1 to 25 of 27 Permanent Risk Assessment Jobs in the South West

lines. Compliance: Ensure the company's security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO27001:2022 and other relevant frameworks. Risk management: Lead the information security risk management program, including identification, assessment, mitigation, and monitoring of information security risks across all systems, applications, and operations. Policy and procedure … information security awareness and training programs for all employees, ensuring Mayden's culture strongly embeds security at its core. Supplier security assurance: Implement and manage a robust supplier security risk assurance framework, assessing and monitoring the security posture of suppliers, partners, and subcontractors who handle company or patient data. Regulatory compliance and audit: Support the Data Protection Officer in … monitoring operations: Support and oversee the day-to-day security monitoring operations, including log analysis, threat intelligence, and SIEM management. Leadership and mentoring: Provide strong leadership to the governance, risk and compliance team and mentor the professional growth and development of security staff. Threat intelligence: Stay up to date with the latest cyber security threats, vulnerabilities, technologies, and best More ❯

lines. Compliance: Ensure the company's security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO27001:2022 and other relevant frameworks. Risk management: Lead the information security risk management program, including identification, assessment, mitigation, and monitoring of information security risks across all systems, applications, and operations. Policy and procedure … information security awareness and training programs for all employees, ensuring Mayden's culture strongly embeds security at its core. Supplier security assurance: Implement and manage a robust supplier security risk assurance framework, assessing and monitoring the security posture of suppliers, partners, and subcontractors who handle company or patient data. Regulatory compliance and audit: Support the Data Protection Officer in … monitoring operations: Support and oversee the day-to-day security monitoring operations, including log analysis, threat intelligence, and SIEM management. Leadership and mentoring: Provide strong leadership to the governance, risk and compliance team and mentor the professional growth and development of security staff. Threat intelligence: Stay up to date with the latest cyber security threats, vulnerabilities, technologies, and best More ❯

of a significant programme, during which you will ensure that the product and associated deliverables are as secure as reasonably practicable, and in accordance with customer's requirements and risk appetite. You will be supported in this role as part of a larger consulting team, engineers and product domain specialists. Your work at Leonardo UK will see you take … and detailed system and security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with More ❯

lead the operational and strategic security programme for a respected organisation headquartered in central Bristol. This hybrid role offers the opportunity to shape the company's approach to information risk and resilience, while managing a skilled internal team and driving alignment with industry standards and best practice. Reporting to the Head of Security & Governance , the successful candidate will play … a central role in delivering risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with … broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation More ❯

bid submissions comply with the stipulated guidelines and regulations, and conduct thorough quality checks to maintain the standard of proposal content, including accurate pricing, service offerings, and contract terms. Risk Assessment & Due Dilligence: Conduct risk assessments of potential bids and tenders, identifying and evaluating potential risks and developing mitigation strategies to minimize any potential negative impacts on More ❯

root-cause analysis of significant variances and trends. Strategic & Business Planning Support: Partner with business leaders to align financial planning with strategic goals. Evaluate mergers, acquisitions, and investment opportunities. Risk Assessment & Compliance: Ensure financial practices align with external regulations and internal policies Assess risk exposure in financial forecasts and develop proactive mitigation strategies. Stakeholder Communication: Present financial More ❯

mitigating system vulnerabilities. Automation Skills Proficiency in security automation using scripting tools like Python or PowerShell. Frameworks & Compliance Familiarity with ISO 27001, NIST 800-53, Cyber Essentials, and GDPR. Risk Management Strong grasp of risk assessment methodologies and security control frameworks. Communication Able to communicate technical concepts clearly to both technical and non-technical stakeholders. Project Management More ❯

mitigating system vulnerabilities. Automation Skills - Proficiency in security automation using scripting tools like Python or PowerShell. Frameworks & Compliance - Familiarity with ISO 27001, NIST 800-53, Cyber Essentials, and GDPR. Risk Management - Strong grasp of risk assessment methodologies and security control frameworks. Communication - Able to communicate technical concepts clearly to both technical and non-technical stakeholders. Project Management More ❯

mitigating system vulnerabilities. Automation Skills – Proficiency in security automation using scripting tools like Python or PowerShell. Frameworks & Compliance – Familiarity with ISO 27001, NIST 800-53, Cyber Essentials, and GDPR. Risk Management – Strong grasp of risk assessment methodologies and security control frameworks. Communication – Able to communicate technical concepts clearly to both technical and non-technical stakeholders. Project Management More ❯

infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while … of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels of the organization Ability to contribute in a collaborative environment Communication … the impact of risks Technical Systems Proficiency: Security Management Tools (email filtering, vulnerability scanning tools, security dashboards, etc.) Cloud security management tools like CNAPP, CSPM, CWPP, and CIEM. Security risk assessment methodology (EBIOS RM) Security Requirement Definition and Review Travel Required: 10-15% Domestic and International We thank all applicants for applying. Only selected applicants will be contacted. More ❯

certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure … traceability between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface … cybersecurity engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. More ❯

certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure … traceability between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface … cybersecurity engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. More ❯

certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure … traceability between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface … cybersecurity engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. More ❯

certification artefact production aligned to EASA and UK CAA expectations. Lead the development and review of cybersecurity documentation, including the PSecAC (Airworthiness Security Process Plan), PASRA (Preliminary Aircraft Security Risk Assessment), ASAM (Aircraft Security Architecture Model), and Security Verification Methods. Provide input into the AWSP frameworks, including the tailoring of compliance checklists, activity outcomes, and document templates. Ensure … traceability between security risk assessments, controls, and compliance objectives across the aircraft systems and software architecture. Coordinate the development of cybersecurity methods and processes, contributing to their alignment with recognised standards. Engage with DAG's internal stakeholders, including engineering, safety, and systems integration teams, to embed cybersecurity into the design and certification lifecycle. Act as the primary technical interface … cybersecurity engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. More ❯

The role includes project performance reporting and decision-making to ensure customer satisfaction, with support and guidance readily available. The ideal candidate will excel in resource coordination, budget management, risk assessment, and stakeholder engagement. You will have customer service experience, handle demanding situations effectively, and manage complex military service projects. Applicants can include experienced service delivery managers, new … Primavera, bids, RFQs, and SOWs Experience with defence/military customers and MoD processes Familiarity with Royal Navy Sensor Systems, Integrated Logistic Support, and complex project finance Skilled in risk/opportunity management and improving customer performance Proven leadership in recovering underperforming projects Effective team leader who adapts under pressure and multitasks Builds trust through confident communication and stakeholder More ❯

Product Owner who thrives on driving innovation in complex, data-rich environments? Want to work at the cutting edge of insurance technology with a team shaping the future of risk assessment and underwriting? We're working with a fast-growing, tech-led business looking for a Product Owner to join a collaborative and high-performing team. This role More ❯

whom you will be expected to provide guidance and support as appropriate What you need to succeed Knowledge of, and experience in highway design, drainage strategy and design, flood risk assessment and management, utility design and planning as well as a good working knowledge of the Development Industry The ability to produce infrastructure masterplans, site appraisals, technical reports More ❯

but rapidly expanding business where you'll work alongside experienced engineers, taking projects from initial concept through to detailed design. You'll gain hands-on experience in preparing flood risk assessments, developing drainage strategies, and designing highway alignments, while having the chance to manage your own small schemes with client-facing responsibility. This forward-thinking consultancy provides expert services … the ideal role for a proactive engineer looking to progress their career, take on more responsibility, and contribute to the success of a dynamic team. The Role Prepare Flood Risk Assessments for a range of development projects Assist in the development of drainage strategies using Microdrainage or Flow modelling software Support highway alignment design using Causeway PDS software Prepare … engineering role BEng/MEng in Civil Engineering or HNC (required) Experience using Microdrainage, Flow, or Causeway PDS software Key Words: Assistant Infrastructure Engineer, Civil Engineering, Drainage Design, Flood Risk Assessment, Highway Design, Microdrainage, Flow, Causeway PDS, S278, S38, S104, Bristol, Consultancy, Flexible Working REFERENCE: BBBH 21162 We are an equal opportunities employer and welcome applications from all More ❯

to deliver and embed business transformation Contributing to governance and transition checkpoints throughout project delivery Assessing the success of transformation efforts and adjusting interventions as needed Supporting ongoing reporting, risk assessment, and governance activity Main Skills Needed: Proven Business Analysis experience across IT transformation programmes Strong knowledge of ITIL frameworks and service management principles Comfortable working in agile More ❯

brokers, MGAs, and insurers in managing complex operations efficiently and compliantly. Morning Data is proud to be part of Verisk, a global leader in insurance technology, data analytics, and risk assessment . As part of the Verisk family, we combine deep industry knowledge with world-class technology to drive innovation and deliver real impact for our clients worldwide. More ❯

stakeholder requirements into detailed system specifications with full traceability. Collaborate closely with software and hardware teams on interface and integration requirements. Apply ISO 26262 principles: conduct HARA (Hazard Analysis & Risk Assessment), define safety goals, and support safety case development. Define and execute validation plans , including simulation, bench testing, and vehicle testing for dynamic performance, fail-safe operation, and More ❯

and reporting issues to first-line and senior management. Natural problem-solver with structured approach to problem solving in a technical environment. Strong knowledge of Health and Safety requirements, Risk Assessment, COSHH and SDS. Significant experience with data acquisition and control systems. Technical expertise and significant experience of test facility operations and system under test preparation. Computer literate More ❯

Bristol. Essential Experience & Skills: experience in cost engineering Background in defence, either through previous industry roles or military service. Strong grounding in statistics and its application to cost modelling, risk analysis, and parametric forecasting. Familiarity with business case development, trade-off analysis, and cost-benefit evaluations for stage gate or approval processes. Hands-on experience with various estimation techniques … data, and pricing strategy in estimate development. Track record of building cost models that meet rigorous independent scrutiny and validation standards. Competence in uncertainty modelling and cost/schedule risk assessment methodologies. Involvement in competitive bidding activities (e.g., PQQs, ITTs, ITNs). Willingness to travel to various client locations throughout the UK. More ❯

security incidents. Improve customer service. Enhance HMRC security culture. HMRC Securitys vision is: 'Our vision is to equip HMRC with the tools, skills, capability, and experience to understand business risk, protect assets and deliver critical services to the UK." Key to delivering this vision is an Enterprise-wide Security Strategy that; Provides a stable base for good security decision … and policies of teams responsible for business strategy delivery. Lead and direct HMRC Security Front Door team balancing the running or the service with improving the service. Champion operational risk analysis, using this information to embed security by design into transformation at the pre-Business Case stage. Ensuring HMRC Security influences/informs strategic business thinking decisions by having … government security strategy working groups. Briefing and presenting to the Chief Security Officer and senior stakeholders on HMRC Security Strategy and Performance matters. Horizon scanning, pre-Discovery and impact assessment to inform the HMRC response to emerging Enterprise level security threat and strategies. Building investment cases, including financial cases and impact assessments, and submission through governance of Enterprise Level More ❯

security incidents. Improve customer service. Enhance HMRC security culture. HMRC Securitys vision is: 'Our vision is to equip HMRC with the tools, skills, capability, and experience to understand business risk, protect assets and deliver critical services to the UK." Key to delivering this vision is an Enterprise-wide Security Strategy that; Provides a stable base for good security decision … and policies of teams responsible for business strategy delivery. Lead and direct HMRC Security Front Door team balancing the running or the service with improving the service. Champion operational risk analysis, using this information to embed security by design into transformation at the pre-Business Case stage. Ensuring HMRC Security influences/informs strategic business thinking decisions by having … government security strategy working groups. Briefing and presenting to the Chief Security Officer and senior stakeholders on HMRC Security Strategy and Performance matters. Horizon scanning, pre-Discovery and impact assessment to inform the HMRC response to emerging Enterprise level security threat and strategies. Building investment cases, including financial cases and impact assessments, and submission through governance of Enterprise Level More ❯