26 to 50 of 120 Risk Assessment Jobs in England

will be essential, to actively go out and discover items of potential interest to the team, ensuring that there is collaboration between the architects, SOC engineers and analysts, and risk managers to deliver a documented risk-based response to the present and future of anything that may be found. Main responsibilities As Cyber Threat and Vulnerability Manager your … day-to-day role will involve the need to:?? Working with the Security Leadership team to develop a strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program. Line management of the threat and vulnerability management team. Building sustainable relationships to champion the adoption of vulnerability and threat management, compliance, and penetration testing program across … the department's systems, networks, and applications. Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.?? Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.??? Development and maintenance of actionable key performance and risk indicators (KPI's & KRI's More ❯

by assessing the risks associated with third-party vendors and internal projects, identifying vulnerabilities, and recommending appropriate mitigation strategies. You’ll work closely with cross-functional teams — including IT, Risk & Compliance, Procurement, and Project Management — to ensure adherence to security frameworks and continuous improvement of the firm’s information security governance. Role Responsibilities: Security Risk Assessment Evaluate … security risks associated with internal projects and third-party vendors, considering factors such as security, privacy, and compliance. Conduct and document vendor risk assessments in line with the firm’s ISMS and governance frameworks. Identify vulnerabilities, assess potential threats, and recommend proportionate mitigation or acceptance strategies. Information Security Governance Ensure compliance with internal security policies, standards, and procedures for … with procurement teams to evaluate and manage security risks associated with vendors. Review and assess vendor security documentation, such as questionnaires, audits, and certifications, to evaluate their security posture. Risk Management & Compliance Apply structured risk management principles to identify, prioritise, and manage information security risks. Collaborate with senior stakeholders, project managers and technical teams, to identify and assess More ❯

by assessing the risks associated with third-party vendors and internal projects, identifying vulnerabilities, and recommending appropriate mitigation strategies. You’ll work closely with cross-functional teams — including IT, Risk & Compliance, Procurement, and Project Management — to ensure adherence to security frameworks and continuous improvement of the firm’s information security governance. Role Responsibilities: Security Risk Assessment Evaluate … security risks associated with internal projects and third-party vendors, considering factors such as security, privacy, and compliance. Conduct and document vendor risk assessments in line with the firm’s ISMS and governance frameworks. Identify vulnerabilities, assess potential threats, and recommend proportionate mitigation or acceptance strategies. Information Security Governance Ensure compliance with internal security policies, standards, and procedures for … with procurement teams to evaluate and manage security risks associated with vendors. Review and assess vendor security documentation, such as questionnaires, audits, and certifications, to evaluate their security posture. Risk Management & Compliance Apply structured risk management principles to identify, prioritise, and manage information security risks. Collaborate with senior stakeholders, project managers and technical teams, to identify and assess More ❯

EAR Part-IS, CAA requirements, and emerging aviation security standards. This position requires deep expertise in cybersecurity frameworks, aviation security requirements, and the ability to balance innovation with robust risk management in our fast-paced, cutting-edge environment. Essential Experience: Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries … of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards Experience with industrial control systems security, particularly in safety-critical environments Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments Technical Expertise: Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, aviation-specific standards) Experience with security architecture design … aviation-specific cybersecurity standards Lead cross-functional security initiatives across engineering, operations, and certification teams Provide security expertise to support ZeroAvia's certification programmes with FAA, CAA, and EASA Risk Management & Compliance: Conduct comprehensive cybersecurity risk assessments specific to aviation systems and hydrogen-electric propulsion technologies Ensure compliance with EASA EAR Part-IS regulations and UK aviation cybersecurity More ❯

you! Position Overview: As a Technical Business Analyst, you will play a pivotal role in leading the technical implementation of Process Unity while ensuring alignment with procurement workflows and risk management objectives. Your expertise in business/systems analysis, particularly within the banking or financial services sector, will be invaluable as you navigate the complexities of third-party risk … and configuration. Key Responsibilities: Lead the Charge: Drive the technical implementation of ProcessUnity, ensuring seamless integration with procurement workflows. Bridge the Gap: Act as the IT representative between vendors, risk business, and internal technology teams. Gather Insights: analyse and document technical and non-functional requirements, translating them into detailed Technical Requirements Documents (TRDs). Collaborate & Facilitate: Work closely with … for solution design, configuration, testing, and deployment. Define Interfaces: Manage system interfaces between ProcessUnity and other enterprise platforms, ensuring smooth data flow. Vendor Support: Assist in vendor onboarding and risk assessment processes to enhance procurement operations. Engage Stakeholders: Drive consensus across Procurement, Risk, Compliance, and IT, ensuring project alignment. Communicate Effectively: Provide updates to senior stakeholders and More ❯

you! Position Overview: As a Technical Business Analyst, you will play a pivotal role in leading the technical implementation of Process Unity while ensuring alignment with procurement workflows and risk management objectives. Your expertise in business/systems analysis, particularly within the banking or financial services sector, will be invaluable as you navigate the complexities of third-party risk … and configuration. Key Responsibilities: Lead the Charge: Drive the technical implementation of ProcessUnity, ensuring seamless integration with procurement workflows. Bridge the Gap: Act as the IT representative between vendors, risk business, and internal technology teams. Gather Insights: analyse and document technical and non-functional requirements, translating them into detailed Technical Requirements Documents (TRDs). Collaborate & Facilitate: Work closely with … for solution design, configuration, testing, and deployment. Define Interfaces: Manage system interfaces between ProcessUnity and other enterprise platforms, ensuring smooth data flow. Vendor Support: Assist in vendor onboarding and risk assessment processes to enhance procurement operations. Engage Stakeholders: Drive consensus across Procurement, Risk, Compliance, and IT, ensuring project alignment. Communicate Effectively: Provide updates to senior stakeholders and More ❯

About SPS: Special Projects and Services Limited (SPS) is a UK-based security and risk management company founded in 1991. Operating globally, SPS provides crisis response, risk assessment, medical operations support, and project management in high-risk or complex environments. Known for its expertise in global assistance and specialist security operations, SPS was acquired by Concentric … in 2025, strengthening its position as a trusted provider of integrated risk and crisis management solutions. Overview: You will support the delivery of IT services across the UK business, assisting with technical support, device management, and ongoing tech ops projects. This role provides structured, hands-on training in IT systems administration, cyber security, and compliance, contributing to the smooth More ❯

process information and make actionable recommendations. What you will do: Create high-quality, clear, actionable, "must-have research" content in Audit Planning and Risk. Specific focus areas will include Risk assessment and audit planning, risk trends and audit response, aligned assurance, and IT Audit. Research, analyze and predict internal audit trends and shifts and provide clients with More ❯

of over 140 across London, Toronto, New York and Singapore. We have achieved scale by building the best-in class surveillance tooling, where our analytics bring the front office risk mindset to the compliance function. Though we have developed in the trade surveillance arena, we have always been more than that. At heart, we are a finance focused big … s leading financial markets analytics platform. The Role We are seeking a Head of Information Security to join our team in London and lead our cybersecurity strategy and manage risk across our corporate estate. You can expect to work closely with our Engineering and Infrastructure teams to effect change through our organisation, as well as customer facing teams such … the development, implementation, and continuous improvement of information security practices across all teams Manage regular pentests by external consultants and coordinate with internal resources to remediate issues Information security risk assessment of third party service providers Offer guidance, direction and approval on security solutions and approaches Advocate for secure engineering best practices throughout the company Manage the standards More ❯

of our clients Product Security Engineering teams, supporting the delivery and through-life management of secure submarine systems and products. As a key focal point for security and information risk, you'll apply deep technical expertise to ensure that solutions are designed, delivered, and supported securely, safely, and in compliance with contractual and regulatory requirements. You'll provide subject … policies, and best practices across major defence programmes. Key Responsibilities Provide expert advice on Product Security to engineering and project teams. Analyse system architectures to identify threats, vulnerabilities, and risk mitigation strategies. Develop and manage Product Security analysis using recognised risk assessment techniques. Contribute to the development of Product Security strategies, policies, and guidance. Recommend and present … programmes and provide technical leadership to junior engineers. Support incident management and contribute to key project documentation including RMADS, Security Strategies, and accreditation evidence. Key Deliverables & Accountabilities Delivery of Risk Management Accreditation Document Sets (RMADS) and associated security documentation. Ensuring compliance with contractual and regulatory security requirements. Providing specialist input to verification, qualification, and design review processes. Contribution to More ❯

organisations navigate complex business challenges with confidence. With a strong presence in the UK, we partner with companies across industries to deliver best-in-class advisory services in accounting, risk, cyber security, technology, and business transformation. We pride ourselves on combining technical expertise with a practical, hands-on approach, helping our clients strengthen resilience, meet regulatory requirements, and stay … ahead in an increasingly digital and risk-driven landscape. Technical and Domain Experience: · Conduct cybersecurity maturity and risk assessment and for clients. · Practical experience implementing security controls, in areas such as MDR, IAM, Network Security, Cloud Deployments. · Advise clients on cybersecurity strategy, metrics and reporting for various levels of stakeholders, including Audit Committees and Board of Directors. … Build risk management practices for clients, including policies, procedures, Risk Register, etc. · Previous experience as a systems administrator, systems engineer, or security analyst. · Understanding of operating system hardening principles, network design principles, and systems security. · Guide clients in establishing cybersecurity policies, standards, and procedures. · Manage cybersecurity training & awareness services for clients from design to implementation. · Understanding of security More ❯

tools and technologies such as SIEM (Splunk), vulnerability management (Tenable), and PAM Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST), as well as asset management and risk assessment solutions It would be a real bonus if you have: Master's degree in Computer Science, Information Security, or a related field Experience or understanding of SOC More ❯

standards and lifecycle assurance within complex embedded or control software systems. Key Responsibilities Develop a full understanding of the software and its operational environment. Produce and maintain a Software Assessment Plan in line with BS EN 50716 requirements. Evaluate the conformity of the software process and deliverables to applicable standards and assigned SIL levels. Assess the competence of project … and inspections at appropriate development phases, including witnessing of testing activities. Identify, assess, and document any non-conformities or deviations from requirements, evaluating their safety impact. Ensure that the assessment plan is implemented and that all findings are clearly documented in a Software Assessment Report. Provide an independent professional judgment on the software's fitness for purpose, including … any constraints, assumptions, or risks. Maintain thorough assessment records and provide recommendations for improvement or risk control. Key Competencies & Experience : Proven technical competence in software engineering within a safety-critical or regulated domain (e.g. rail, automotive, aerospace, medical, industrial). In-depth understanding of BS EN 50716, BS EN 50128, and/or BS EN 50657. Experience in More ❯

various stakeholders to foster a security-conscious culture. Key Deliverables: Align the business' security stance to comply with ISO 27001and Cyber Essentials Plus, or in accordance with the Cyber Assessment Framework Improve the Cyber Awareness within the company via communications, Cyber Awareness training and monitoring of Staff compliance Enhance and maintain a high Microsoft 365 secure score by implementing … Microsoft advisories Identify, assess, and mitigate security risks to the organisation's data and infrastructure Oversee the creation and document management of polices and standards Complete a full assessment of all third-party applications Provide regular security reports to the CISO as required Advise the CISO, IT Team and the wider business on matters relating to cyber security Skills … environments, including the ability to assess third-party platforms, suppliers, and software for security risks Proven experience in developing and implementing information security policies, procedures, and controls. Familiarity with risk assessment methodologies and tools Regulated background essential Experience in managing information security incidents and conducting investigations Excellent communication and interpersonal skills, with the ability to effectively collaborate with More ❯

company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data poisoning, model … AWS, GCP, Azure), container security, and zero-trust networks. Harden DevSecOps pipelines to ensure secure software delivery. Collaborate with engineering teams to integrate security by design into products. Compliance & Risk Management Ensure regulatory compliance with GDPR, SOC2, ISO, PCI-DSS, and crypto-specific frameworks. Lead risk assessments for third-party vendors and service providers. Work with legal and More ❯

sensitive in nature. These include but not limited to front to back(f2b), multi-entity, multi-business area impacting initiatives. In addition these may be high budget, high change risk projects, along with multi-year duration - potentially structured as a programme with multiple project workstreams. Projects may include combination of strategic business change, regulatory, and IT components - so close … other senior members of team to help drive BOW. Contribute to IPC, EDF & Other forums - delivery and continuous improvement of the forum which ensures project delivery assurance of high risk, high profile projects in order to provide visibility and alignment across MUFG EMEA, Securities International and support the Deputy Regional Executive in achieving the EMEA/International Strategy and … individual Function Medium Term Business Plans ("MTBP").") goals. Chair the Risk Assessment Forum (RAF) and ensure the RCSA is maintained across all teams in CTO, engaging with team owners to ensure it is up to date and adequate control frameworks are in place for each sub-function. Post Blue Day 2, provide a six month warranty period More ❯

financial services is essential. Experience designing Target Operating Models or strategic business blueprints at programme or enterprise level (not just project level). Deep understanding of the Compliance and Risk landscape, including: Policy and control frameworks Risk assessment and monitoring Investigations, sanctions, and anti-financial crime The Three Lines of Defence model Strong knowledge of business architecture … deliverable for the next stage of programme execution. Act as a trusted advisor during implementation, ensuring designs are translated into practical, scalable solutions. Support stakeholder engagement across senior compliance, risk, and technology leaders, ensuring buy-in for the proposed operating model. Designing the Target State Business Architecture for EMEA, including capability maps, operating models, and value streams. Collaborating with … Technology, Data Architects, Compliance, and Risk SMEs to develop a holistic design that aligns with business strategy. Recommending a comprehensive roadmap to implement the Target State, balancing business outcomes, costs, and risks. Supporting project teams to ensure alignment with the Target State Business Architecture. Leading best practises in business design and process engineering to enhance operational efficiency. Your Key More ❯

financial services is essential. Experience designing Target Operating Models or strategic business blueprints at programme or enterprise level (not just project level). Deep understanding of the Compliance and Risk landscape, including: Policy and control frameworks Risk assessment and monitoring Investigations, sanctions, and anti-financial crime The Three Lines of Defence model Strong knowledge of business architecture … deliverable for the next stage of programme execution. Act as a trusted advisor during implementation, ensuring designs are translated into practical, scalable solutions. Support stakeholder engagement across senior compliance, risk, and technology leaders, ensuring buy-in for the proposed operating model. Designing the Target State Business Architecture for EMEA, including capability maps, operating models, and value streams. Collaborating with … Technology, Data Architects, Compliance, and Risk SMEs to develop a holistic design that aligns with business strategy. Recommending a comprehensive roadmap to implement the Target State, balancing business outcomes, costs, and risks. Supporting project teams to ensure alignment with the Target State Business Architecture. Leading best practises in business design and process engineering to enhance operational efficiency. Your Key More ❯

financial services is essential. Experience designing Target Operating Models or strategic business blueprints at programme or enterprise level (not just project level). Deep understanding of the Compliance and Risk landscape, including: Policy and control frameworks Risk assessment and monitoring Investigations, sanctions, and anti-financial crime The Three Lines of Defence model Strong knowledge of business architecture … deliverable for the next stage of programme execution. Act as a trusted advisor during implementation, ensuring designs are translated into practical, scalable solutions. Support stakeholder engagement across senior compliance, risk, and technology leaders, ensuring buy-in for the proposed operating model. Designing the Target State Business Architecture for EMEA, including capability maps, operating models, and value streams. Collaborating with … Technology, Data Architects, Compliance, and Risk SMEs to develop a holistic design that aligns with business strategy. Recommending a comprehensive roadmap to implement the Target State, balancing business outcomes, costs, and risks. Supporting project teams to ensure alignment with the Target State Business Architecture. Leading best practises in business design and process engineering to enhance operational efficiency. Your Key More ❯

financial services is essential. Experience designing Target Operating Models or strategic business blueprints at programme or enterprise level (not just project level). Deep understanding of the Compliance and Risk landscape, including: Policy and control frameworks Risk assessment and monitoring Investigations, sanctions, and anti-financial crime The Three Lines of Defence model Strong knowledge of business architecture … deliverable for the next stage of programme execution. Act as a trusted advisor during implementation, ensuring designs are translated into practical, scalable solutions. Support stakeholder engagement across senior compliance, risk, and technology leaders, ensuring buy-in for the proposed operating model. Designing the Target State Business Architecture for EMEA, including capability maps, operating models, and value streams. Collaborating with … Technology, Data Architects, Compliance, and Risk SMEs to develop a holistic design that aligns with business strategy. Recommending a comprehensive roadmap to implement the Target State, balancing business outcomes, costs, and risks. Supporting project teams to ensure alignment with the Target State Business Architecture. Leading best practises in business design and process engineering to enhance operational efficiency. Your Key More ❯

and maintenance of policies, procedures, associated guidelines, tools and training. Contribute to the security life cycle activities (concept through release) including regulatory certification/qualification (i.e. - The Risk Management Framework, ED-202A/DO-326A, Secure By Design, IEC 62443, etc.) Collaborate with government, customers, suppliers, and industry experts to meet system and program requirements. … and secure such cyber-physical systems. Experience or interest in cybersecurity and cyber threats (ie - designing secure products, systems, and applications; intrusion detection; digital forensics; system recovery; risk assessment tools and methods; security solutions, policies, standards, and procedures, etc.). Knowledge and/or experience in applying Systems Security policies and standards to the … engineering of cyber-physical systems such as NIST SP (Apply online only), DO-326, UK Secure By Design, IEC 62443, the Risk Management Framework (RMF), and DoDI 5000.83. Excellent communications skills: able to influence without authority and describe complex ideas simply and succinctly to non-technical people. We are an equal opportunities employer. We More ❯

UKAS , ISO 17021-1 , and ISO 19011 principles. Support technical reviews, certification decisions, and internal auditor development. Maintain up-to-date knowledge of information security, data protection, and cyber-risk frameworks. Essential Qualifications and Experience Successfully completed an ISO/IEC 27001:2022 Lead Auditor course (IRCA-approved or equivalent). At least four years experience in information security … auditing. Proven track record conducting third-party ISO 27001 audits for a UKAS-accredited certification body. Strong working knowledge of Annex A controls , ISO/IEC 27002 , and ISMS risk assessment methodologies . Familiarity with ISO 17021-1 , ISO 19011 , and UKAS accreditation processes. Excellent written and verbal communication skills. Willingness and ability to travel across London and More ❯

Manager to join their growing team. The company specializes in providing data-driven insights that help financial institutions, including banks and mortgage lenders, make smarter decisions around property values, risk assessment, and market trends. Their products are central to supporting faster and more accurate decision-making, particularly when it comes to valuing properties and assessing risk without … applying data insights across various sectors in banking and financial services. What We're Looking For: 5-7 years of experience in analytics, ideally within financial services, mortgages, credit risk, or a related domain. Prior experience managing or mentoring a team, or a strong interest in stepping into a management role. Strong technical skills, including proficiency in Excel, SQL More ❯

support to our clients' offshore cable projects. You will act Technical Lead for our offshore cable routing scopes of work, leading GIS based route analysis and offshore Cable Burial Risk Assessment (CBRA) scopes of work. This will include mentoring of junior members of staff in these activities. You will take the lead in developing AtkinsRéalis' offshore cable routing … enhancement activities. Acting as a champion for offshore cable routing within AtkinsRéalis' Marine Geoscience team. Providing technical input to bids for subsea cable routing scopes. Input to Cable Burial Risk Assessments (CBRA) and Depth of Lowering Assessments. Routing of offshore and onshore cables using GIS based analysis. GIS based analysis of geophysical, geospatial and geotechnical data and data management. … working as part of a multi-disciplinary team. Experience of offshore cable routing using ArcGIS, Makai Plan or AutoCAD. Experience in analyzing geotechnical and geospatial data for Cable Burial Risk Assessments (CBRA), or Depth of Lowering (DoL) assessments. Excellent interpersonal and technical skills and the ability to work independently or as part of a team on subsea cables projects. More ❯

think innovatively, and listen to each other and customers in meaningful ways. Moody's is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we're advancing AI to move from insight to action-enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock … insight generation. Facility with SQL, data modelling, and data management tools. Ability to solve problems thoroughly, quickly, and creatively, with a keen eye for detail. Experience in litigation tracking, risk transfer solutions, and supporting customer adoption of analytics products. Basic understanding of artificial intelligence concepts, with curiosity and enthusiasm for learning how AI tools can be used to improve … processes and drive efficiency. Interest in exploring AI systems and a willingness to develop awareness of responsible AI practices, including risk management and ethical use. Education Master's degree or higher in a quantitative discipline (e.g., engineering, mathematics, physics, chemistry, economics, bioengineering, bioinformatics, or related field) plus significant relevant commercial experience. Bachelor's degree in a quantitative discipline plus More ❯