments that have operational technology elements. CISSP (Certified Information Systems Security Professional) Microsoft certifications and/or network qualifications ITIL Foundation Must have a sound knowledge of risk management, compliance frameworks, integrating security into projects, developing and monitoring indicators and executing action plans. Must have a sound knowledge of risk management, compliance frameworks, integrating More ❯

they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Responsibilities: Provide support in proactive and effective oversight of the technology risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Manage and own the Technology Risk Register. Collaborate with technology and business stakeholders to identify … define, and prioritize pragmatic and efficient remediation activities related to risk and control issues. Facilitate the Risk acceptance process when Residual Risk exceeds appetite. Manage and continually improve the organization's risk profile. Provide subject matter expertise in Technology Risk to the business and communicate the risk environment through dashboards and KPIs. Additional Responsibilities … Use consistent processes to identify potential risk events, quantify and document their probability and impact. Refer to domain experts for guidance on specialised risk areas such as architecture and environment. Work with stakeholders to implement agreed mitigation activities. Identify emerging risks, issues, and needs, and determine potential causes. Support the overall risk strategy to safeguard the organization More ❯

relationships with client delivery teams and helping create a collaborative, efficient positive working environment Developing project plans and ensuring delivery adheres to Node4's engagement framework Support in the management of client project budget and resource forecasting Working with the Project team to support the delivery of client engagements from Node4's portfolio of projects Ensuring quality throughout the … functions through a group induction A period of dedicated training as part of a clear development curriculum, learning industry relevant skills including a selection of the following: Communication Stakeholder management Time management Sales support and pre-sales Professional document writing Change management Delivering effective presentations Workshop delivery Risk management Minimum of 5 Microsoft technology fundamental … certifications A project management framework qualification (PRINCE2/Agile) Minimum of 2 professional role specific certifications Hands on, practical experience in the following disciplines: Microsoft Dynamics Digital and Application Innovation (Software Development) Security Operations Centre Data and AI Regular team building and social events with other graduate scheme members What experience do you need? No particular experience is required More ❯

Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards and help resolve deployment challenges and risks Interact with relevant stakeholders to apply consistent … or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks … and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint Excellent written and verbal communication skills Preferred Qualifications: Professional certifications, such as Certified Information Systems Security Professional (CISSP More ❯

end-to-end quality and regulatory functions across the business. What you’ll be doing: As a Quality Compliance Executive Policies, Procedures & Process Governance Supporting the delivery of strategic management plans that align with the company’s ISO and regulatory obligations. Managing the Compliance & Regulatory Calendar—ensuring each department knows what's needed and when. Helping teams build out … key support to the Chief Information Security Officer (CISO) to nurture a culture of continuous improvement. Identifying opportunities to refine or enhance quality systems and business compliance practices. Certifications & Risk Management Taking ownership of certification activities such as ISO 9001, ISO 14001, ISO 22301, ISO 27001 and PCI-DSS. Coordinating internal and external audits, and ensuring all certifications … remain current. Managing internal Risk Registers and facilitating risk review meetings. Raising potential risks early and ensuring the business has time to respond before audit deadlines. Ensuring regular, clear communication across departments in preparation for audits. What you’ll bring: Previous experience managing ISO or other compliance certifications. A strong background in process governance, administration or quality assurance. More ❯

courseware components. Ensure compliance with Secure by Design principles and security classifications. Act as the integration SME across internal teams, suppliers, and MOD stakeholders. Drive progress with clear metrics, risk management, and collaborative execution. What You’ll Bring: Experience delivering and integrating secure hardware/IT systems. Deep knowledge of systems engineering lifecycle & ITIL. Proven ability to manage … projects across multiple security layers. Strong stakeholder engagement, risk mitigation, and configuration management experience. Bonus if you have: Experience with DSAT, SCIDA, Jira/Confluence, Agile/DevOps, or defence training systems. Why join? Salary of up to £60,000 + bonus + up to 10.5% pension 25 days holiday + bank holidays + buy/sell up More ❯

the official careers website for John Lewis Partnership, John Lewis & Partners, and Waitrose & Partners. About the role As the Service Assurance Lead you will provide assurance that all Service Management Centre outcomes are being delivered effectively across the Partnership.You will define the appropriate outcomes and then ensure key stakeholders in Technology Product and Platform teams are carrying out the … required activities relating to Capacity, Disaster Recovery (DR), Business Continuity (BC), Risk and Service Design & Transition. You will ensure technology and security controls are effectively and proportionately monitored and managed across the Technology function.In the Technology Shared Capability, you will have the opportunity to develop and stretch personally and professionally to achieve your potential. Expected Salary … based at our Bracknell site once a week As the Service Assurance Lead you will own the decisions for: Defining and implementing the appropriate guardrails predominantly relating to Capacity Management and service continuity Ensuring Product and Platform teams are compliant with the above, providing subject matter expertise and intervening where required Drafting and ongoing management of assurance outcomes More ❯

the new Head of Power. You’ll work with data from over 8,000 assets, developing metrics to assess and improve their resilience. Your insights will support strategic planning, risk mitigation, and performance optimisation across the Power function.Your key responsibilities will include: Leading the gathering, integration, and interpretation of operational data to generate actionable insights. Providing detailed analysis to … support planning, performance tracking, and risk mitigation. Developing dashboards and reporting tools to support leadership decision-making. Contributing to business cases with financial and risk-based analysis. Supporting strategic planning and performance measurement across the Power function. Collaborating with stakeholders across the business to ensure data-driven programme success. Developing solutions and metrics to assess how resilient Thames … Ability to work under pressure and effectively prioritise conflicting requirements. Desirable experience includes: Knowledge or experience related to the industrial use or provision of power (electricity). Experience of risk management within a project/programme or business environment. Experience and ability working on a programme project. What’s in it for you? This is your opportunity to More ❯

frameworks, ensuring that all information assets and operational processes are safeguarded to the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. Collaborate with internal stakeholders and external auditors to achieve and … actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security More ❯

operational efficiency, compliance, and customer satisfaction whilst driving standardization, automation, and transformation initiatives across all regions and business units. The ideal candidate will have extensive experience in Billings & Collections management coupled with the ability to make lasting changes, have strong analytical skills, and the ability to lead large global teams. Hybrid and remote working are both considered. Responsibilities Global … Policy Management: Develop, implement, and maintain standardized global policies and procedures, to deliver efficiency and accuracy Ensure alignment with local regulatory, tax & Business requirements Educate employees and stakeholders on policy updates and best practices Develop and execute a global strategy to optimize cash flow, reduce DSO, and improve customer experience, whilst aligning with Corporate Finance goals Process Ownership & Optimization … for Billings systems, leveraging automation where possible Lead global transformation initiatives, including Billings platforms & Collections tool implementations Partner with IT and vendors to troubleshoot issues and implement enhancements Compliance & Risk Management: Ensure processes comply with local, regional, and international tax regulations and contractual obligations Lead internal audits and support external audits related to Billings & Collections Maintain adherence to More ❯

engage diplomatically with their supplier networks to identify and recover lost funds across diverse client portfolios. This role demands exceptional organisational and analytical capabilities to effectively oversee complex data management, reporting, and billing processes. This represents an outstanding opportunity for an ambitious finance professional to advance their career within our collaborative and expanding team. FISCAL Technologies offers world-class … financial risk management software solutions that protect spend, significantly cut costs, and reduce supplier risk for organisations. With a 16-year proven track record, we deliver substantial ROI and payback to our customers within three months. We Are Looking For Someone With Background - We're flexible for candidates with: A proven track record of delivering audit projects … Deliver services projects from initial kick-off through to completion and handover Conduct ad-hoc data review projects for customers, analyzing data and summarizing results, key trends, and high-risk areas Provide clear progress reports and summaries regarding recoveries for multiple projects Anticipate problem accounts and escalate towards suitable solutions promptly Conduct detailed reconciliations on large accounts to confirm More ❯

with the Product Model overarching objectives. Define and own the project delivery, including scope, timeline, milestones, resource plans and critical dependencies. Establish and maintain strong governance frameworks, ensuring rigorous risk management, issue resolution and clear escalation paths. Engage and influence senior stakeholders across Primark and third-party vendors to secure engagement and maintain momentum. Manage multi-functional delivery … KPIs and budgets, addressing variances and challenges, reporting to senior leadership. Ensure that the project adheres to best practice and quality standards in technology delivery and implementation. Integrate change management, communication and training plans into the overarching project plan to support adoption and deliver lasting process improvements. Follow and champion the mandated Primark delivery approach, continuously seeking opportunities to … authentic self to work, of course with some other key experience and abilities for this role in particular: Educated to degree level with 10+ years of Project/Programme Management experience delivering complex solutions. Experience of working within a Retail environment is essential, whilst experience in Allocation, Replenishment and Forecasting is highly desirable/advantageous. Experience in delivering scaled More ❯

working and instilling best in class software engineering techniques. Key Responsibilities Responsible for leading the design & delivery of Devops Practices, Tools, Automation and Strategies. Accountable for the enablement and management of products and services in terms of providing the tools, pipelines and guardrails through self-service and facilitating through support/coaching/incubation. Enable the engineering experience so … application vendors to meet and exceed expectations. Define and govern software quality and testing standards; ultimately improve software delivery and operational performance measured through industry standard metrics. Drive data management improvements and help develop appropriate tooling. Drive automation in all aspects of the SDLC. Develop a culture of awareness, accountability and compliance with regards to Security, GDPR, IT governance … as manager/leader. Cloud experience (Azure) & knowledge of MACH architecture. Experience with Testing tools and suites such as HP ALM, Octane, Atlassian JIRA & JSM, Selenium etc. Excellent people management, interpersonal, analytical, and problem-solving skills High availability, DR & BC experience an advantage Experience with CI/CD and related DevOps tooling Risk management & commercial awareness Stakeholder More ❯