1 to 25 of 43 DemandTrendPermanent Risk Management Jobs in Bristol

Dependent on Experience , plus car allowance, plus up to 10% performance bonus*, plus excellent benefits package. Logiq is a fast-growing Technology Company, providing cutting-edge solutions to high-risk clients across Private and Public Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves applying risk-based decision-making to ensure security measures are proportionate to the threats faced, balancing protection, operational effectiveness, and compliance with the organisations need and … context. As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work More ❯

Description Risk and Business Continuity Manager Programme Name: LCST Location: Bristol, UK - The role will be hybrid, with expectations to be in our Bristol, UK office at least one day per week and some UK travel will be required. Are you ready for your next career challenge? Role Overview: Leidos Europe Ltd (as Prime contractor) is seeking a UK … based Programme level Risk and Business Continuity Manager who is a motivated self-starter who can work independently and as part of a team in a dynamic environment. They will be a dedicated resource to the Logistics Division working on the Ministry of Defence Logistics, Commodities and Services Transformation (LCST) Programme. Reporting to the Head of Compliance, the Programme … Risk and Business Continuity Manager will be supported by a Risk and Business Continuity Advisor. This role is the programme focal point for risk management and business continuity across the Prime contract as part of the functions stakeholder management duties defined below. The role will be hybrid, with expectations to be in our Bristol, UK More ❯

in the delivery of security compliance assurance to frameworks such as PCI-DSS and NIST Cyber Security Framework. You will be managing security governance processes including Third Party Security Risk Management, and delivering controls assurance. What you'll be doing Assisting in meeting compliance requirements within HL, such as PCI-DSS and in line with frameworks such as … SWIFT CSCF, CSA CCM and NIST CSF. Assist with the technical security aspects of third-party security risk by conducting security due diligence and risk assessments for vendors, suppliers, partners, and contractors. Develop and mature processes and procedures for third party security risk management, including due diligence and third-party incident management. Work closely with stakeholders … to provide advice in relation to third party information security risks, recommending risk mitigation strategies and/or advising on risk exceptions based on the business' risk appetite. Driving policy & standard governance processes including creating new policies and standards where required. Managing framework alignments, identifying gaps and engaging stakeholders to remediate. Managing Security process documentation including review More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Cyber Risk Manager will be responsible for the following: Operational Develop and define key risk indicators to provide cyber risks insights to Deloitte Technology BISOs and executives. Gather requirements and … build dashboards that accurately depict Deloitte Technology's cyber risk exposure. Drive organizational change and work with multiple business units of a large organization to effect change. Understand the Deloitte global line of business, gain familiarity with priorities, and become an advocate for the cyber risk within the BISO organization. Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business. Actively govern cyber risk in the Deloitte Technology risk register. Partner effectively with Deloitte Technology and BISO teams to facilitate cyber security risk reviews and analysis. Empower Deloitte Technology teams to establish cyber risk ownership and agree on More ❯

the Role: Seeking a senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership … Security Strategy : Define and maintain a robust security strategy aligned with business goals and growth. Compliance : Ensure adherence to key standards including DSPT, Cyber Essentials Plus, and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage … through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge More ❯

Cyber Security Consultant - Risk Consultant (MOD/Defence - SC) Location: Remote/Southwest on-site presence Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate … with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You'll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD …/Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks, controls, and treatment activities. Provide pragmatic remediation and risk management guidance. Support secure design across technology platforms including cloud infrastructures. Experience Required The successful More ❯

the job Job summary Within the Digital, Data & Technology area of the NCA, as are constantly evolve and expand our capabilities we need people with strong experience of service management practices to ensure that new Services are designed to support our end users in the delivery of their functions. The quality of the services delivered by the NCA directly … privacy policy notice for details on how your data is handled.Privacy Policy Notice Your role will sit within the Service Design & Transition team and you will utilise your Service Management experience and knowledge to provide expertise to project teams, ensuring incoming services align to ITIL-based processes. Your role will involve translating the project's technical service and end … internal and/or external) functions: Will adhere to and respect Service Design & Transition processes, as well as any processes outside of the Service Design & Transition practice (e.g. project management office, enterprise design assurance - technology, change enablement. Collaborating with stakeholders to translate customer requirements, business requirements and contractual obligations into end-to-end service design: Collaborating with internal and More ❯

or equivalent with a professional qualification (e.g. CCEA, CPCostE, CEng) Experience working in the defence sector/military. Good knowledge of statistics in support of parametric modelling, sampling and risk analysis. Knowledge of statistical software packages such as 'R’. Using logical and analytical thinking to solve complex problems for the client. Strong Microsoft Excel skills to support analysis … of data. Cost Estimating Risk Management, Risk Analysis, Earned Value Management (EVM) Experience in analysing project data (cost/risk/schedule). Working in a client’s team to influence strategic decision makers whilst delivering practical solutions. Be articulate with good presentation and written communication skills. Be dependable, committed and have a genuine enthusiasm … to contribute to the growth of a successful business. Understanding the military environment and MOD management structures. Knowledge of MOD approvals, the MOD acquisition cycle and Defence lines of Development Experience of Identifying, bidding and winning future work Candidates from a technical consultancy background working within the MOD sector. Ability to travel to client sites across the UK as More ❯

role you’re considering We are seeking an Engagement Manager to join Capgemini Engineering. We are looking to attract experienced candidates with a proven history of providing effective project management in complex Defence Engineering environments. Hybrid working: The places that you work from day to day will vary according to your role, your needs, and those of the business … that will lead to the convergence of physical and digital worlds through technology, engineering and manufacturing expertise to boost our clients’ competitiveness. Your responsibilities will include: Client liaison Bid management Project planning Tracking and reporting Revenue management Profitability Productivity Forecasting and project finances Risk management Quality control Continuous process improvement Problem resolution Resource allocation Client satisfaction. … your working reality. We have built an inclusive and welcoming environment, for everyone. Your skills and experience Essential Demonstrable experience of delivering engineering development projects in a leading/management role, from pre-sales, bidding, requirements definition through to delivery, optimisation, verification, validation and closure Experience in Air, Land or Maritime, including the integration and assurance process 5 years More ❯

and sometimes challenging situations. You'll be one of our Senior Project Managers, overseeing and delivering complex projects across a number of engineering contracts. Providing day-to-day operational management of a team of project staff, you'll be responsible for the timely and cost-effective delivery of products and services to our customers. You'll play a key … levels of responsibility and the opportunity to work at the front of delivering some key UK Defence and Security contracts. Your responsibilities will include: Providing overall operational and strategic management of assigned tasks projects within your project team. Project management of complex engineering projects ensuring that the delivery teams understand cost, time and quality requirements and remain coordinated … the project lifecycle, you'll also be responsible for supporting with requirement capture, scoping, technical and commercial solutions and the generation of pricing models and proposal documents. Providing effective risk management to ensure that the business' risk exposure is kept to a minimum and is effectively managed throughout the project. Ensuring that effective change management is More ❯

to hear from you. As a Systems Engineer , you’ll bring a blend of technical expertise, strategic thinking, and hands-on experience. Ideally, you will have: Experience of requirements management within the UK MOD (Frontline Commands or Delivery Agents), Knowledge of the UK acquisition framework (e.g. Business Cases, URD, SRD, CONEMP/CONUSE, ITEAP, etc.) Comprehension of Defence Lines … and technologies. We are looking for Systems Engineers with broad expertise as well as a specialism in one or more disciplines, including: System Design and Architecture Requirements Engineering and Management Stakeholder Collaboration System of Systems (SoS) Integration and Testing Risk Management Regulatory Compliance Technology Evaluation Documentation and Reporting Keywords – Systems Engineer, Maritime, Defence, MoD, MBSE, Systems Architecture … Systems Design, Model-Based Systems Engineering, Requirements Management, Stakeholder Collaboration, CADMID, Risk Management, Defence Digital Projects, Aerospace, Land Systems, Joint Systems, Degree, Meng, Systems Engineering. DOORS, Systems Engineer – Defence More ❯

with cutting-edge technology in partnership with some of the most brilliant minds. The Role: As a Principal Cyber Security Consultant you will join our Information Assurance and Cyber Risk team that provides expert risk assessments, analysis and advice to clients within the Defence Sector. Day-to-day, you'll be a key stakeholder in the Security Risk Management process, working closely with our clients to identify and respond to cyber threats and security risks. Your responsibilities will include: Leading cyber security consultancy with key customers at a senior level providing subject matter expertise, advice and guidance on security matters Implementing Secure by Design for systems across live, test and training environments Monitoring and reporting on … system security requirements and vulnerabilities, escalating unresolved vulnerabilities when appropriate Managing the effective coordination of all security-related activities, including but not limited to, queries, incident management, document reviews and testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of More ❯

be responsible for Identify security requirements and ensure the integration of security controls during the product development lifecycle Some of what you will be involved in: Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of … of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach out to Lewis if you are interested or … is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically More ❯

end-to-end ownership of the security assurance process for digital services and systems, ensuring all solution designs are aligned with GLD's enterprise architecture standards, security controls, and risk management framework. This includes reviewing architectural artefacts, participating in technical design sessions, and validating that controls are effectively implemented throughout the solution lifecycle. Partner with delivery teams to … manage cybersecurity risks Embed yourself within multidisciplinary delivery teams to support secure-by-design practices from the earliest stages of project initiation through to deployment and operation. Conduct detailed risk assessments, threat modelling, and architecture reviews to help teams understand and mitigate potential vulnerabilities before they impact live environments. Collaborate closely with the Strategic Security Architect and technical stakeholders … security working groups, design authorities, and backup/recovery forums. Drive consistency in how security is considered across programmes, ensure adherence to defined standards, and influence decisions that improve risk management and architectural assurance. Build strong relationships with internal and external stakeholders Engage regularly with key stakeholders across GLD and wider government departments, including legal, data, and operational More ❯

the heart of designing, building and delivering public services leads to better outcomes for everyone. About the role The PMO Analyst will participate in building and implementing agile delivery management improvements and offering subject matter expertise to elevate best practices across the organization. You will be responsible for delivery operations support, delivery assurance support and capability improvements. As the … establish and maintain standards for projects, oversee progress against plans, manage dependencies and issues, and ensure that projects stay on track. This role will be part of the delivery management capability at Made Tech. Key responsibilities Delivery operations support Produce financial reports for account teams (contract/SOW burndown). Validate, track and approve TOIL for account teams. Track … projects are on track. Oversee dependencies, action/issue monitoring, and controls and help to perform health checks work streams/SoWs Be an active participant in the Delivery Management community within the engagement and Made Tech. Capability improvements Build and implement plans to improve the Agile delivery management capability. Participate as part of the PMO team in More ❯

and security challenges. An exciting opportunity has arisen for a Lead Information Security Adviser to join Boeing Defence UK in the support of the Defence Equipment Engineering and Asset Management System (DEEAMS) programme. Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence … UK (BDUK), including information security and assurance, personnel security, business continuity and counter threat support and risk advice. The successful candidate would be a part of a supportive team of around 26, with access to varied work and opportunities to progress their career alongside the growth of the business. At Boeing we're committed to rewarding excellence and fostering … liaise with the customer and other agencies as required and deliver other programme contractual deliverables as required. The post holder will also have experience of information security, defence security management and defence cyber protection partnership processes. Post initial operating capability the role will be integral to maintaining the continued authority to operate by maintaining the Information Security Management More ❯

defence and security challenges. An exciting opportunity has arisen for an Information Security Adviser to join Boeing Defence UK in the support of the Defence Equipment Engineering and Asset Management System (DEEAMS) programme. Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence … UK (BDUK), including information security and assurance, personnel security, business continuity and counter threat support and risk advice. The successful candidate would be a part of a supportive team of around 26, with access to varied work and opportunities to progress their career alongside the growth of the business. At Boeing we're committed to rewarding excellence and fostering … liaise with the customer and other agencies as required and deliver other programme contractual deliverables as required. The post holder will also have experience of information security, defence security management and defence cyber protection partnership processes. Post initial operating capability the role will be supportive in maintaining the continued authority to operate by maintaining the Information Security Management More ❯

and all programme partners. Foster strong working relationships with design and programme teams to integrate security measures seamlessly with alignment of cybersecurity strategies with client and partner goals. Conduct risk assessments and vulnerability analyses across all digital systems. Providing mitigation strategies to address security risks, monitoring threats and vulnerabilities. Oversee the secure architecture, design, and implementation of all programme … MOD IT Domain, including knowledge of Government/MOD IA policy and process including JSP440, JSP453, JSP628, DIANs and NCSC IA guidance. Able to demonstrate the application of contextualised risk management in the application of technical/procedural/physical security controls within the risk/cost/benefit space. Security Documentation management to include - but … not limited to - review and update of related IA documents including RMADS, Security Cases, SyOPs, Business Impact Assessments, Data Protection Impact Assessments, Risk Registers, DART/Oculus entries, Risk Balance Cases, Information Asset Owner forms, Supplier Assurance Questionnaires. Experienced in relevant Security Policy and Cyber Security Frameworks including the GovS 007, MOD Secure by Design (SbD), ISO27001 - Information More ❯

Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards and help resolve deployment challenges and risks Interact with relevant stakeholders to apply consistent … or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks … and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint Excellent written and verbal communication skills Preferred Qualifications: Professional certifications, such as Certified Information Systems Security Professional (CISSP More ❯

to resolve blockers, implement process improvement and manage a small team of two Procurement Business Partners. Your responsibilities will include: * Lead strategic procurement delivery across IT, Hard & Soft Facilities Management, and Customer Communications categories, managing a spend portfolio of approximately £163 million.* Design and implement category strategies that align with business objectives and deliver measurable value.* Build strong relationships … efficiency and compliance.* Manage and develop a team of two Procurement Business Partners, providing leadership, coaching, and support.* Oversee end-to-end procurement activities, including sourcing, contract negotiation, supplier management, and performance tracking when needed.* Ensure procurement practices comply with public sector regulations (old UCR15 frameworks and PA23)* Monitor market trends and supplier innovations to inform strategic sourcing decisions … and maintain competitive advantage. What you'll need to succeed: * Extensive experience in IT procurement is essential, with Facilities Management category experience being highly desirable* Proven line management experience, with the ability to lead, coach, and develop high-performing teams.* Demonstrated success in managing procurement portfolios of a similar scale (circa £150 million).* Strong understanding of public More ❯

office spaces, to enable technical and operational activity to happen in an appropriately secure manner Attending collaborative working groups such as Space Review Board Supporting security audits Supporting asset management Review compliance with security policies and procedures Document security risks, and support the mitigation of threats to the confidentiality, integrity, availability, accountability and relevant compliance of information systems. Document … in a timely manner, escalating if necessary. Support the Secure Operations team during visits and inspections by representatives of the Government or other contracting authorities. Support the recording and management of classified assets in accordance with established security procedures and asset registers Support with internal security audits, acting as a spot check for compliance to policies and processes Undertake … or information protection Willingness to undertake government security clearances. Existing security clearance a plus for us. Experience of creating and editing policies, processes and procedures Knowledge of information security risk management and a working knowledge of cybersecurity would be beneficial but we are not looking for a cyber security professional. In terms of personal qualities, we will look More ❯

office spaces, to enable technical and operational activity to happen in an appropriately secure manner Attending collaborative working groups such as Space Review Board Supporting security audits Supporting asset management Review compliance with security policies and procedures Document security risks, and support the mitigation of threats to the confidentiality, integrity, availability, accountability and relevant compliance of information systems. Document … in a timely manner, escalating if necessary. Support the Secure Operations team during visits and inspections by representatives of the Government or other contracting authorities. Support the recording and management of classified assets in accordance with established security procedures and asset registers Support with internal security audits, acting as a spot check for compliance to policies and processes Undertake … or information protection Willingness to undertake government security clearances. Existing security clearance a plus for us. Experience of creating and editing policies, processes and procedures Knowledge of information security risk management and a working knowledge of cybersecurity would be beneficial but we are not looking for a cyber security professional. Desirable: Relevant accreditations including Cyber Essentials, Cyber Assured More ❯

Overview Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness unrelenting technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide.As part of the Expleo Digital and Emerging Technology (DET) team, you will report to the Head of Cybersecurity and … certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure traceability … between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface for More ❯

certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure traceability … between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface for … cybersecurity engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. More ❯

certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure traceability … between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface for … cybersecurity engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. More ❯