24 of 24 Permanent Risk Management Jobs in Reading

Head of Technology Governance, Risk, and Compliance (GRC) Because your new ideas are our way new ways of working. Evolve, your way. The Head of Technology Governance, Risk, and Compliance (GRC) is a key leadership role within the Primark Tech, reporting to the Chief Technology Security & Risk Officer (CTSRO). The role is responsible for ensuring effective … a crucial role in interacting with internal and external auditors and is responsible for the development and guidance of a team responsible for second line of defence activities, technology risk management and assessments, compliance monitoring, and developing a tech wide governance framework of policies, standards, and controls to ensure a strong control environment is in place to manage … risk, yet provide agility to deliver. What You'll Get People are at the heart of what we do here, so it's essential we provide you with the right environment to perform at your very best. Let's talk lifestyle: Healthcare, pension, and potential bonus. 27 days of leave, plus bank holidays and if you want, you can More ❯

and family. Working Pattern: Permanent Full Time Flexible First options available The role The role holder is responsible for leading the development and implementation of a standardised cyber security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and … the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting More ❯

We use data to help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it? Reporting to the Senior Governance, Risk & Compliance Officer, the Information Security Officer will assist in strengthening the organisation's security posture within a large, complex, and fast-paced environment. This role supports the development and … implementation of GRC policies, risk management frameworks, and control processes to ensure the confidentiality, integrity, and availability of Keyloop's information assets. The Information Security Officer will work cross-functionally with stakeholders across diverse teams and departments to embed strong information security practices throughout the business. The role also includes identifying and tracking risks within the supply chain … and supporting the organisation's broader information security governance, risk, and compliance efforts. A critical part of this role is helping to promote a strong risk-aware culture and embedding positive security behaviours across the organisation. Role & Responsibility : The job holder will be responsible for assisting and supporting in a range of activities across the Governance, Risk More ❯

Senior Cyber Security Risk Analyst Berkshire– 4 days per week on site £70- £85,000 + bonus + benefits My client, a leading global manufacturer based in Berkshire are actively looking for Senior Cyber Security Risk Analyst to join their dynamic team. This role is an exciting opportunity to be a part of really helping to define and … shape what governance and risk assurance looks like for the organisation. This will include areas such as building out and developing their education and awareness programme as well as taking ownership over third party assurance. If you are looking for a role where you can be a part of building out something exciting, with a fantastic long term career … path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance More ❯

Senior Cyber Security Risk Analyst Reading - 4 days per week on site £70,000- £85,000 + bonus + benefits My client, a leading global manufacturer based in Berkshire are actively looking for Senior Cyber Security Risk Analyst to join their dynamic team. This role is an exciting opportunity to be a part of really helping to define … and shape what governance and risk assurance looks like for the organisation. This will include areas such as building out and developing their education and awareness programme as well as taking ownership over third party assurance. If you are looking for a role where you can be a part of building out something exciting, with a fantastic long term … career path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and More ❯

for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Create & Maintain an information security management system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including … existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders, published, and communicated. Also, ensure that policies are managed throughout their lifecycle and updated through yearly or ad-hoc reviews. … in consultation with Technical teams. Lead on providing information to Three UK Customers (B2B) regarding Three UK's security practices. Support proactive and effective oversight of technology and security risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Assist in designing, building, and implementing a Technology and Security Risk framework in collaboration with More ❯

Flexible First options available The role The Head of Cyber Security for our Energy Customer Solutions (ECS) business will champion and deliver the day-to-day cyber security strategy, risk management and human behaviours for the ECS business unit. ECS is SSE's 'shopfront' - providing energy and low carbon solutions to over 1.3 million customers in GB and … Ireland. The role holder will advise on cyber security input and assurance into agile system delivery and product management of systems. They will drive and manage compliance with the NIS and NIS2 regulatory requirements and will provide specialist support into any cyber transformation initiatives. You will Drive, influence and embed the cyber security strategy, risk management and … demand. This includes the co-ordination of cyber security requirements, engagement with stakeholders and use of standard architecture patterns and planning of assurance. Champion cyber security and lead specific risk assessments and strategic initiatives as required including pushing awareness, behaviours and culture. Work with peer Heads of Cyber Security to align and challenge cyber security risk positions to More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. Demonstrate … familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

We seek a strategic, solutions-focused leader with deep technical expertise and a passion for innovation. You will work closely with OT engineers, IT, operations, asset management, and external partners to lead the design, deployment, and governance of cutting-edge Operational Technology (OT) solutions across Thames Water's water and wastewater networks. We are seeking an OT Engineering Solutions … Ensure solutions meet security, performance, regulatory, and operational requirements. Oversee high-level design, integration, and documentation of OT architecture to support real-time control, automation, and data acquisition. Team Management & Innovation: Manage a team of OT solution engineers, defining goals and monitoring performance against KPIs. Foster a collaborative, high-performing, and innovative team culture. Champion the adoption of emerging … external stakeholders. Collaborate with engineering, cybersecurity, procurement, and control room teams to align technical and business goals. Lead discussions to translate complex technical requirements into actionable solutions. Supplier & Resource Management: Manage supplier and contractor relationships to ensure transparent and effective collaboration. Oversee resource planning and allocation to ensure the timely delivery of integrated OT solutions. Ensure effective cross-charging More ❯

procedures, templates, and standards. Assist in the development and localisation of standard test scripts, ensuring they are tailored to specific control environments and aligned with the organisation's Enterprise Risk Management Framework. Conduct control testing activities to evaluate the design and operational effectiveness of assigned controls, documenting results clearly and raising issues where appropriate Ensure timely delivery of … thrive in this role, the essential criteria you'll need are: Proven experience in performing control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, risk management, and control frameworks. Experience in IT, OT and Cloud environments. Clear and professional verbal and written communication, including the ability to explain technical issues to non-technical … supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy. Strong understanding of Cyber Security Domains including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to have/bring More ❯

they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Responsibilities: Provide support in proactive and effective oversight of the technology risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Manage and own the Technology Risk Register. Collaborate with technology and business stakeholders to identify … define, and prioritize pragmatic and efficient remediation activities related to risk and control issues. Facilitate the Risk acceptance process when Residual Risk exceeds appetite. Manage and continually improve the organization's risk profile. Provide subject matter expertise in Technology Risk to the business and communicate the risk environment through dashboards and KPIs. Additional Responsibilities … Use consistent processes to identify potential risk events, quantify and document their probability and impact. Refer to domain experts for guidance on specialised risk areas such as architecture and environment. Work with stakeholders to implement agreed mitigation activities. Identify emerging risks, issues, and needs, and determine potential causes. Support the overall risk strategy to safeguard the organization More ❯

Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards and help resolve deployment challenges and risks Interact with relevant stakeholders to apply consistent … or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks … and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint Excellent written and verbal communication skills Preferred Qualifications: Professional certifications, such as Certified Information Systems Security Professional (CISSP More ❯

courseware components. Ensure compliance with Secure by Design principles and security classifications. Act as the integration SME across internal teams, suppliers, and MOD stakeholders. Drive progress with clear metrics, risk management, and collaborative execution. What You’ll Bring: Experience delivering and integrating secure hardware/IT systems. Deep knowledge of systems engineering lifecycle & ITIL. Proven ability to manage … projects across multiple security layers. Strong stakeholder engagement, risk mitigation, and configuration management experience. Bonus if you have: Experience with DSAT, SCIDA, Jira/Confluence, Agile/DevOps, or defence training systems. Why join? Salary of up to £60,000 + bonus + up to 10.5% pension 25 days holiday + bank holidays + buy/sell up More ❯

the new Head of Power. You’ll work with data from over 8,000 assets, developing metrics to assess and improve their resilience. Your insights will support strategic planning, risk mitigation, and performance optimisation across the Power function.Your key responsibilities will include: Leading the gathering, integration, and interpretation of operational data to generate actionable insights. Providing detailed analysis to … support planning, performance tracking, and risk mitigation. Developing dashboards and reporting tools to support leadership decision-making. Contributing to business cases with financial and risk-based analysis. Supporting strategic planning and performance measurement across the Power function. Collaborating with stakeholders across the business to ensure data-driven programme success. Developing solutions and metrics to assess how resilient Thames … Ability to work under pressure and effectively prioritise conflicting requirements. Desirable experience includes: Knowledge or experience related to the industrial use or provision of power (electricity). Experience of risk management within a project/programme or business environment. Experience and ability working on a programme project. What’s in it for you? This is your opportunity to More ❯

engage diplomatically with their supplier networks to identify and recover lost funds across diverse client portfolios. This role demands exceptional organisational and analytical capabilities to effectively oversee complex data management, reporting, and billing processes. This represents an outstanding opportunity for an ambitious finance professional to advance their career within our collaborative and expanding team. FISCAL Technologies offers world-class … financial risk management software solutions that protect spend, significantly cut costs, and reduce supplier risk for organisations. With a 16-year proven track record, we deliver substantial ROI and payback to our customers within three months. We Are Looking For Someone With Background - We're flexible for candidates with: A proven track record of delivering audit projects … Deliver services projects from initial kick-off through to completion and handover Conduct ad-hoc data review projects for customers, analyzing data and summarizing results, key trends, and high-risk areas Provide clear progress reports and summaries regarding recoveries for multiple projects Anticipate problem accounts and escalate towards suitable solutions promptly Conduct detailed reconciliations on large accounts to confirm More ❯

with the Product Model overarching objectives. Define and own the project delivery, including scope, timeline, milestones, resource plans and critical dependencies. Establish and maintain strong governance frameworks, ensuring rigorous risk management, issue resolution and clear escalation paths. Engage and influence senior stakeholders across Primark and third-party vendors to secure engagement and maintain momentum. Manage multi-functional delivery … KPIs and budgets, addressing variances and challenges, reporting to senior leadership. Ensure that the project adheres to best practice and quality standards in technology delivery and implementation. Integrate change management, communication and training plans into the overarching project plan to support adoption and deliver lasting process improvements. Follow and champion the mandated Primark delivery approach, continuously seeking opportunities to … authentic self to work, of course with some other key experience and abilities for this role in particular: Educated to degree level with 10+ years of Project/Programme Management experience delivering complex solutions. Experience of working within a Retail environment is essential, whilst experience in Allocation, Replenishment and Forecasting is highly desirable/advantageous. Experience in delivering scaled More ❯

working and instilling best in class software engineering techniques. Key Responsibilities Responsible for leading the design & delivery of Devops Practices, Tools, Automation and Strategies. Accountable for the enablement and management of products and services in terms of providing the tools, pipelines and guardrails through self-service and facilitating through support/coaching/incubation. Enable the engineering experience so … application vendors to meet and exceed expectations. Define and govern software quality and testing standards; ultimately improve software delivery and operational performance measured through industry standard metrics. Drive data management improvements and help develop appropriate tooling. Drive automation in all aspects of the SDLC. Develop a culture of awareness, accountability and compliance with regards to Security, GDPR, IT governance … as manager/leader. Cloud experience (Azure) & knowledge of MACH architecture. Experience with Testing tools and suites such as HP ALM, Octane, Atlassian JIRA & JSM, Selenium etc. Excellent people management, interpersonal, analytical, and problem-solving skills High availability, DR & BC experience an advantage Experience with CI/CD and related DevOps tooling Risk management & commercial awareness Stakeholder More ❯

managing budgets and risks, and ensuring that quality standards are consistently met.You'll work closely with senior stakeholders and business analysts to shape project requirements, support testing and change management, and ensure that outcomes deliver real value to the organisation. This is a varied and impactful role, ideal for someone who thrives in a fast-paced environment and enjoys … driving meaningful change through technology. What You'll Need to Succeed Skills & Experience: Strong project management and organisational capabilities. Proven experience delivering complex IT and business transformation projects. Excellent communication and stakeholder engagement skills. Ability to manage multiple concurrent workstreams and lead cross-functional teams. Experience with risk management, budget control, and governance processes. Qualifications: Degree-level … education or equivalent experience. PRINCE2 Practitioner or APM certification. Knowledge: Solid understanding of digital project and change management practices. Awareness of challenges in large, complex organisations. Familiarity with Agile methodologies is a plus. Personal Attributes: Proactive, resilient, and enthusiastic with a solutions-focused mindset. Committed to continuous personal and professional development. What you need to do now If you More ❯

managing budgets and risks, and ensuring that quality standards are consistently met.You'll work closely with senior stakeholders and business analysts to shape project requirements, support testing and change management, and ensure that outcomes deliver real value to the organisation. This is a varied and impactful role, ideal for someone who thrives in a fast-paced environment and enjoys … driving meaningful change through technology. What You'll Need to Succeed Skills & Experience: Strong project management and organisational capabilities. Proven experience delivering complex IT and business transformation projects. Excellent communication and stakeholder engagement skills. Ability to manage multiple concurrent workstreams and lead cross-functional teams. Experience with risk management, budget control, and governance processes. Qualifications: Degree-level … education or equivalent experience. PRINCE2 Practitioner or APM certification. Knowledge: Solid understanding of digital project and change management practices. Awareness of challenges in large, complex organisations. Familiarity with Agile methodologies is a plus. Personal Attributes: Proactive, resilient, and enthusiastic with a solutions-focused mindset. Committed to continuous personal and professional development. What you need to do now If you More ❯

with experience translating technical language for diverse audiences. Excellent problem-solving and diagnostic skills, with the ability to assess impact and resolve issues under pressure. Familiarity with change control, risk management, and fault escalation processes in critical systems environments. Essential Technical Skills & Qualifications: Recognised technical qualification in Operational Technology, ICA, or SCADA systems. Practical experience supporting Schneider Electric More ❯

our Infrastructure team, to be based in our Reading office , joining our 2026 Graduate Programme. The team workson a large variety of projects, such as river restoration, natural flood management, river and waterways structures, surface water drainage, flood alleviation schemes, wetland design, flood risk management and river and coastal engineering.If you enjoy problem solving and have a … sustainability, then this is the role for you! As a Graduate River and Coastal Engineer, you will support senior staff in detailed design, report writing, optioneering, programme and project management, as well as site visits.You will be part of a large and diverse team in which you will be supporting the delivery of engineering solutions for the water environment … whilst furthering your understanding of flood risk, hydrology, hydraulics and water management. You will benefit from the structured graduate training scheme and be assigned a Delegated Engineer and Supervising Civil Engineer to support you in your route to Chartership. You will join a supportive and successful team with exciting career opportunities, gain great client exposure and professional development and More ❯

. As leading players in MOD's cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. What we are looking … Defence security policy and process to enable successful security outcomes of managed systems. In addition: Ensuring the project is undertaken in a structured way that meets secure by design Risk assessments and mitigation strategy Secure architecture Security mitigation technical advice Supporting the cascade of any security requirements to the supply chain Support with the security through life concepts of More ❯

to-end AV system setup Lead on-site installations nationwide, maintaining a strong quality focus Brief and manage installation partners and subcontractors Make informed decisions around scope changes and risk management on-site Provide technical support including audio and lighting programming Deliver service visits in line with SLAs for key clients Assist with sourcing, vetting, and onboarding local More ❯

to-end AV system setup Lead on-site installations nationwide, maintaining a strong quality focus Brief and manage installation partners and subcontractors Make informed decisions around scope changes and risk management on-site Provide technical support including audio and lighting programming Deliver service visits in line with SLAs for key clients Assist with sourcing, vetting, and onboarding local More ❯