1 to 25 of 122 Permanent Risk Register Jobs in England

Senior Cyber Risk Analyst We are seeking a Senior Analyst with a robust background in cybersecurity risk assessment and internal security audits, complemented by broad technical expertise across modern IT environments. This role requires a deep understanding of desktops, mobile devices, networks, operating systems, and cloud services, as well as the ability to effectively communicate complex technical concepts … The ideal candidate will possess advanced analytical skills, relevant certifications, and experience working cross-functionally-including direct client engagement-to support regulatory and business objectives. Primary Responsibilities Conduct comprehensive risk assessments of information systems, applications, business processes, and underlying technical infrastructure-including desktops, phones, network devices, operating systems (Windows, macOS, Linux), and cloud platforms (AWS, Azure, GCP). Collaborate … closely with compliance, legal, IT, business stakeholders, and external clients to understand operational requirements, regulatory obligations, and risk tolerance. Serve as a technical point of contact for clients, addressing and managing their technical requirements, security concerns, and risk management needs. Clearly document identified risks and work with stakeholders to propose, evaluate, and track compensating controls that address security More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is … alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation’s information assets and environments. Understanding security gaps and … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is … alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation’s information assets and environments. Understanding security gaps and … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is … alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation’s information assets and environments. Understanding security gaps and … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign More ❯

Proactively managing project risks, issues, and dependencies whilst ensuring full contractual compliance Running client workshops, progress meetings, sprint ceremonies, and team retrospectives Creating and maintaining comprehensive project documentation including risk registers, project plans, financial forecasts, and status reports Managing client invoicing processes and delivery reporting Contributing to the development of project management frameworks and best practices across the business … Proficiency with Atlassian suite (JIRA, Confluence) Advanced Microsoft Office skills including MS Project Experience creating comprehensive project plans and technical delivery documentation Strong strategic planning and organisational capabilities Advanced risk management and escalation skills Team leadership and staff motivation experience Budget management and resource allocation expertise Adaptability and innovative problem-solving abilities Exceptional time management with consistent delivery to More ❯

and the security of private equity backing. It's an inspiring time to join the team! Looking for a self-starting highly motivated and detail-orientated Information Security Governance, Risk, and Compliance (GRC) Analyst to support the design, implementation, and ongoing improvement of our information security governance and risk management framework. This role is essential in ensuring the … organisation proactively manages information security risk across its employees, technologies, vendors, and operations and adheres to the regulatory and security standards pertinent to financial services while providing visibility to key stakeholders. Job Responsibilities Support the development, maintenance, and enforcement of information security policies, procedures, and standards Conduct risk assessments on technology systems, third-party vendors, and new services. … implemented and effective Assist in preparing for and responding to regulatory audits and compliance reviews (e.g., NIST CSF, ISO 27001, DORA, GDPR. ITGC) Maintain and update the information security risk register with appropriate scenarios and control frameworks Conduct regular control testing, evaluation and reporting findings to stakeholders Stay current on changes in regulations, industry standards, and emerging risks More ❯

Senior Cybersecurity Risk Analyst (Remote) needed, £28.49ph PAYE - Reference: RQ Role Overview We are looking for a highly skilled and technically proficient Senior Cybersecurity Risk Analyst to join our team on an interim basis. This role is critical in identifying, assessing, and managing information security risks across the organization. The ideal candidate will have a strong technical background … the ability to translate threats into business risks, and experience working in fast-paced environments. Key Responsibilities - Conduct in-depth security risk assessments across systems, applications, and infrastructure. - Identify and evaluate technical and operational risks, vulnerabilities, and control gaps. - Translate complex technical threats into clear, actionable business risks. - Maintain and update the Cybersecurity Risk Register. - Produce detailed risk … the Security Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of tenders and conduct third-party/vendor risk assessments to ensure alignment with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience in technical More ❯

Role Overview We're looking for an experienced Senior Cyber Risk Analyst to join a purpose-driven organisation on a part-time basis . In this role, you'll take the lead in strengthening the organisation's security posture by driving forward incident response, vulnerability management, and compliance initiatives. You'll be a key player in embedding security best … Work 7-hour days, 3 days a week Act as a trusted advisor on information security matters, supporting projects, solution development, and change initiatives with expert guidance. Perform regular risk evaluations to uncover and address potential security gaps. Lead the end-to-end management of security incidents, ensuring swift and effective resolution. Design and deliver engaging training sessions to … Essentials Plus, ISO 27001, and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk assessments and developing threat models. Comprehensive knowledge of core cybersecurity domains, including network, endpoint, and cloud security. Skilled at translating technical vulnerabilities into business-relevant language for diverse audiences. More ❯

adheres to best practices and legislation in data protection, information security, quality management, environmental compliance and industry-specific security standards. The ideal candidate will have experience in compliance management, risk assessment, audits, security frameworks and policy implementation. They will need to work across teams such as IT, Operations, Finance, Delivery and Engineering to ensure robust governance, risk management … and compliance Information security and Cyber Essentials Plus Oversee Cyber Essentials Plus compliance ensuring security controls are in place Work closely with the IT team to assess vulnerabilities, manage risk and implement cyber security policies Work with the Head of IT to manage incident response planning and ensure security incidents are managed in line with best practices Data protection … Assessments (DPIAs) Implement processes around Data Subject Access Requests (DSARs) and breach management Ensure compliance with any client and third-party data processing agreements (DPAs) and data retention rules Risk management and policy development Review, update, maintain and enforce policies and procedures related to: Information security Data protection Environmental sustainability Business continuity Incident response Supplier security assessment Maintain a More ❯

site access * Liaise with service providers (cleaning, HVAC, alarms, etc.) Strategic and Operational Delivery * Develop and manage annual plans for IT and Facilities * Identify risks and maintain the operational risk register * Report on projects and performance to senior leadership * Contribute to continuous improvement across systems and services ________________________________________ Candidate Profile Essential: * Educated to degree level and Microsoft Certified * Significant More ❯

operators, world-class consultants, former regulators and industry authorities with a shared commitment to telling clients what is really needed for turning change into a strategic business asset, managing risk and unlocking value at every stage of growth. To learn more, visit: The team: Alvarez and Marsal's Global Security Office is committed to delivering the highest standards of … security and compliance. We are seeking a highly skilled and motivated Information Security Risk Manager to lead on A&M wide information security risk management program and join our dynamic and growing team based in either our London or Tampa office. Position Summary: The Information Security Risk Manager will play a critical role in, and will be … responsible for, driving risk strategy, overseeing risk governance, managing senior-level reporting, and leading key information security risk initiatives across the Alvarez and Marsal. This role will be focused on managing and maintaining the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding More ❯

such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders in relation to cyber security issues and provide recommendations. Maintain an information security risk register and assist with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends … in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security audits of company solutions. Implementing and maintaining security policies, standards, procedures, and best practices to ensure compliance with regulatory and industry requirements. Researching and evaluating new More ❯

such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders in relation to cyber security issues and provide recommendations. Maintain an information security risk register and assist with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends … in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security audits of company solutions. Implementing and maintaining security policies, standards, procedures, and best practices to ensure compliance with regulatory and industry requirements. Researching and evaluating new More ❯

such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders in relation to cyber security issues and provide recommendations. Maintain an information security risk register and assist with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends … in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security audits of company solutions. Implementing and maintaining security policies, standards, procedures, and best practices to ensure compliance with regulatory and industry requirements. Researching and evaluating new More ❯

escalation routes, and RAG-rate accordingly Ensure accurate and timely reporting to internal governance structures Coordinate project documentation, audit trails, and evidence for funding compliance Maintain and update programme risk registers, working with Finance, Assurance and Delivery teams Lead on monthly SPOC site visits and implementation checks with stakeholders Contribute to wider programme planning, communications, procurement, and evaluation activity … in project or programme management, ideally within energy, construction, regeneration, or public services A clear understanding of grant-funded programme delivery, monitoring and compliance Strong skills in stakeholder engagement, risk management, and financial forecasting Experience in analysing performance data and presenting recommendations Excellent interpersonal and communication skills across technical and non-technical audiences Ability to manage competing priorities and … a week spent in the office. How to apply . Applying for a role with WMCA is straight forward. Follow these steps to get started. Create your Careers Account. Register with your name, email address, and a password. Build your Profile. Upload your CV to help populate your career and education details. Write your Supporting Statement. Make sure to More ❯

system design, deployment, and ongoing operations. Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Contribute to the production and review of assurance artefacts, including security cases, risk registers, control implementation evidence, and … depth understanding of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/IT systems within large engineering or infrastructure programmes. … safety standards. Strong communication and stakeholder engagement skills, with the ability to liaise confidently across engineering, programme delivery, assurance, and regulatory audiences. Ability to produce high-quality documentation, including risk assessments, technical guidance, assurance artefacts, and audit-ready deliverables. Familiarity with UK cybersecurity regulations and sector guidance, including the NIS Regulations, CNI expectations, and industry-specific frameworks. Capable of More ❯

system design, deployment, and ongoing operations. Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Contribute to the production and review of assurance artefacts, including security cases, risk registers, control implementation evidence, and … depth understanding of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/IT systems within large engineering or infrastructure programmes. … safety standards. Strong communication and stakeholder engagement skills, with the ability to liaise confidently across engineering, programme delivery, assurance, and regulatory audiences. Ability to produce high-quality documentation, including risk assessments, technical guidance, assurance artefacts, and audit-ready deliverables. Familiarity with UK cybersecurity regulations and sector guidance, including the NIS Regulations, CNI expectations, and industry-specific frameworks. Capable of More ❯

Project Initiation & Planning Define project scope, goals, deliverables, and success criteria in alignment with business objectives. Develop and maintain comprehensive project plans, including Gantt charts, resource forecasts, milestones, and risk registers. Conduct feasibility analysis, business case development, and secure project funding and governance approvals. Ensure alignment with internal methodologies and Lloyd's change governance standards. Project Execution & Delivery Lead … teams, and external vendors. Communicate project status, issues, and risks clearly through regular reporting and meetings. Manage stakeholder expectations and facilitate decision-making across multiple levels of the organization. Risk & Compliance Identify and assess operational, technical, financial, and regulatory risks associated with project delivery. Implement mitigation strategies and ensure compliance with all relevant standards, including Lloyd's Minimum Standards More ❯

Project Initiation & Planning Define project scope, goals, deliverables, and success criteria in alignment with business objectives. Develop and maintain comprehensive project plans, including Gantt charts, resource forecasts, milestones, and risk registers. Conduct feasibility analysis, business case development, and secure project funding and governance approvals. Ensure alignment with internal methodologies and Lloyd's change governance standards. Project Execution & Delivery Lead … teams, and external vendors. Communicate project status, issues, and risks clearly through regular reporting and meetings. Manage stakeholder expectations and facilitate decision-making across multiple levels of the organization. Risk & Compliance Identify and assess operational, technical, financial, and regulatory risks associated with project delivery. Implement mitigation strategies and ensure compliance with all relevant standards, including Lloyd's Minimum Standards More ❯

Information Security Consultant (Governance/Risk/Compliance) - Bradford Salary: NEG - please apply regardless of expectations Work Hours: 9am - 5.30pm Location: West Yorkshire Responsibilities: Work with the Information Security team to provide advice and guidance on IT security and further develop IT policies and processes across a multi-region infrastructure consisting of 8000+ staff and 100+ sites. Review all … aspects of the IT environment and its components. Support Governance, Risk, and Compliance activities. Proactively improve and provide advice and guidance on information security matters. Create and maintain policies within our Information Security Management System, to support business requirements and align with ISO 27001. Maintain a register of security controls to identify compliance against security standards, including ISO … NIST, COBIT, etc. Develop and enhance security policies, processes, procedures, and technical controls to strengthen security capabilities and resilience to cyber threats. Maintain and manage the IT Risk Register to ensure that IT risks are regularly reviewed, correctly identified, assessed, reported, and mitigated in line with recommended best practices. Identify and raise awareness of security risks. Develop a More ❯

Information Security Consultant (Governance/Risk/Compliance) - Bradford Salary: NEG - please apply regardless of expectations Work Hours: 9am - 5.30pm Location: West Yorkshire Responsibilities: Work with the Information Security team to provide advice and guidance on IT security and further develop IT policies and processes across a multi-region infrastructure consisting of 8000+ staff and 100+ sites. Review all … aspects of the IT environment and its components. Support Governance, Risk, and Compliance activities. Proactively improve and provide advice and guidance on information security matters. Create and maintain policies within our Information Security Management System, to support business requirements and align with ISO 27001. Maintain a register of security controls to identify compliance against security standards, including ISO … NIST, COBIT, etc. Develop and enhance security policies, processes, procedures, and technical controls to strengthen security capabilities and resilience to cyber threats. Maintain and manage the IT Risk Register to ensure that IT risks are regularly reviewed, correctly identified, assessed, reported, and mitigated in line with recommended best practices. Identify and raise awareness of security risks. Develop a More ❯

relevant cost and revenue drivers associated with long-term contracts. The role requires the provision of support on Client opportunities by providing best in class commercial thought leadership, modelling, risk management and commercial innovation to optimize both our win chances and profitability of multi-tower services. Take the commercial lead on large, complex, domestic and international client opportunities by … ensuring profits are maximised, risks are understood and/or mitigated, and the client needs are met and exceeded. Utilisation of Joint Venture, Risk/Reward, Gain Sharing, flexible consumption/utility-based pricing and other pricing variations. Maintenance and development of innovative and commercially sustainable pricing models. Responsibility and creation of the contract P&L reporting of new … and the ability to generate savings to both the client and the company throughout the life of the contract. Responsible for the completion of asset financing requests, cashflow forecast, risk register, client pricing templates Analysis of existing and new pricing methodologies to help drive continuous improvement and competitiveness while remaining profitable. Governance Monitor and adhere to relevant Governance More ❯

relevant cost and revenue drivers associated with long-term contracts. The role requires the provision of support on Client opportunities by providing best in class commercial thought leadership, modelling, risk management and commercial innovation to optimize both our win chances and profitability of multi-tower services. What you'll be doing Position Summary & Objectives Commercial Modelling: Take the commercial … domestic and international client opportunities by ensuring profits are maximised, risks are understood and/or mitigated, and the client needs are met and exceeded. Utilisation of Joint Venture, Risk/Reward, Gain Sharing, flexible consumption/utility-based pricing and other pricing variations. Maintenance and development of innovative and commercially sustainable pricing models. Responsibility and creation of the … and the ability to generate savings to both the client and the company throughout the life of the contract. Responsible for the completion of asset financing requests, cashflow forecast, risk register, client pricing templates Analysis of existing and new pricing methodologies to help drive continuous improvement and competitiveness while remaining profitable. Governance: Monitor and adhere to relevant Governance More ❯

party providers Promoting a culture of collaboration, transparency, and service excellence Key Deliverables End-to-end IT service governance and assurance Up-to-date licensing schedules , cost controls, and risk registers Effective reporting on service metrics , issues, and compliance gaps Coordination of risk management , change control, and continuous improvement Delivery of reliable, secure, and scalable IT services aligned More ❯

Facilitate workshops, meetings, and sprint planning sessions to ensure alignment and progress toward project goals. Maintain clear communication with senior leadership, providing updates on project milestones, risks, and budget. Risk and Issue Management Identify, track, and resolve risks, dependencies, and issues throughout the project lifecycle, ensuring minimal disruption to ongoing operations. Develop and maintain risk registers and mitigation More ❯