1 to 25 of 392 Permanent Risk Assessment Jobs in the UK

Chief Operating Office of Markets, responsible for the design and implementation of Markets wide frameworks and practices that are integral and fundamental to the franchise's Operational and Compliance Risk Management. The Governance & Control group covers: 1) Control Framework; 2) Governance of Legal Vehicles and Products; 3) Regulatory Compliance; 4) Strategy and Transformation. As part of the Control Framework … group leads the oversight of the MCA Framework to ensure that best practices are employed across Markets and assist management in the monitoring and management of operational and compliance risk for the franchise. The MCA Framework group is a centralized team specializing in: designing and implementing standard solutions to meet policy and regulatory requirements and provide management with the … modified processes to review through the appropriate governance routines and launch with adequate controls which can be monitored and reported. Collaborates with Markets stakeholders and 2nd Line of Defense Risk Stripe SMEs in the documentation and drafting of process flows, risks-controls to show compliance with internal policies and laws, rules and regulations. Provides a comprehensive view of front More ❯

a key aspect of the maturing IT organisation but something that can be hard to achieve when relying on collective responsibility. This role will demonstrate clear ownership for EITS Risk and Controls and deliver ongoing management of policies, procedures, risk reviews and a quarterly plan to address specific actions in this area. This is important to ensure consistency … across all areas of the EITS department, that controls remain active and up to date and we align to Enterprise Risk governance. Role Context The role is flexible in terms of location with remote (working from home within the UK) working available on a hybrid basis, attending the office as required by the role. Main Responsibilities The Risk … any relating incidents and work with Leadership and Management to ensure these are integrated with wider EITS process. Working across the EITS organisation, supported by EITS Leadership, responsibilities include: Risk Management Framework: Develop and implement a comprehensive risk management framework that aligns with the organizations strategic goals and objectives. This will be aligned to COBIT but also take More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

the role Manage commercial activities for complex multi-domain bids. In a support role to sales, create structure and negotiate commercial and financial structure of bids with minimal residual risk, to address customer needs as well as Orange Business financial and business objective, in conjunction with policy requirements. Key accountabilities Advisor with significant experience and ability to support structuring … presentations to internal and external executives. In support of Sales, and in coordination with Legal, Finance and Solutions teams, create, structure and negotiate (internally and externally) commercial, financial and risk structure of bids from qualification through to customer proposal submission, negotiation and contract signature. In support of commercial structure inclusive of: Customer & Opportunity discovery & assessment including due diligence … flow-up; Heads of Agreements/MOU/LOI ; Technology refresh; Termination & termination liability; Penalties and liabilities; Governance model; Migration planning; Change management Key result/decision areas (outcomes) Risk is understood and mitigated through design and negotiation of business terms and conditions, and linked to the business case. Clearly presented overview of pricing and commercial terms to customers More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. Manager, Technology Risk & Control oversees the identification, assessment, and mitigation of technology risks within the technology resilience space by conducting thorough risk evaluations, developing risk management strategies, and ensuring … improve the organization's technology resilience stance. Partners with external teams and third parties to identify opportunities to improve the technology resilience posture Prepares and presents detailed resilience related risk management reports and documentation to senior leadership and stakeholders, providing clear and accurate records of risk assessments, mitigation actions, and compliance status Provides key inputs in training and … of global technology standards and applicable regulations Advanced knowledge of technology control domains such as Technology Resilience, Security Governance & Operations, IT General Controls, and Cloud Security Proficiency in enterprise risk management with an emphasis on operational risk management and technology risk Key requirements Operational Resilience Disaster Recovery Understanding of regulatory environment Technology Risk Experience Controls Regulations More ❯

IT Risk Specialist - 5 days onsite in Farnborough - SC cleared preferred - £60-65k base plus benefits Our client who specialises in defence and national security is seeking a dedicated Risk Specialist to join their IT business. If you do not currently hold an SC clearance you will need to have resided in the UK for the last … years with no more than 1 month out of the country at a time. In this role, you will be responsible for creating and implementing a comprehensive risk management process. Your mission will be to develop robust risk management policies, establish effective ways of working, and drive training initiatives across the organisation. You will play a pivotal role … in safeguarding their IT operations by identifying, assessing, and mitigating risks in a rapidly evolving technological environment. Key Responsibilities: Risk Management Framework: Design and implement a comprehensive risk management framework tailored to their operations. This includes developing risk assessment methodologies, defining key risk indicators, and establishing reporting mechanisms. Policy Development: Draft, refine, and enforce risk More ❯

MCS Group is seeking a Cyber Security Third Party Risk Management Lead to join their client, a thriving and well-established organisation with headquarters in Dublin. This position is a 12 month Fixed Term Contract into permanency as is standard in the organisation. With multiple projects in the pipeline and a growing team, this is a fantastic opportunity for … an experienced Risk Management professional to join a successful team in a newly created position. The Third-Party Risk Management (TPRM) Lead will be responsible for designing, implementing, and overseeing a robust third-party risk management programme. This role ensures that all external vendors, suppliers, and partners align with the organisation's security, compliance, and operational risk … across procurement, legal, IT, the cyber team, and other business units, the TPRM Lead will assess, monitor, and mitigate third-party risks. This position is part of a growing risk management function, playing a key role in safeguarding the organisation against external threats. The successful candidate will be afforded public sector benefits - increased holidays, fantastic pension and unmatched job More ❯

materials Supporting workshop delivery and client meetings Conducting research and analysis Client Engagement Support Typical activities include: Leading client workshops such as security strategy sessions, Cloud security architecture reviews, Risk assessment workshops, technology evaluation sessions. Producing client materials including, Security assessment reports, technical architecture diagrams, implementation roadmaps and project status updates. Conducting security assessments by gathering and …/security experience in the Defence Sector Demonstrable experience of one or more of the following areas: MoD Security GRC/Assurance Processes: Secure by Design and RMADs/Risk Assessment Cloud security architecture documentation, s ecurity controls mapping and c ompliance checking automation MoD Cyber Operations: SOC tool evaluation support, SIEM use case development, Metrics and reporting … frameworks, and Technology integration assessment. Cyber Vulnerability Investigations Identity & Access: IAM architecture reviews, p rivileged access solutions, authentication technology assessment, and Zero Trust implementation planning OT Security OT Risk Assessment/Assurance and OT Vulnerability Management Key Strengths Detail-oriented with a strong focus on quality Well-organised and committed to developing customer service skills Enthusiastic about More ❯

Overview At Solus, we believe that strong governance and a proactive approach to risk are essential to delivering excellence. As a Risk & Compliance Analyst, you'll play a key role in shaping how we manage risk, uphold compliance, and embed a culture of accountability across the business. This is a fantastic opportunity to grow your career in … a supportive, forward-thinking environment where your voice will be heard. Responsibilities Risk Management Promote risk awareness and help colleagues integrate risk thinking into everyday activities. Maintain the Risk Register and Risk Universe, ensuring risks are clearly owned, mitigated, and monitored. Facilitate risk evaluation meetings, control assessments, and action planning. Work with Risk & Control Owners to improve internal controls and ensure risks remain within tolerance. Log and manage risk events and issues, escalating and resolving them in a timely manner. Support project and IT change initiatives with risk oversight. Contribute to the annual Risk Survey, Company Risk Assessment, and resilience planning. Compliance & Governance Oversee company policies and More ❯

Overview At Solus, we believe that strong governance and a proactive approach to risk are essential to delivering excellence. As a Risk & Compliance Analyst, you'll play a key role in shaping how we manage risk, uphold compliance, and embed a culture of accountability across the business. This is a fantastic opportunity to grow your career in … a supportive, forward-thinking environment where your voice will be heard. Responsibilities Risk Management Promote risk awareness and help colleagues integrate risk thinking into everyday activities. Maintain the Risk Register and Risk Universe, ensuring risks are clearly owned, mitigated, and monitored. Facilitate risk evaluation meetings, control assessments, and action planning. Work with Risk & Control Owners to improve internal controls and ensure risks remain within tolerance. Log and manage risk events and issues, escalating and resolving them in a timely manner. Support project and IT change initiatives with risk oversight. Contribute to the annual Risk Survey, Company Risk Assessment, and resilience planning. Compliance & Governance Oversee company policies and More ❯

Services. The business partners withinstitutional investorstoenhance their portfolio returns through intrinsic value securities lending, liquidity management, and collateral optimization. Citi's key strengths include unsurpassed global branch network, robust risk management, real-time controls, product innovation, dynamic reporting, and market thought leadership. What you'll do: Lead the Risk Assessment of new and existing business products and … drive changes when needed. Monitor industry trends and articulate Citi's position to Senior Management. This includes providing ongoing updates to Chief Risk Officer's, Product Managers and Sr. Management related to Fraud trends, forecast, performance and opportunities. Identify new tools, vendors and capabilities to mitigate current fraud and anticipated changes/shifts in fraud tactics. Develop strategic vision … of work-streams, customer communication and detection capabilities. The position requires substantial interaction and collaboration with Policy, Operations, and other functional business partners to optimize Fraud needs Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations More ❯

As a Risk and Controls Oversight Senior Lead in First Line, you'll be responsible for providing expert oversight on FinancialCrimeandResilience . You'll play a critical role in ensuring our risk management practices are strong, effective, and always in compliance of risk and control management frameworks. You'll also act as a key bridge between the … Customer & Digital Team, Chief Operating Office (CCO), second and third-line risk partners, and other stakeholders. In this role, you'll develop and assess risk appetite, lead conversations on risk acceptance, ensure controls are designed and assessed properly, resolving any gaps and improving the control environment. You'll also ensure ongoing monitoring of controls to keep the … business audit ready, embed proactive risk management culture, assessing new business initiatives and leveraging tools KRIs and risk dashboards. You'll stay on top of market trends and emerging risks, driving continuous education based on internal and external themes and lessons learnt. You'll be responsible for ensuring compliance with relevant laws and regulations, preparing and enhancing governance More ❯

re enabling a zero carbon, lower cost energy future for all, andworking hard to decarbonise the planet for generations to come. About the role This is an information security risk and compliance-based role, reporting intothe Head of InfoSec, Governance, Risk and Compliance via the OT Risk andCompliance Manager. You'll be part of the Information Security … Governance,Risk and Compliance Team (IGRC) but will work closely but with a wide varietyof business stakeholders including Engineering and Security teams cross-functionally. You'll leadon all aspects of security risk management activity across the Group, butparticularly in respect to our OT environments. This role will also assist inthe delivery of Security Policy, Data Classification, and Compliance … and regulatory requirements across the Group. The role willdeliver against the business strategy, the technical roadmap and the objectivesset out in the Security strategy. Responsibilities include: -Defining of Security risk assessment schedules, providing oversight to otherauthorised risk practitioners, conducting risk assessments, and maintainingaccurate security risk records and risk reports. -Ensuring controls and risk More ❯

re enabling a zero carbon, lower cost energy future for all, andworking hard to decarbonise the planet for generations to come. About the role This is an information security risk and compliance-based role, reporting intothe Head of InfoSec, Governance, Risk and Compliance via the OT Risk andCompliance Manager. You'll be part of the Information Security … Governance,Risk and Compliance Team (IGRC) but will work closely but with a wide varietyof business stakeholders including Engineering and Security teams cross-functionally. You'll leadon all aspects of security risk management activity across the Group, butparticularly in respect to our OT environments. This role will also assist inthe delivery of Security Policy, Data Classification, and Compliance … and regulatory requirements across the Group. The role willdeliver against the business strategy, the technical roadmap and the objectivesset out in the Security strategy. Responsibilities include: -Defining of Security risk assessment schedules, providing oversight to otherauthorised risk practitioners, conducting risk assessments, and maintainingaccurate security risk records and risk reports. -Ensuring controls and risk More ❯

re enabling a zero carbon, lower cost energy future for all, andworking hard to decarbonise the planet for generations to come. About the role This is an information security risk and compliance-based role, reporting intothe Head of InfoSec, Governance, Risk and Compliance via the OT Risk andCompliance Manager. You'll be part of the Information Security … Governance,Risk and Compliance Team (IGRC) but will work closely but with a wide varietyof business stakeholders including Engineering and Security teams cross-functionally. You'll leadon all aspects of security risk management activity across the Group, butparticularly in respect to our OT environments. This role will also assist inthe delivery of Security Policy, Data Classification, and Compliance … and regulatory requirements across the Group. The role willdeliver against the business strategy, the technical roadmap and the objectivesset out in the Security strategy. Responsibilities include: -Defining of Security risk assessment schedules, providing oversight to otherauthorised risk practitioners, conducting risk assessments, and maintainingaccurate security risk records and risk reports. -Ensuring controls and risk More ❯

re enabling a zero carbon, lower cost energy future for all, andworking hard to decarbonise the planet for generations to come. About the role This is an information security risk and compliance-based role, reporting intothe Head of InfoSec, Governance, Risk and Compliance via the OT Risk andCompliance Manager. You'll be part of the Information Security … Governance,Risk and Compliance Team (IGRC) but will work closely but with a wide varietyof business stakeholders including Engineering and Security teams cross-functionally. You'll leadon all aspects of security risk management activity across the Group, butparticularly in respect to our OT environments. This role will also assist inthe delivery of Security Policy, Data Classification, and Compliance … and regulatory requirements across the Group. The role willdeliver against the business strategy, the technical roadmap and the objectivesset out in the Security strategy. Responsibilities include: -Defining of Security risk assessment schedules, providing oversight to otherauthorised risk practitioners, conducting risk assessments, and maintainingaccurate security risk records and risk reports. -Ensuring controls and risk More ❯

Interim Technology focused risk management 3-6 month contract Remote based Role Summary: We are seeking an experienced Technology Risk Consultant on a 3–6 month contract to establish and embed a more structured and effective approach to managing technology and cyber-related risks across our telecommunications services business.This hands-on role is ideal for a proactive and … independent risk professional who can assess the current environment, identify key gaps, and design and implement a practical, scalable risk management framework tailored to the needs of a complex, high-availability telecom services environment. Key Deliverables: Technology Risk Framework Design & Implementation: Review existing risk management structures, policies, and practices within Technology and Network functions. Design a … fit-for-purpose Technology Risk Management Framework that aligns with business needs and industry standards (e.g. ISO 27001, NIST, COBIT). Develop practical tools such as risk registers, heatmaps, control libraries, and risk assessment templates. Stakeholder Engagement & Knowledge Transfer: Work closely with internal stakeholders to understand current risks and control environment. Facilitate risk workshops and More ❯

compliance with international standards, and fostering a culture of security awareness. You'll work closely with IT, compliance, and executive teams to align security measures with business objectives. Responsibilities Risk Assessment: Conduct thorough risk assessments to identify vulnerabilities, threats, and potential impacts on information security. Strategy Development: Develop and implement risk management strategies, policies, and procedures … degree in Computer Science, Information Security, or a related field; Master's degree preferred. Experience: Minimum of 7 years in information security with at least 3 years in a risk management role. Certifications: Preferably CISSP, CISM, or CRISC. Additional certifications in risk management are advantageous. Skills: Strong understanding of cybersecurity frameworks, risk assessment methodologies, and compliance … requirements. Excellent analytical, strategic planning, and decision-making skills. Ability to communicate complex security concepts to non-technical stakeholders. Proficient in using risk management tools and technologies. Personal Attributes: Proactive, detail-oriented, with a strong ethical compass and leadership abilities. Health & Wellness: Comprehensive health insurance, including dental and vision, plus wellness programs. Professional Development: Continuous learning opportunities through workshops More ❯