1 to 25 of 52 Permanent Risk Register Jobs in the UK excluding London

bonus and benefits Hybrid working available (3 days in the office) Our client, a dynamic and rapidly growing UK-based EMI FinTech Payments firm, is seeking an experienced Enterprise Risk Analyst to support their Head of Risk. This is a focused Enterprise Risk Analyst role dedicated entirely to the Second Line of Defence (2LOD), centred on embedding the … firm’s Governance, Risk, and Compliance (GRC) model. You will be instrumental in the day-to-day operation of the ERM framework, ensuring risk is managed consistently and strategically across the entire business. Duties of the Enterprise Risk Analyst to include: Risk Register Management: Own the central Risk Register , ensuring all key risks … Strategic, Financial, Operational, and Compliance) are accurately identified, assessed, and maintained. Risk Assessment Cycle: Facilitate and manage the formal Risk and Control Self-Assessment (RCSA) process across all business units. Control Framework: Maintain and evolve the company’s Risk Control Framework , ensuring controls are effective and aligned with the established risk appetite. Residual Risk Analysis More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

Cyber Security Risk Manager required to join a globally recognised SaaS company in Edinburgh, leading the governance, risk, and compliance (GRC) function and helping shape cyber security strategy in a cutting edge environment. The Company This is a modern, globally recognised SaaS company operating at the forefront of data analytics. Their datasets are relied upon by clients to … confident decision making in complex markets. Security is integral to the company's operations, safeguarding platforms, data, and users against evolving cyber threats. The business is currently enhancing its risk management program, providing a unique opportunity to shape processes, influence strategy, and drive tangible results. You'll join a collaborative and transparent team that values open communication, shared success … and measurable impact. The Role As Cyber Risk Manager, you will lead the maturity and execution of the governance, risk, and compliance (GRC) function. You will ensure the business has clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk More ❯

Cyber Security Risk Manager required to join a globally recognised SaaS company in Edinburgh, leading the governance, risk, and compliance (GRC) function and helping shape cyber security strategy in a cutting edge environment. The Company This is a modern, globally recognised SaaS company operating at the forefront of data analytics. Their datasets are relied upon by clients to … confident decision making in complex markets. Security is integral to the company's operations, safeguarding platforms, data, and users against evolving cyber threats. The business is currently enhancing its risk management program, providing a unique opportunity to shape processes, influence strategy, and drive tangible results. You'll join a collaborative and transparent team that values open communication, shared success … and measurable impact. The Role As Cyber Risk Manager, you will lead the maturity and execution of the governance, risk, and compliance (GRC) function. You will ensure the business has clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk More ❯

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 Months We are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and … transparent third-party risk management framework. Key Responsibilities: Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure. Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners. Review and negotiate security and data protection clauses within contracts, including breach … security standards, and regulatory obligations, escalating non-conformance where required. Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication. Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators. Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks. What You Will Ideally Bring: Deep More ❯

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 Months We are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and … transparent third-party risk management framework. Key Responsibilities: Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure. Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners. Review and negotiate security and data protection clauses within contracts, including breach … security standards, and regulatory obligations, escalating non-conformance where required. Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication. Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators. Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks. What You Will Ideally Bring: Deep More ❯

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 Months We are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and … transparent third-party risk management framework. Key Responsibilities: Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure. Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners. Review and negotiate security and data protection clauses within contracts, including breach … security standards, and regulatory obligations, escalating non-conformance where required. Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication. Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators. Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks. What You Will Ideally Bring: Deep More ❯

Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the … to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers … for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance More ❯

in Computer Science, Cybersecurity, or a related field. *Postgraduate qualification in an IT-related subject. *Professional certifications such as CISSP, CompTIA Security+, or equivalent. *Experience with governance frameworks and risk management tools. Key Responsibilities *Operate and maintain security systems including firewalls, antivirus, intrusion detection/prevention, and authentication platforms. *Monitor system logs and network traffic to identify suspicious activity … forensic investigations. *Develop and maintain security protocols, policies, and procedures. *Conduct vulnerability assessments and recommend mitigation strategies. *Deliver cybersecurity awareness training and guidance to staff. *Maintain the information security risk register and support audit processes. *Collaborate with IT and operational teams to ensure secure system configurations. *Assist in compliance with frameworks such as the Data Security Protection Toolkit. … proud to be an equal opportunities employer. Keywords IT Security Specialist, Cybersecurity Analyst, SOC Analyst, Azure Security, Information Security, Firewalls, Intrusion Detection, Antivirus, ITIL, CISSP, Security Compliance, Vulnerability Management, Risk Register, Public Sector IT, Hybrid Role, Manchester Jobs, Security Awareness Training More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - 35,000 per annum base + benefits The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - £35,000 per annum base + benefits** The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health/Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management System … ISMS) in accordance with ISO27001 in a company that manages highly sensitive data. You will support the firm's governance, addressing areas of risk and supporting plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber … threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. Assessing security posture, identifying vulnerabilities, and developing mitigation strategies to manage enterprise-wide information security risks. Maintaining and enhancing the organisation's risk register and heat map, ensuring More ❯

the either the Vitality Bournemouth or London office. Full time, 35 hours per week. We are happy to discuss flexible working! Top 3 skills needed for this role: IT risk & compliance expertise – strong knowledge of controls and regulatory frameworks Capacity planning & performance monitoring – forecasting, optimisation, and tool usage Stakeholder communication – translating technical risks and influencing decisions What this role … is all about: As our IT Capacity and Risk Manager, you’ll play a pivotal role in ensuring our technology environment remains robust, compliant, and future-ready. Lead cross-team efforts to embed risk management and capacity planning, advancing IT operations and strategic goals with excellence and compliance.This is a high-impact role where you’ll translate complex … activities across infrastructure and applications Forecast resource needs based on business growth and usage trends Ensure systems meet SLAs without over-provisioning Identify performance bottlenecks and underutilised resources Governance & Risk Management Design and assess IT controls (e.g., access, change, application, general IT controls) Conduct gap analyses against different frameworks such as ISO 27001 Maintain and enhance the IT risk More ❯

ensuring a comprehensive purchase review is carried out by the team to ensure cost-effective and value add purchase on technological equipment, software, contracts and systems. Maintain the IT Risk Register, reporting to the Board any internal information security issues and incidents providing solutions and recommendations to resolution. Support the Board in the management of Group Risk on all IT related matters and report on risk levels and mitigation monthly. Skills & experience Extensive experience in IT, ideally have experience of operating at strategic level and reporting up to Board level Worked in a complex IT environment which is solution focussed Experience of leading large complex IT projects in a fast-paced environment Strong leadership and … written communication skills including the ability to explain technical concepts and technologies to senior leaders including non-technical members of staff Good understanding of data privacy (GDPR) governance and risk management activities and how this influences IT and business operations Excellent understanding of the Microsoft eco-system, particularly M365, D365 F&O, Power Suite & Fabric Proven experience with Data More ❯

staff members. We care for approximately 1.5 million people annually, including over 200,000 emergency cases. Leeds Teaching Hospitals is committed to our process of redeploying 'at risk' members of our existing workforce to new roles. As such, all our job adverts are subject to this policy and we reserve the right to close, delay or remove adverts while … jobholder will be responsible for the design and creation of robotic process automation (RPA) solutions and for the integration of these into, and between, existing systems. Providing cost-effective, risk-controlled, robust, reliable, responsive and secure automation solutions, this role will support clinical and corporate transformation needs to assist the organisation in delivering its strategy. The jobholder will be … Ensure the RPA processes meet the required performance standards. Ensure that unplanned variation in service delivery (activity, income, expenditure, capacity, performance) is identified and appropriate, timely action taken. 10. Risk Management and Governance Work collaboratively with colleagues to ensure that effective governance arrangements and performance management systems are in place. Work collaboratively with colleagues to ensure that all risks More ❯

IT Risk and Policy (GRC) Analyst Permanent - Up to £38k + strong benefits Location: Hybrid - Leatherhead Your new company A leading construction and development company in Surrey is currently looking for an IT Risk and Policy (GRC) Analyst to come in and support the existing IT Risk & Policy Manager with the day-to-day tasks involved with … role is full-time, with a hybrid working pattern, usually around 2/3 days a week in the office. Your new role You will be supporting the IT Risk & Policy Manager across a broad variety of work, with the ability to gain a lot of different experience across multiple areas. The Analyst is responsible for managing IT risks … and governance aspects, with a focus on standards and regulations, whilst ensuring collaboration across the business to ensure strong IT practices are put in place. Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. More ❯

IT Risk and Policy (GRC) Analyst Permanent - Up to 38k + strong benefits Location: Hybrid - Leatherhead Your new company A leading construction and development company in Surrey is currently looking for an IT Risk and Policy (GRC) Analyst to come in and support the existing IT Risk & Policy Manager with the day-to-day tasks involved with … role is full-time, with a hybrid working pattern, usually around 2/3 days a week in the office. Your new role You will be supporting the IT Risk & Policy Manager across a broad variety of work, with the ability to gain a lot of different experience across multiple areas. The Analyst is responsible for managing IT risks … and governance aspects, with a focus on standards and regulations, whilst ensuring collaboration across the business to ensure strong IT practices are put in place. Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. More ❯

security health checks Provide expert advice and guidance on all cyber security related matters and ensure the wider technology teams are engaged and supported Manage and drive the security risk register Ensure our suppliers and vendors are appropriately assessed against our security controls frameworks and comply with our security standards and any certification claims Promote a culture of … Excellent written and verbal communication skills with the ability to translate technical speak into easy to understand noncomplex language Able to engage with senior leaders to promote, and enable risk based decision making Working Hours 09.00 - 17.30 Monday- Friday Apply for this position Full Name Email Phone Upload CV/Resume Allowed Type(s): .pdf, .doc, .docx By using … this form you agree with the storage and handling of your data by this website. Register with us and one of our experienced iPeople recruits will let you know when the perfect job becomes available. Do you know someone you think would be perfect for one of our job vacancies? Subscribe to get notifications when new job openings are More ❯

SLAs, quality gates, secure access, and code ownership. Manage engineering/infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering execution across distributed in-house and outsourced teams. Champion 24/7/365 platform operations with SLAs … capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity/authorisation, privacy … management, and privacy by design. Ability to partner with product and legal teams on security trade-offs and customer due diligence. Skilled in agile delivery, quarterly planning, dependency/risk management, and quality assurance. Ability to drive predictable delivery, manage technical debt, and continuously improve engineering velocity. Strong financial acumen: managing engineering/cloud budgets, AWS FinOps, and tracking More ❯

make sure everyone is aligned. Collaborate with teams across the business (and directly with customers) to bring clarity, focus, and momentum. Build and manage detailed project plans, timelines, and risk registers. Run engaging project sessions — from kick-offs and stand-ups to retrospectives and reviews. Report progress and insights clearly to senior leadership, keeping communication sharp and transparent. Coordinate More ❯

aspects are actively driven. Document actions and follow up with individuals in between meetings. Escalate where appropriate. Report progress of the STB to other governance meetings. Regional IT Governance & Risk: Develop the regional IT delivery processes, in line with the DDaT Guardrails, to ensure all IT delivery in the Region complies with this National standard, Own and coordinate the … review of the Regional IT risk register, ensuring mitigation actions are implemented and issues are escalated to the STB andother relevant regional governance meetings. Essential Job Skills, Experience and Qualifications Excellent communication skills and the ability to develop relationships with a wide range of key stakeholders up to Director and Executive level Demonstrable experience in leading the formulation More ❯

data, and operations across a growing organisation. Key responsibilities:* Design and implement security policies and procedures aligned with ISO 27001, NIST, and other recognised frameworks. * Manage the information security risk register and lead internal and external audits. * Oversee incident response, including investigation, containment, and recovery. * Conduct vendor security assessments and review contractual security requirements. * Lead day-to-day More ❯

ideal for someone who thrives in a fast-paced, multi-contract environment. Key Responsibilities Lead delivery of MOD projects across multiple contracts, producing and maintaining high-quality documentation (PMPs, risk registers, schedules). Maintain oversight of all active projects, ensuring alignment with contractual scopes and internal service readiness. Act as a key contact for technical issue resolution and service More ❯

Cyber Security Lead to drive cybersecurity across a family of independent specialist schools. You will take ownership of protecting staff, students, and data, coordinating with multiple MSPs, managing cyber risk, monitoring threats, and embedding robust security practices across the organisation. Key Responsibilities: Act as the central point for all cybersecurity matters and incident response. Maintain the cybersecurity risk register and lead Cyber Essentials certification. Oversee Microsoft 365 and Google Workspace security, including vulnerability management, patching, MFA, and email security. Coordinate security audits, penetration tests, and third-party application reviews. Manage and monitor MSP performance, ensuring consistent security standards. Promote cybersecurity awareness, provide guidance, and support staff training. Report on cyber incidents, risks, and improvements to senior More ❯