19 of 19 Permanent Risk Management Jobs in the North East

Cyber Security Risk Manager Location: Edinburgh (hybrid)/2 days on-site Outside IR35 Market rates 3 month initial duration I'm currently recruiting for a highly skilled Cyber Security Risk Manager to lead the development and implementation of a cyber risk management programme. Key Responsibilities • Design and deliver a robust cyber security risk management framework. • Conduct regular risk and vulnerability assessments • Work collaboratively across departments to define risk tolerance and align with strategic objectives. • Analyse cyber security data to identify risks and recommend mitigation strategies. • Maintain comprehensive risk documentation, including registers, impact analyses and treatment plans. • Communicate risk insights and recommendations clearly to stakeholders. • Develop and monitor key risk indicators (KRIs) and key performance indicators (KPIs). • Support project teams in embedding risk management throughout project lifecycle. • Collaborate with internal and external partners to enhance incident response and cyber resilience. Candidates will have; • Experience in a cyber security risk management role. • Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR More ❯

of expertise, working collaboratively across government to deliver holistic, customer centric cyber security services and consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape to support HMRC/HMG business needs. This is an exciting time to be part of our active and encouraging cyber security community, working within HMRC and across … HMG. Job description As a Principal Cyber Security Professional, you will play a leading role in securing HMRCs services, to ensure the best possible technical security risk-based advice is given to our customers. As the ideal candidate you will work in partnership with key and senior stakeholders on major programmes and projects. You will act as the Security … the work commitment required is delivered on time and to agreed quality standards. You will work collaboratively with a further range of senior business & technical stakeholders, to deliver appropriate risk-based technical security advice and guidance, to enable the secure delivery of HMRC and HMG solutions and services. You will be a security champion, driving Secure by Design across More ❯

and lead a Cloud Centre of Excellence to drive innovation and consistency. Oversee cloud governance, architecture, and security, ensuring compliance with NHS and UK Government standards. Lead cloud financial management using FinOps principles to optimise spend and improve transparency. Support the migration from on-premise systems to cloud, enabling scalable and secure solutions. Collaborate with senior leaders, architects, and … will ensure that the organisation has a robust and capably skilled CCoE which meets the demands of our customers. Define governance frameworks for cloud technology adoption, decision-making, and risk management, working across the organisation with Enterprise Architects, Developers and other key stakeholders. Establish and run cloud steering and governance committees with key stakeholders that will accelerate delivery … cloud architecture that supports multi-cloud (hyperscaler) environments Build and lead a skilled cloud services team, fostering professional development and innovation Define standards for cloud service design, deployment, and management Develop comprehensive shared responsibility models across cloud platforms Establish technical decision-making processes and evaluation criteria for cloud technologies Financial and Third-Party Management Implement cloud financial management More ❯

We’re supporting one of our clients in the fintech space in their search for a Technology and Data 1st Line of Defence (1LoD) Risk Contractor. About the Role As a Technology and Data 1LoD Risk Contractor, you will work closely with Technology and Data teams to drive risk maturity, improve visibility of inherent and residual risks … and ensure timely closure of audit and assurance actions. You will be instrumental in embedding robust risk ownership and accountability across IT delivery and operations. Key Responsibilities: Identify, document and enhance understanding of inherent risks related to Technology and Data services and assets. Embed risk and control accountability within the 1LoD Technology and Data team. Enhance and manage … the Technology and Data risk and control frameworks and tools. Lead risk workshops and collaborate with service and control owners to identify and document risks across processes, platforms and change initiatives. Align risk documentation with second line of defence (2LoD) standards and enterprise risk taxonomy. Support the closure of open audit, assurance and risk findings More ❯

We’re supporting one of our clients in the fintech space in their search for a Technology and Data 1st Line of Defence (1LoD) Risk Contractor. About the Role As a Technology and Data 1LoD Risk Contractor, you will work closely with Technology and Data teams to drive risk maturity, improve visibility of inherent and residual risks … and ensure timely closure of audit and assurance actions. You will be instrumental in embedding robust risk ownership and accountability across IT delivery and operations. Key Responsibilities: Identify, document and enhance understanding of inherent risks related to Technology and Data services and assets. Embed risk and control accountability within the 1LoD Technology and Data team. Enhance and manage … the Technology and Data risk and control frameworks and tools. Lead risk workshops and collaborate with service and control owners to identify and document risks across processes, platforms and change initiatives. Align risk documentation with second line of defence (2LoD) standards and enterprise risk taxonomy. Support the closure of open audit, assurance and risk findings More ❯

to senior leaders on technology decisions and their implications. Build and maintain senior relationships with DDaTs key technology suppliers to understand their strategic direction and assist with the commercial management of suppliers. Build relationships with other Government, non-Government organisations, statutory agencies and public and private sector organisations, representing the NHSBSA, to develop collaborative approaches which can deliver value … view of architecture and align it with business goals Ability to design, develop, implement, and evaluate the effectiveness of strategic approaches, plans, activities and solutions. Excellent communication and stakeholder management skills, with the ability to influence at all organizational levels. Innovative mindset, encourages innovation and stays ahead of emerging technology trends Analytical and Problem-Solving Skills - Ability to assess … range of activities. Results-oriented with a focus on delivering value and achieving measurable outcomes. Understanding of TOGAF and other architectural methodologies. Awareness emerging technologies. Understanding of industry regulations, risk management, and security best practices. Knowledge of modern software development methodologies, including Agile, DevOps, and CI/CD. Desirable Familiarity with regulatory IT compliance and cybersecurity best practices. More ❯

enhancements across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role … impact across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on More ❯

joining a highly supportive organisation that is happy to sponsor certifications such as PRINCE2, Agile or other technical qualifications. The successful Junior Project Manager does not need prior project management experience, as long as they possess strong knowledge and understanding of the telecoms sector and be highly process-driven. The Junior Project Manager will be involved in the end … to-end delivery of Telecoms projects, engage with internal and external stakeholders, carry out procurement, risk management, resource management and quality assurance tasks. Essential skills - Junior Project Manager: A strong desire to pursue a career in Project Management Excellent communication skills Process driven Previous stakeholder and customer engagement Attention to detail Desirable - Junior Project Manager: Proficient … in Microsoft Office, Teams, Outlook, Word, Excel Project management tools such as Microsoft Project, Asana or Trello Any relevant qualifications If you are interested in this is a great opportunity for where you will have the chance to progress your career and gain an abundance of project experience then please apply with your most up to date CV. More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that … cyber security risks are effectively managed across the organisation. As a senior member of the team, you will lead a small group of risk and security professionals, drive the implementation of Secure by Design principles, and oversee compliance with key frameworks such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting … regulated environment. Key Responsibilities Own and evolve the Information Security Assurance Framework and programme. Lead themed reviews to assess the effectiveness of security controls. Manage the organisation's technology risk management programme , ensuring risks are identified, assessed, and remediated within appetite. Oversee Secure by Design initiatives, aligning business and technical changes with security requirements and government standards. Drive More ❯

is looking to hire a highly organised and proactive Change Coordinator to join their growing PMO team. This role is ideal for someone with a strong background in change management within IT or software delivery environments, who thrives in structured, fast-paced settings and is passionate about driving continuous improvement. The successful candidate will have demonstrable experience coordinating projects … within a PMO framework and a solid understanding of change management principles, methodologies, and tools. Familiarity with Microsoft DevOps Boards is desirable, as is experience working with clients in regulated industries. You will be confident in analysing project workloads and performance metrics, producing clear, actionable reports for a range of stakeholders. A strong grasp of risk assessment and … the ability to coordinate risk management activities across projects is essential. Your ability to manage multiple priorities, solve problems effectively, and communicate clearly with diverse teams will be key to your success in this role. Knowledge of ITIL frameworks and Agile methodologies would be advantageous. This is an exciting opportunity to join a forward-thinking company where your More ❯

the Head of Procurement, this Category Manager will be responsible for responsible for developing and executing procurement strategies across a diverse portfolio of corporate services categories including IT, Facilities Management, Temporary Labour, HR & Marketing, Financial & Legal services, Learning & Development, Travel Management, Office Supplies, Printing, Professional Services and Capital expenditure projects that do not fall under the engineering category. … Lead the sourcing process for the designated categories including, market research, specification development, developing sourcing documents, bid evaluation, negotiating all commercial terms and conditions aimed at reducing cost, minimising risk and optimising business processes for the procurement of the goods and services within these categories. Supplier Management : Identify, evaluate, and manage relationships with key suppliers to ensure quality … be easily quantified. Contract Development : Work with the legal function to construct the necessary contractual arrangements for contracts to ensure all contractual terms and conditions are approved and corporate risk is minimised. Market Analysis: Conduct market research and analysis to stay informed about industry trends, pricing, and emerging technologies. Stakeholder Collaboration: Encourage and influence internal stakeholders, to ensure key More ❯

Lead workforce planning for 4,500+ FTE and oversee multi-year investment and delivery plans. Define and track performance through OKRs and KPIs aligned to departmental strategy. Governance and Risk Lead organisational governance and risk management, identifying and resolving blockers early. Represent Digital Group at departmental committees and manage relationships with GIAA. Finance Oversee a £1bn budget More ❯

with the development and review of data protection policies and procedures. Support data classification initiatives and ensure appropriate access controls are in place. Collaborate on information security projects, including risk assessments and incident response planning. Liaise with internal teams to provide guidance on compliance and data protection matters. Help respond to data subject access requests (DSARs) and regulatory queries. … not essential) Experience with tools like OneTrust , Varonis , or similar platforms. Certifications such as CIPP/E , CIPM , or ISO 27001 Lead Implementer . Exposure to security projects or risk management frameworks Benefits: Competitive salary and performance bonuses. Comprehensive health, dental, and vision insurance. Generous pension scheme. Opportunities for professional development and continuous learning. Flexible working hours and More ❯

to evolve and secure our Operational Technology (OT) estate. We’re looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on … leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of controls. Deliver awareness training and cyber security guidance across OT engineering teams. Champion collaboration across cyber, IT, and engineering teams—bridging gaps between tech, process, and people. What we’re looking for The ability to work More ❯

Own the delivery vision for complex digital programmes focused on Microsoft Dynamics and Low Code solutions. Drive delivery outcomes for high-profile government and public health clients, ensuring governance, risk management, and quality assurance standards are met. Set critical success factors for projects and workstreams, including commercial and performance metrics. Lead and grow delivery teams, providing line management … based solutions. Experience leading programmes involving multiple delivery teams, product managers, and technical leads. Sound commercial understanding and experience owning P&L, forecasting, and contract delivery performance. Excellent stakeholder management skills, with the ability to engage at CxO level. Passion for growing and mentoring talent, fostering high-performing and inclusive teams. Desirable: Experience with GOV.UK standards or GDS service … assessments. Exposure to public sector procurement processes or central government digital frameworks. Hands-on experience with delivery assurance for complex platform builds. Project/Programme Management certifications (Scrum, Prince2, MSP, etc.) welcome. Benefits: Remote-first working (occasional travel when needed) Performance-related bonus Private medical Pension and additional flexible benefits Want to hear more? Get in touch today - even More ❯

final gateway before go-live, you will collaborate closely with Service Design Managers and IT Operations teams to safeguard service integrity and readiness. KeyResponsibilities: Lead transition planning, scheduling, and risk management across multiple projects. Ensure services are supported with appropriate documentation, knowledge, and ownership. Conduct quality assurance checks and adhere to service integration processes, identifying and addressing any … support structures, including SLAs, KPIs, OLAs, and operational processes. Drive continuous improvement and support the implementation of automation and efficiency-enhancing technologies. This role aligns with the ITIL Service Management framework and requires strong coordination, assurance, and stakeholder engagement skills. What skills, knowledge and experience will you need? How will this be assessed? Our application process requires your employment … history and a personal statement. This is your opportunity to evidence clear examples of how you meet the following: ITIL Service Management qualifications - Information Technology Infrastructure Library (ITIL certification: Foundation Level) or equivalent demonstrable experience appropriate to the role of Service Transition Manager. Experience and a proven track record in managing projects. Stakeholder Engagement & Communication - Strong interpersonal skills to More ❯

of supporting investigations, either virtually or face-to-face by visiting customers premises across the UK. Employing critical thinking to analyse systems and processes in customers to identify potential risk areas and to highlight errors. Having strong written and verbal communication skills to detail findings and recommendations in formal settings and in audit reports. Having good organisational skills to … enable you to effectively prioritise and manage your workload and work multiple cases concurrently. Desirable Criteria An understanding of information systems and accounting software An understanding of governance and risk management Data extraction, manipulation and analysis techniques Se our full job advert for more details on the role, business areas, and training provided. More ❯

of supporting investigations, either virtually or face-to-face by visiting customers premises across the UK. Employing critical thinking to analyse systems and processes in customers to identify potential risk areas and to highlight errors. Having strong written and verbal communication skills to detail findings and recommendations in formal settings and in audit reports. Having good organisational skills to … enable you to effectively prioritise and manage your workload and work multiple cases concurrently. Desirable Criteria An understanding of information systems and accounting software An understanding of governance and risk management Data extraction, manipulation and analysis techniques Se our full job advert for more details on the role, business areas, and training provided. JBRP1_UKTJ More ❯

Technology Risk and Resilience Manager (financial services) A leading consultancy are looking for a Manager to join their Financial Services Risk and Resilience team. The Role: Lead and deliver technology risk, digital resilience, and regulatory compliance projects for financial services clients. Advise on and implement IT risk frameworks (e.g., COBIT, ITIL, ISO, NIST) and resilience capabilities … heat maps. Coach and mentor junior team members while contributing to business development and thought leadership. Leverage AI and digital tools to enhance client solutions and drive innovation in risk management. Requirements: 5+ years in technology risk, operational/digital resilience, IT audit, or cyber resilience in financial services Understanding of UK/EU regulations (DORA, FCA/… etc.). Knowledge of industry frameworks: COBIT, ITIL, ISO 27001/22301, NIST CSF. Experience leading multi-workstream programmes with C-suite deliverables. Strong analytical, communication, and stakeholder management skills. Proven use of AI Key Details: 📍Located: Edinburgh 💸Salary: £60k- £68k More ❯