6 of 6 Permanent Risk Register Jobs in the Thames Valley

Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the … to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers … for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance More ❯

SLAs, quality gates, secure access, and code ownership. Manage engineering/infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering execution across distributed in-house and outsourced teams. Champion 24/7/365 platform operations with SLAs … capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity/authorisation, privacy … management, and privacy by design. Ability to partner with product and legal teams on security trade-offs and customer due diligence. Skilled in agile delivery, quarterly planning, dependency/risk management, and quality assurance. Ability to drive predictable delivery, manage technical debt, and continuously improve engineering velocity. Strong financial acumen: managing engineering/cloud budgets, AWS FinOps, and tracking More ❯

security excellence. Salary - £65,000 per annum Location - South East Key Responsibilities - Act as the primary security advisor to clients or stakeholders - Lead regular security reviews and maintain the risk register and exception process - Ensure services align with relevant security frameworks and demonstrate compliance through clear reporting and metrics - Own the organisation's security posture ensuring tools, processes More ❯

new clients to streamline their transition. Actively resolve any operational roadblocks and ensure that all integration steps are completed efficiently. Oversight of post-completion issues including working to resolve risk register issues to protect the assets we have acquired. 2.Operational & Administrative Oversight Coordinate and execute operational tasks such as accounting consolidation, office and car lease terminations, and other More ❯

IR readiness, and regulatory requirements relevant to SMBs (e.g., HIPAA, PCI-DSS, GDPR nuances as applicable). Customer engagement and discovery: Conduct customer workshops, requirements gathering, current-state assessments, risk analyses, ROI/tco analysis, and roadmaps that translate business outcomes into concrete IT capabilities. Commercial ownership: Collaborate with sales on proposal development, scoping, pricing constructs, RFP/RFI … responses, and executive-level communications; create compelling business cases grounded in the value of reduced downtime, improved productivity, and scalable future-state architectures. Governance and risk management: Define program governance, risk registers, milestone plans, and success metrics; ensure alignment with customer expectations and Teceze delivery standards. People and skills development: Mentor delivery teams on solutioning methods, best practices More ❯

compliance with leading frameworks (Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor translating complex risks into clear business outcomes. Internally, you'll own our security frameworks, guide improvement across tools and teams, and ensure … compliance through measurable posture metrics and ongoing development. Key Responsibilities Lead client Quarterly Security Reviews (QSRs) covering vulnerabilities, incidents, compliance, and risk registers. Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, and NIST . Ensure secure deployment and … shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent certifications. Experience More ❯