1 to 25 of 97 Permanent Risk Assessment Jobs in England

Opportunity Overview sitemap_outline CORPORATE TITLE Associate language OFFICE LOCATION(S) London assignment JOB FUNCTION Liquidity Risk account_balance DIVISION Risk Division RISK Our Risk division develops comprehensive processes to monitor, assess, and manage the risk of expected and unexpected events that may have an adverse impact on the firm. Risk professionals execute critical … day-to-day risk management activities, lead projects and contribute to the ongoing advancement of a robust risk management program. FINANCE RISK (FR) Finance Risk is the independent risk management function responsible for overseeing the firm's accrual rates and liquidity risk. We work closely with Global Banking and Markets, Asset and Wealth Management and … Platform Solutions, as well as the broader Risk organization to provide independent risk assessment and oversight of the firm's risk taking. Key functions include: Risk Oversight: Monitor, govern, and challenge Corporate Treasury execution activities, including accrual rates risk management, liability management, cash & collateral management, funds transfer pricing, balance sheet usage, liquidity and funding More ❯

maintained throughout the project lifecycle working alongside both internal and external suppliers. • Qualification and quantification of business benefits relating to requirements for change and improved business processes, including impact assessment of change requests to scope and requirements. • Ensure the quality & timeliness of the analysis, requirements, specifications & acceptance criteria produced with the security engineering function to guide the strategy around … risks they need to address and the correct selection and implementation of controls. • work directly with multiple IT infrastructure and application development projects and teams to apply standard technical risk assessment methods to identify and prioritize risks for remediation • Review architecture and design documents to help ensure the correct implementation of security technology controls • contribute to the development … of improved risk assessment approaches • contribute to the systemization of the delivery of security advisory services Experience: Knowledge of risk management concepts including risk assessment and risk treatment techniques and methodologies, including: • Risk Assessment methods and frameworks (IRAM2, OCTAVE, NIST, ISO 27005 etc) • Information Security Management System frameworks and standards and their More ❯

help shape the future of finance, Paynetics is where your work will make a difference on a global scale. Paynetics UK is seeking an experienced and pragmatic Third Party Risk Manager to design, implement, and oversee the firm’s third party and outsourcing risk management framework. This role is pivotal in ensuring compliance with FCA outsourcing and operational … management in financial services, combined with the ability to deliver practical oversight and advice in a fast-paced environment. What you'll do: 1. UK Outsourcing and Third Party Risk Framework • Lead the design, development, and maintenance of Paynetics UK’s Third Party Risk Management Framework, ensuring compliance with FCA rules (SYSC 8, operational resilience, DORA, and PRA … SS2/21 where applicable). • Define risk appetite, governance structures, and control standards for outsourcing and vendor management. • Ensure proportionate oversight and due diligence aligned with the materiality of services and regulatory requirements. • Maintain an up-to-date Outsourcing and Third Party Register, ensuring that risk assessments and contract records remain current and accurate. 2. Group-Level More ❯

help shape the future of finance, Paynetics is where your work will make a difference on a global scale. Paynetics UK is seeking an experienced and pragmatic Third Party Risk Manager to design, implement, and oversee the firm’s third party and outsourcing risk management framework. This role is pivotal in ensuring compliance with FCA outsourcing and operational … management in financial services, combined with the ability to deliver practical oversight and advice in a fast-paced environment. What you'll do: 1. UK Outsourcing and Third Party Risk Framework • Lead the design, development, and maintenance of Paynetics UK’s Third Party Risk Management Framework, ensuring compliance with FCA rules (SYSC 8, operational resilience, DORA, and PRA … SS2/21 where applicable). • Define risk appetite, governance structures, and control standards for outsourcing and vendor management. • Ensure proportionate oversight and due diligence aligned with the materiality of services and regulatory requirements. • Maintain an up-to-date Outsourcing and Third Party Register, ensuring that risk assessments and contract records remain current and accurate. 2. Group-Level More ❯

Senior Risk Manager – Technology and Change (Second Line) Job Introduction The Risk function serves as the independent risk control unit within the organisation, acting as the second line of defence (2LOD) and providing oversight and challenge across the organisation’s principal risks — including credit, financial, and operational risks. The Technology and Change Risk Team is responsible … for risk oversight of IT Risk, Data Risk, Information Security, Change Management, Operational Resilience, and Intra-Group Risk. The team also ensures there is a consistent and objective view of all technology-related risks, as well as shared risks between Business and IT such as Payments Risk, Third Party Risk, and Operational Resilience. The function … the organisation’s business lines and supporting functions. Main Responsibilities The role holder will be expected to take ownership or contribute to the following key areas throughout the year: Risk Advisory and Guidance Independent Risk Oversight Annual Regulatory Returns Change Oversight and Change Assurance Ideal Candidate Proven experience working directly with senior Technology leadership (e.g., Heads of Functions More ❯

Senior Risk Manager – Technology and Change (Second Line) Job Introduction The Risk function serves as the independent risk control unit within the organisation, acting as the second line of defence (2LOD) and providing oversight and challenge across the organisation’s principal risks — including credit, financial, and operational risks. The Technology and Change Risk Team is responsible … for risk oversight of IT Risk, Data Risk, Information Security, Change Management, Operational Resilience, and Intra-Group Risk. The team also ensures there is a consistent and objective view of all technology-related risks, as well as shared risks between Business and IT such as Payments Risk, Third Party Risk, and Operational Resilience. The function … the organisation’s business lines and supporting functions. Main Responsibilities The role holder will be expected to take ownership or contribute to the following key areas throughout the year: Risk Advisory and Guidance Independent Risk Oversight Annual Regulatory Returns Change Oversight and Change Assurance Ideal Candidate Proven experience working directly with senior Technology leadership (e.g., Heads of Functions More ❯

Company Description Usual description. Job Description An exciting opportunity has arisen for an experienced risk professional to join our high performing Risk Team at our award winning investment platform. This role is ideal for someone who enjoys working closely with Technology functions and wants to make a real impact on how enterprise risk is understood, managed and … embedded across a growing FTSE 250 business. As the primary Risk Team business partner for our Technology Services division, you will play a key role in supporting the delivery of our enterprise wide risk management framework. You will help ensure risks are identified, assessed and managed effectively, and contribute to a strong risk culture across the organisation. … What the role involves: Partner with Technology Services to embed the Group Risk Management Framework. Support the ongoing development of the framework across AJ Bell. Promote a positive risk culture and provide education and guidance on risk processes. Participate in risk forums to help strengthen first line risk maturity. Support and challenge risk owners More ❯

interact with people at all levels effectively. Team Player: Flexible and adaptable approach, able to collaborate with colleagues. Health & Safety: Sound understanding of Health & Safety regulations , environmental impacts, and risk assessments. Reporting: Capable of providing detailed and summarised reports on operational activities. Qualifications: Hold a recognised mechanical services qualification . Character & Attributes: Resilient Under Pressure: Able to work effectively … control circuits . Lone Working: Familiarity with lone working requirements. Compliance: Ability to adhere to all required regulations . Desirable Experience: Building Management Systems (BMS): Experience working with BMS. Risk Assessment: Risk Assessment and Method Statement (RAMS) training. Multi-Discipline Work: Willingness and ability to work outside core discipline when required. Personal Specification: Education & Experience: Knowledge More ❯

quantify, and govern AI agents operating with autonomy in production environments. If you've been following the trajectory from static models to agentic systems—and the corresponding explosion in risk surface area—you know why this matters now. About governr governr is the AI risk platform for regulated enterprises. We provide complete AI visibility, real-time risk eval and quantification, and audit-ready compliance docs for enterprises deploying agentic AI. We've built the industry's most comprehensive AI risk assessment framework: We're currently in active discussions with tier-1 financial institutions and have secured design partners with leading firms navigating the shift from analytical AI to agentic systems. The market timing is … critical: enterprises are deploying agents at scale, regulators are demanding governance frameworks, and existing Third-Party Risk Management (TPRM) platforms have near-zero AI-risk depth. We have an estimated 18-24 month competitive window before large incumbents build comparable capabilities to stay relevant. The Role As an Agentic Developer at governr, you'll build the core systems More ❯

quantify, and govern AI agents operating with autonomy in production environments. If you've been following the trajectory from static models to agentic systems—and the corresponding explosion in risk surface area—you know why this matters now. About governr governr is the AI risk platform for regulated enterprises. We provide complete AI visibility, real-time risk eval and quantification, and audit-ready compliance docs for enterprises deploying agentic AI. We've built the industry's most comprehensive AI risk assessment framework: We're currently in active discussions with tier-1 financial institutions and have secured design partners with leading firms navigating the shift from analytical AI to agentic systems. The market timing is … critical: enterprises are deploying agents at scale, regulators are demanding governance frameworks, and existing Third-Party Risk Management (TPRM) platforms have near-zero AI-risk depth. We have an estimated 18-24 month competitive window before large incumbents build comparable capabilities to stay relevant. The Role As an Agentic Developer at governr, you'll build the core systems More ❯

Regional Risk and Quality Assurance Manager (f/m/d) Full or part time Empowering You - to feel our passion for technology As NTT DATA Business Solutions, we are more than just a company. We are a team of passionate people who drive innovation - from advisory and implementation to managed services and beyond. With SAP at our core … and initiatives to improve our consulting business aiming at increasing consulting quality, streamlining approaches across countries and developing consultants in their respective fields. Within GFC, the Global Quality and Risk Unit (GQR) is in charge of defining, implementing and enforcing Risk Management processes within all NTT DATA Business Solutions companies. The Risk and Quality Assurance team effectively … monitors risks throughout the various project phases in an operative manner. You as the Regional Risk and Quality Assurance Manager will directly manage Risk, Quality Assurance processes for selected projects, and you will directly engage with and coordinate FTEs. Implementation and execution of Risk and Quality Assurance Management for selected Consulting projects: Execution of risk assessments More ❯

think innovatively, and listen to each other and customers in meaningful ways. Moody's is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we're advancing AI to move from insight to action-enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock … into actions, and uphold trust through integrity. The Director, Tech Advisory is a senior leader within Moody's Insurance Business Unit, responsible for shaping the future of insurance analytics, risk management, and workflow transformation. You will lead a high performing team of technical architects, specialists, and developers, delivering innovative solutions that redefine client risk workflows and unlock new … and market innovators - you will design and demonstrate cutting edge architectures, proof of concept analytics, and migration strategies that help clients realize the full potential of Moody's Intelligent Risk Platform (IRP) and broader risk and data offerings. This is both a strategic and hands on role: you will champion best practices, enforce technical and architectural standards, and More ❯

team and work on client and internal projects. Key Skills and Experience: 7+ years in Cyber Security roles Defence Experience: A solid background in working on defence-related projects. Risk Assessment and Architecture: Proven experience in creating risk assessment and architecture documentation. Penetration Testing Processes: A comprehensive understanding of pen testing procedures, including reporting, triaging, and More ❯

In this role, you'll be: Providing the Secure by Design risk and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Work with multi-disciplinary teams, helping to ensure that … products are delivered in a secure manner that is aligned with the wider business risk appetite. Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate security and risk workshops with the various Authority departments, to align with wider customer transformational Security and risk management outcomes. Provide … accurate and pragmatic remediation/risk management guidance/advice in balance with Business objectives and risk appetites. Have an understanding of risk assessment in an agile delivery environment. Exceptional team working ethic and interpersonal skills. Good level of knowledge of the cyber security industry in public and private sector. Have a good understanding of modern More ❯

Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, risk assessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯

months Central Government experience in the last 5 years is strongly preferred. As an Aker Lead Security Architect, you will be a recognised subject matter expert in security, risk management and compliance with demonstrable experience in highly regulated industries, specifically UK Government and/or Defence. You will build effective working relationships with delivery team members and Aker customers … testing (e.g ITHC) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service (SaaS) solutions. Formulate HMG Information Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST … CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats. Provide oversight and guidance on government security procedures and processes. Continually evaluate new threats in the cloud, to identify the impact on IT and the business to develop and More ❯

will be essential, to actively go out and discover items of potential interest to the team, ensuring that there is collaboration between the architects, SOC engineers and analysts, and risk managers to deliver a documented risk-based response to the present and future of anything that may be found. Main responsibilities As Cyber Threat and Vulnerability Manager your … day-to-day role will involve the need to: Working with the Security Leadership team to develop a strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program. Line management of the threat and vulnerability management team. Building sustainable relationships to champion the adoption of vulnerability and threat management, compliance, and penetration testing program across … the department's systems, networks, and applications. Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation. Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions. Development and maintenance of actionable key performance and risk indicators (KPI's & KRI's More ❯

will be essential, to actively go out and discover items of potential interest to the team, ensuring that there is collaboration between the architects, SOC engineers and analysts, and risk managers to deliver a documented risk-based response to the present and future of anything that may be found. Main responsibilities As Cyber Threat and Vulnerability Manager your … day-to-day role will involve the need to:?? Working with the Security Leadership team to develop a strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program. Line management of the threat and vulnerability management team. Building sustainable relationships to champion the adoption of vulnerability and threat management, compliance, and penetration testing program across … the department's systems, networks, and applications. Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.?? Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.??? Development and maintenance of actionable key performance and risk indicators (KPI's & KRI's More ❯

will be essential, to actively go out and discover items of potential interest to the team, ensuring that there is collaboration between the architects, SOC engineers and analysts, and risk managers to deliver a documented risk-based response to the present and future of anything that may be found. Main responsibilities As Cyber Threat and Vulnerability Manager your … day-to-day role will involve the need to:?? Working with the Security Leadership team to develop a strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program. Line management of the threat and vulnerability management team. Building sustainable relationships to champion the adoption of vulnerability and threat management, compliance, and penetration testing program across … the department's systems, networks, and applications. Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.?? Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.??? Development and maintenance of actionable key performance and risk indicators (KPI's & KRI's More ❯

by assessing the risks associated with third-party vendors and internal projects, identifying vulnerabilities, and recommending appropriate mitigation strategies. You’ll work closely with cross-functional teams — including IT, Risk & Compliance, Procurement, and Project Management — to ensure adherence to security frameworks and continuous improvement of the firm’s information security governance. Role Responsibilities: Security Risk Assessment Evaluate … security risks associated with internal projects and third-party vendors, considering factors such as security, privacy, and compliance. Conduct and document vendor risk assessments in line with the firm’s ISMS and governance frameworks. Identify vulnerabilities, assess potential threats, and recommend proportionate mitigation or acceptance strategies. Information Security Governance Ensure compliance with internal security policies, standards, and procedures for … with procurement teams to evaluate and manage security risks associated with vendors. Review and assess vendor security documentation, such as questionnaires, audits, and certifications, to evaluate their security posture. Risk Management & Compliance Apply structured risk management principles to identify, prioritise, and manage information security risks. Collaborate with senior stakeholders, project managers and technical teams, to identify and assess More ❯

by assessing the risks associated with third-party vendors and internal projects, identifying vulnerabilities, and recommending appropriate mitigation strategies. You’ll work closely with cross-functional teams — including IT, Risk & Compliance, Procurement, and Project Management — to ensure adherence to security frameworks and continuous improvement of the firm’s information security governance. Role Responsibilities: Security Risk Assessment Evaluate … security risks associated with internal projects and third-party vendors, considering factors such as security, privacy, and compliance. Conduct and document vendor risk assessments in line with the firm’s ISMS and governance frameworks. Identify vulnerabilities, assess potential threats, and recommend proportionate mitigation or acceptance strategies. Information Security Governance Ensure compliance with internal security policies, standards, and procedures for … with procurement teams to evaluate and manage security risks associated with vendors. Review and assess vendor security documentation, such as questionnaires, audits, and certifications, to evaluate their security posture. Risk Management & Compliance Apply structured risk management principles to identify, prioritise, and manage information security risks. Collaborate with senior stakeholders, project managers and technical teams, to identify and assess More ❯

EAR Part-IS, CAA requirements, and emerging aviation security standards. This position requires deep expertise in cybersecurity frameworks, aviation security requirements, and the ability to balance innovation with robust risk management in our fast-paced, cutting-edge environment. Essential Experience: Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries … of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards Experience with industrial control systems security, particularly in safety-critical environments Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments Technical Expertise: Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, aviation-specific standards) Experience with security architecture design … aviation-specific cybersecurity standards Lead cross-functional security initiatives across engineering, operations, and certification teams Provide security expertise to support ZeroAvia's certification programmes with FAA, CAA, and EASA Risk Management & Compliance: Conduct comprehensive cybersecurity risk assessments specific to aviation systems and hydrogen-electric propulsion technologies Ensure compliance with EASA EAR Part-IS regulations and UK aviation cybersecurity More ❯

About SPS: Special Projects and Services Limited (SPS) is a UK-based security and risk management company founded in 1991. Operating globally, SPS provides crisis response, risk assessment, medical operations support, and project management in high-risk or complex environments. Known for its expertise in global assistance and specialist security operations, SPS was acquired by Concentric … in 2025, strengthening its position as a trusted provider of integrated risk and crisis management solutions. Overview: You will support the delivery of IT services across the UK business, assisting with technical support, device management, and ongoing tech ops projects. This role provides structured, hands-on training in IT systems administration, cyber security, and compliance, contributing to the smooth More ❯

process information and make actionable recommendations. What you will do: Create high-quality, clear, actionable, "must-have research" content in Audit Planning and Risk. Specific focus areas will include Risk assessment and audit planning, risk trends and audit response, aligned assurance, and IT Audit. Research, analyze and predict internal audit trends and shifts and provide clients with More ❯

of over 140 across London, Toronto, New York and Singapore. We have achieved scale by building the best-in class surveillance tooling, where our analytics bring the front office risk mindset to the compliance function. Though we have developed in the trade surveillance arena, we have always been more than that. At heart, we are a finance focused big … s leading financial markets analytics platform. The Role We are seeking a Head of Information Security to join our team in London and lead our cybersecurity strategy and manage risk across our corporate estate. You can expect to work closely with our Engineering and Infrastructure teams to effect change through our organisation, as well as customer facing teams such … the development, implementation, and continuous improvement of information security practices across all teams Manage regular pentests by external consultants and coordinate with internal resources to remediate issues Information security risk assessment of third party service providers Offer guidance, direction and approval on security solutions and approaches Advocate for secure engineering best practices throughout the company Manage the standards More ❯