1 to 25 of 91 Permanent Risk Assessment Jobs in the UK excluding London

bonus and benefits Hybrid working available (3 days in the office) Our client, a dynamic and rapidly growing UK-based EMI FinTech Payments firm, is seeking an experienced Enterprise Risk Analyst to support their Head of Risk. This is a focused Enterprise Risk Analyst role dedicated entirely to the Second Line of Defence (2LOD), centred on embedding the … firm’s Governance, Risk, and Compliance (GRC) model. You will be instrumental in the day-to-day operation of the ERM framework, ensuring risk is managed consistently and strategically across the entire business. Duties of the Enterprise Risk Analyst to include: Risk Register Management: Own the central Risk Register , ensuring all key risks (Strategic, Financial … Operational, and Compliance) are accurately identified, assessed, and maintained. Risk Assessment Cycle: Facilitate and manage the formal Risk and Control Self-Assessment (RCSA) process across all business units. Control Framework: Maintain and evolve the company’s Risk Control Framework , ensuring controls are effective and aligned with the established risk appetite. Residual Risk Analysis More ❯

a month at 23:59 BST. The Vacancy POSITION OVERVIEW: This role sits within the 2nd Line of defence, where you will lead and support the business, managing cyber risk and information protection positions effectively. Protecting the business from security threats, by identifying risks and developing appropriate risk migration plans. Providing senior leadership with independent assurance of their … cyber risk and information protection posture. The role will work collaboratively with 1st Line cyber team to ensure business assurance plans are shared and the requirements of 2nd Line are understood. You will also take the lead in delivering a defined list of cyber assurance reviews, projects, and initiatives as well as achieving the cyber assurance and compliance related … objectives. You will also help shape the City cyber security strategy for data security, monitoring and reporting, risk and threat assessment, incident response, business continuity and disaster recovery. PRINCIPAL TASKS AND RESPONSIBILITIES Monitor & Review Contribute and maintain the current information security risk management framework, articulate risk in business terms, identify appropriate mitigation measures and drive their More ❯

Primary Details Time Type: Full time Worker Type: Employee The purpose of this role is to enhance risk assessment and decision-making processes through the provision of advanced risk modelling analytics. This is achieved through engaging with business stakeholders to define requirements and combining this Accumulation Management expertise and knowledge of data sets. Senior Cyber Risk … as a leading resource on cyber accumulations, providing expert guidance and insights to internal teams and external stakeholders. Collaborate with Global Cyber team other divisional stakeholders to develop effective risk mitigation strategies and optimize risk management processes. Collect, validate, and analyse large datasets related to cyber risks, ensuring data accuracy and reliability. Present findings in a clear and … QBE’s proprietary view of risk. Work closely with cross-functional teams, including Global Cyber team, underwriting, actuarial, and claims, to ensure a holistic understanding of the company's risk landscape. Communicate effectively with external stakeholders, including reinsurers and regulatory bodies, to maintain transparency and compliance with industry standards. Stay abreast of the latest developments in cyber modelling, risk More ❯

in moving to the beautiful county of Derbyshire, we can provide a generous relocation package of up to £8,000 and the key duties are: Provide psychiatric assessments, including assessment of risk to self and others. Manage patients under the care of the CAMHS Crisis and Liaison pathway including risk assessment and management. Liaison with community More ❯

supporting our Central Government client who are seeking a Cyber Security Advisor on an initial 8 contract Service Location: Glasgow (Hybrid) Essential Skills Experience of cyber security analysis and assessment, including threat identification, risk assessment, evaluation of technical controls, and assessment against industry standards Experience of engaging, advising and influencing at all levels of an organisation More ❯

supporting our Central Government client who are seeking a Cyber Security Advisor on an initial 8 contract Service Location: Glasgow (Hybrid) Essential Skills Experience of cyber security analysis and assessment, including threat identification, risk assessment, evaluation of technical controls, and assessment against industry standards Experience of engaging, advising and influencing at all levels of an organisation More ❯

Responsibilities Clearance Operational Support: Oversee and execute the screening, onboarding, review and data transfer requests fulfillment across all businesses within Citi as defined in rules provided by Independent Compliance Risk Management (ICRM). Discuss, implement and operationalize new country privacy and regulatory changes impacting the cross-border transfer process as advised by Country ICRM. Quality Assurance: Perform regular reviews … Contribute to Data Enablement Process: Provide support and guidance to the business in the execution of the transformational data enablement process to streamline, standardize and simplify global program related risk assessment questionnaires by driving efficiency through organizing questions into logical groups and reducing redundancies. Target State Process Model Implementation: Support the design and implementation of the target state … operational model for the Data Transfers Office, contributing to projects and initiatives to drive consistency and reduce risk in DTO processes. Team Collaboration: Lead, mentor, and train a high-performing team responsible for execution, coordination, and control adherence, fostering accountability, excellence and continuous improvement. Process Implementation & Enhancements: Assist in the implementation of a scalable and efficient operating model aligned More ❯

EAR Part-IS, CAA requirements, and emerging aviation security standards. This position requires deep expertise in cybersecurity frameworks, aviation security requirements, and the ability to balance innovation with robust risk management in our fast-paced, cutting-edge environment. Essential Experience: Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries … of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards Experience with industrial control systems security, particularly in safety-critical environments Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments Technical Expertise: Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, aviation-specific standards) Experience with security architecture design … aviation-specific cybersecurity standards Lead cross-functional security initiatives across engineering, operations, and certification teams Provide security expertise to support ZeroAvia's certification programmes with FAA, CAA, and EASA Risk Management & Compliance: Conduct comprehensive cybersecurity risk assessments specific to aviation systems and hydrogen-electric propulsion technologies Ensure compliance with EASA EAR Part-IS regulations and UK aviation cybersecurity More ❯

think innovatively, and listen to each other and customers in meaningful ways. Moody's is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we're advancing AI to move from insight to action—enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock … APIs Formulation and delivery of automated test coverage solutions Supporting documentation Internal and external presentations About The Team Asset Management, a division of Moody's, provides intuitive, user-friendly risk analytics and reporting for the pensions and investment market. Through our award-winning, customizable risk management solutions, our clients can identify, evaluate and manage risk while effectively … investment opportunities. The PFaroe Wealth product suite delivers a flexible framework that provides extensive coverage of a wide range of investments to provide transparency into a portfolio's exposure, risk and performance. Based in Edinburgh, the PFaroe Wealth team is looking for a talented, motivated individual to join the software development department. This will be a hybrid internship with More ❯

IT Security, Data, Governance, Risk & Compliance (GRC) specialist to £95,000 plus excellent bonus and benefits package Security & Data Governance management, Risk & Compliance Strong stakeholder management experience ISO27001, NIST, GDPR, Data Governance frameworks Operational effectiveness, risk, compliance, policies, testing procedures Working alongside IT Security, Technology teams globally 3 days per week in the London office, occasional travel … is urgently seeking an experienced Data Governance & Security specialist to work in a small team alongside the IT Security and Technology teams to continue to develop and manage the Risk and Compliance requirements across the business. You will have a background in Financial Services and good Project Management skills to work alongside their internal IT Security and Technology teams … to develop, lead and control the governance and regulatory reporting required across the business. 1st line of defence - laws, compliance, risk, IT governance, security, data Work across various business functions to ensure compliance and risk assessment Implement industry best practices - ISO27001, GDPR etc Update senior stakeholders across the Group This is an outstanding opportunity for someone who More ❯

administrative tasks to help teams save time and use this for more value-added work. ***Preference will be given to internal Trust staff, as well as 'Priority' and 'At Risk' status including NHS At Risk staff throughout Devon who are able to display recent relevant experience as dictated by the Person Specification.*** Main duties of the job The … successful candidate will assist the Trust in the development, delivery and maintenance of cost-effective, risk-controlled, robust, reliable, responsive and secure automation solutions, primarily through the use of cloud-based automation tools, and software, with the aim to assist the organisation in eliminating paper and improving efficiency. The post holder's primary function is to operationally support the … 12. To keep abreast of team plans and all aspects of the automation development lifecycle. 13. Identify the most appropriate course of action to take based on technical knowledge, risk assessment, previous experiences and user requirements. 14. Organise/support with internal team meetings to track progress, project meetings, conduct project proposals and feasibility reviews 15. Deliver projects More ❯

of policy, standards, and procedures. Lead the collection, analysis, and presentation of InfoSec performance metrics, and prepare briefings for senior leaders on studies and plans. Analyse data from security assessment tools and systems, identify process inefficiencies, and contribute innovative solutions to improve security and efficiency across projects and initiatives Personal Specification: The below criteria will be scored during Shortlisting … S&I). Essential A professional certification (eg, CISM, CISSP, CompTIA Security+, CCSP or AWS certification). Degree in a related subject or relevant comparable education. Solid experience with risk assessment methodologies and vulnerability management processes, including relevant tooling. (S&I) Excellent analytical, problem-solving, and decision-making skills, with strong attention to detail. (I) Proficient in communicating More ❯

Job Overview: Experience of risk management and controls, applying risk principles to challenging business situations. Develop and implement comprehensive management strategies. Guide teams and foster a culture of security within the organisation. Conduct thorough risk assessment and identify potential cyber security weaknesses in projects. Articulate security controls, policies and procedures in a language which the Business More ❯

Job Overview: Experience of risk management and controls, applying risk principles to challenging business situations. Develop and implement comprehensive management strategies. Guide teams and foster a culture of security within the organisation. Conduct thorough risk assessment and identify potential cyber security weaknesses in projects. Articulate security controls, policies and procedures in a language which the Business More ❯

Job Overview: Experience of risk management and controls, applying risk principles to challenging business situations. Develop and implement comprehensive management strategies. Guide teams and foster a culture of security within the organisation. Conduct thorough risk assessment and identify potential cyber security weaknesses in projects. Articulate security controls, policies and procedures in a language which the Business More ❯

an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security policies, standards, and procedures Report … security talent Experience/Skills Required Managing security for cloud-first environments specifically Microsoft Azure Implementing Security Operations Centres (SOC) and automated security monitoring Collaborate with the third-party risk management and vendor security programmes Experience with DevSecOps practices and secure software development lifecycle (SDLC) Proven leadership experience in information security within financial services Deep understanding of regulatory and … record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and business More ❯

of policy, standards, and procedures. Lead the collection, analysis, and presentation of InfoSec performance metrics, and prepare briefings for senior leaders on studies and plans. Analyse data from security assessment tools and systems, identify process inefficiencies, and contribute innovative solutions to improve security and efficiency across projects and initiatives Personal Specification: The below criteria will be scored during Shortlisting … S&I). Essential A professional certification (e.g., CISM, CISSP, CompTIA Security+, CCSP or AWS certification). Degree in a related subject or relevant comparable education. Solid experience with risk assessment methodologies and vulnerability management processes, including relevant tooling. (S&I) Excellent analytical, problem-solving, and decision-making skills, with strong attention to detail. (I) Proficient in communicating More ❯

ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation … stakeholder communication skills, both written and verbal * Ability to build effective working relationships and influence at all levels * Comfortable working independently and proactively across teams Desirable: * Experience in supplier risk management and/or tender processes * ISO 27001 Lead Auditor/Implementer, PCIP, CISM, CompTIA Security+, or CISMP certification What you get in return: * Up to £50,000 per More ❯

accounts and access. Implementation: Lead the deployment and configuration of PAM solutions, such as CyberArk, BeyondTrust, or other relevant technologies, ensuring they are properly integrated with existing IT infrastructure. Risk Assessment and Management: Conduct regular risk assessments related to privileged access, identifying potential security risks and vulnerabilities, and developing mitigation strategies. Governance and Compliance: Ensure that PAM More ❯

of key technology risks and change projects. Additionally, you will work with the Head of Audit, Technology for our Ireland and Germany based businesses to ensure effective consideration of risk and coverage of shared infrastructure. You will also need excellent stakeholder skills with an ability to communicate across all levels of Canada Life with clarity and confidence working effectively … audit plan. Provide thought leadership around technology and change audit delivery including innovation of audit approaches to improve quality and speed of audit delivery. Support the CIA in the risk assessment and planning process ensuring effective coverage across key CLUK technology risks and change projects. Proposing plan changes to respond to changes in the risk profile and … business assurance needs. Proactively assess and communicate current state of risks and controls in technical areas such as zero trust (IAM), cloud risk, data security, software security, vulnerability management, supply chain security, cyber risk, analytics, breach handling and investigations, and security testing. Reviewing audit engagements ensuring delivery is to the required quality and efficiency standards as set by More ❯

financial, market, and competitive analysis). • Assist in structuring, modelling, and documenting transactions. • Prepare investment committee memos and materials. • Help manage and monitor existing portfolio companies, including reporting and risk assessment. • Research emerging technology and life sciences trends across Europe. • Maintain pipeline data and generate regular deal flow and market reports. Requirements • Strong academic track record with a More ❯

fresh out of college or a seasoned salesperson, we live the motto that we uphold for our customers: our people are our most valuable assets. As the Information Security Risk Manager & Data Protection Officer, you will be responsible for maintaining a corporate-wide, global information risk management program and information security compliance function. Working closely with the business … compliance as we prepare for certification Comfortable managing compliance processes and working cross-functionally to meet security standards Strong knowledge of information security protocols and procedures Proficiency in information risk assessment and compliance Experience in technology environments, and cloud-based SaaS environments Strong stakeholder management and reporting skills Technically savvy Experience working closely with cloud, cyber, and engineering … in line with the business aspirations Review, implement, and test business continuity plan and policy Manage technical and business stakeholders to achieve compliance and information security goals Perform proactive risk assessments and internal process audits Work with internal teams and stakeholders to manage risks, find solutions, and resolve issues Work with external auditor for the regular auditing activities Vendor More ❯

SPICE (ASPICE) process framework, including systems engineering, software engineering, coding, and all levels of functional testing. Beyond core development, ESS also integrates critical supporting processes such as project management, risk assessment, functional safety, and cybersecurity, ensuring compliance with ASPICE standards and delivering reliable, secure, and high-quality embedded systems & solutions. The Role: We are seeking a seasoned Project More ❯

of key technology risks and change projects. Additionally, you will work with the Head of Audit, Technology for our Ireland and Germany based businesses to ensure effective consideration of risk and coverage of shared infrastructure. You will also need excellent stakeholder skills with an ability to communicate across all levels of Canada Life with clarity and confidence working effectively … 2. Provide thought leadership around technology and change audit delivery including innovation of audit approaches to improve quality and speed of audit delivery. 3. Support the CIA in the risk assessment and planning process ensuring effective coverage across key CLUK technology risks and change projects. Proposing plan changes to respond to changes in the risk profile and … business assurance needs. 4. Proactively assess and communicate current state of risks and controls in technical areas such as zero trust (IAM), cloud risk, data security, software security, vulnerability management, supply chain security, cyber risk, analytics, breach handling and investigations, and security testing. 5. Reviewing audit engagements ensuring delivery is to the required quality and efficiency standards as More ❯

and ongoing relationship management. + Manage global contracts for hardware, software, SaaS, IaaS, and professional IT services. + Collaborate with Legal and Finance teams to ensure contractual compliance and risk mitigation. Financial Oversight + Define, track, and report on IT procurement KPIs, savings, and budget adherence. + Support forecasting, budgeting, and cost optimization initiatives across the IT department. Stakeholder … ears of Group CFO on spend related items and participate in the Group Investment Approval Committee + Engage with regional stakeholders to understand local requirements while maintaining global standards. Risk & Compliance + Ensure procurement practices meet regulatory, legal, and ethical standards globally. + Implement processes for license compliance, vendor risk assessment, and cybersecurity alignment. Required Qualifications & Experience More ❯