26 to 50 of 110 Risk Register Jobs in England

Contract type Permanent Contract Job summary We are seeking a proactive Information Security Specialist skilled in security operations, threat intelligence, and risk management. This role is crucial for maintaining robust security protocols, identifying vulnerabilities, and ensuring compliance with security standards. The ideal candidate will have a strong background in IT infrastructure security, preferably within financial institutions, experience with network … response activities including malware analysis and threat hunting. Collaborate with the CERT team in maintaining an up-to-date threat landscape and contributing to the incident response playbooks. Security Risk Management and Compliance Support the maintenance of the IT security risk register and assist with internal and external security audits. Contribute to security reporting and tracking security … risk indicators. Candidate criteria Minimal education level Bachelor Degree/BSc Degree or equivalent Academic qualification/Speciality CISSP or other relevant certifications (e.g., Network+, Security+, MCSP, CNA). Experience Proven experience in an information security role is essential. Required skills Dynamic, creative, and proactive. Committed to continuous learning and staying updated with the latest technologies. Ability to work More ❯

European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk, outsourcing compliance, and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience … DSS, and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements, including due diligence … planning. Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register, prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability More ❯

European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience … DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence … planning. Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability More ❯

European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience … DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence … planning. Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability More ❯

Contract type Permanent Contract Job summary We are seeking a proactive Information Security Specialist skilled in security operations, threat intelligence, and risk management. This role is crucial for maintaining robust security protocols, identifying vulnerabilities, and ensuring compliance with security standards. The ideal candidate will have a strong background in IT infrastructure security, preferably within financial institutions, experience with network … response activities including malware analysis and threat hunting. Collaborate with the CERT team in maintaining an up-to-date threat landscape and contributing to the incident response playbooks. Security Risk Management and Compliance Support the maintenance of the IT security risk register and assist with internal and external security audits. Contribute to security reporting and tracking security … risk indicators. Candidate criteria Minimal education level Bachelor Degree/BSc Degree or equivalent Academic qualification/Speciality CISSP or other relevant certifications (e.g., Network+, Security+, MCSP, CNA). Experience Proven experience in an information security role is essential. Required skills Dynamic, creative, and proactive. Committed to continuous learning and staying updated with the latest technologies. Ability to work More ❯

European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk, outsourcing compliance, and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience … DSS, and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements, including due diligence … planning. Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register, prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability More ❯

European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience … DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence … planning. Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability More ❯

European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience … DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures. Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA's outsourcing requirements , including due diligence … planning. Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability More ❯

SEO, CRO, accessibility, and performance. Manage scope, costs, and timelines of workstreams. Collaborate with the PMO Analyst and Resources Manager to align resource allocation with project milestones. Maintain a risk register and monitor delivery progress. Adhere to ISO standards to oversee quality and security of solutions delivered. Work with Sales & Client Services teams to identify new opportunities and … scope potential projects. Participate in pre-sales activities, including scoping, proposals, tenders, and client pitches. Review Statements of Work (SoWs) for accurate scoping and risk management. Engage actively in the CACI delivery community by sharing best practices, mentoring others, and continually improving delivery processes. Skills & Experience Experience delivering web-related projects for large government agencies or similar organizations, following … Laravel or equivalent). Experience managing software workstreams in an agile environment. Strong stakeholder engagement skills, capable of handling difficult situations and resolving conflicts. Commercial awareness, including budget tracking, risk management, and forecasting. Ability to build and lead high-performing teams with clear communication and collaboration. Eligibility for security clearance, requiring UK citizenship and residence in the UK for More ❯

drawings, and maintenance records, ensuring alignment with compliance and operational standards. * Contractor & Supplier Coordination Assist with contractor onboarding, scheduling, and engagement activities, including organising market engagement exercises as required. * Risk Management Support Coordinate risk workshops, manage updates to the operational risk register, and assist in preparing inputs for corporate reporting processes. * Steering & Review Processes Support the More ❯

councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate mitigation strategies. Oversee the planning and execution … thinking with a focus on continuous improvement, service excellence, and innovation. Experience managing teams (of varying experience, including apprentices), budgets and suppliers, and working in a high-profile, high-risk environment. Why Join ECC? At ECC, youll be part of a collaborative and ambitious organisation that values creativity, innovation, and excellence. Youll have the opportunity to make a real More ❯

patching, firewall configuration reviews and SIEM alerting. Hold our partners/suppliers to account for spend, performance and behaviour, including diversity within their teams. Maintain and input to the risk register in the technology service, documenting details of any or all risks and their progress to remediation or mitigation. Manage staff performance appropriately by providing constructive feedback and More ❯

patching, firewall configuration reviews and SIEM alerting. Hold our partners/suppliers to account for spend, performance and behaviour, including diversity within their teams. Maintain and input to the risk register in the technology service, documenting details of any or all risks and their progress to remediation or mitigation. Manage staff performance appropriately by providing constructive feedback and More ❯

and the systems to support the ongoing business. Complex query analysis and resolution including client queries & internal issues. Preparing and supporting the preparation, monitoring and reporting on the RCSA (risk & control self-assessment) for teams in the UK Private Banking unit (including Operations, SWP and Technology) feeding the SIEL firm wide RCSA. Responsibilities include: Supporting the development, monitoring and … maintenance of risk registers The development and analysis of key risk indicators Key control testing and assessment Monitoring and reporting of operational risk events Work closely with the business and control function to identify risks Undertake and report on operational risk trend analysis Plan, report and track remediation plans/actions related to gaps in RCSA … it meets the changing and growing demands of the business to ensure it remains fit for purpose Preparation of, or supporting the preparation of, root cause analysis of operational risk events within the Incident management reporting tool. Continually monitor process and procedures to ensure that appropriate controls are in place and are maintained at levels agreed with Management and More ❯

stakeholders and colleagues to prioritise delivery Liaise with internal specialist teams and clients to agree scope of work, timeframes, and costs Create and communicate project plans Develop supporting documentation & risk registers Work with lead developers to ensure task estimates are available and monitor progress against estimates Run stand-up meetings with the production team Ensure work is completed to More ❯

stakeholders and colleagues to prioritise delivery Liaise with internal specialist teams and clients to agree scope of work, timeframes, and costs Create and communicate project plans Develop supporting documentation & risk registers Work with lead developers to ensure task estimates are available and monitor progress against estimates Run stand-up meetings with the production team Ensure work is completed to More ❯

processes to detect weaknesses or vulnerabilities and drive improvements. Conduct scenario analysis and stress testing to evaluate organizational preparedness for disruptions and assess capital requirements. Prepare and deliver detailed risk reports regularly and as needed for senior leadership, risk committees, and regulatory bodies, highlighting trends and control effectiveness. Maintain the risk register, ensuring it is comprehensive … and aligned with the risk framework. Support reviews of the operational risk management framework to ensure industry and regulatory compliance. Assist in implementing and maintaining the governance framework to ensure regulatory and internal policy compliance. Requirements 3-5 years' experience in a 1st or 2nd line role within financial services, focusing on Operational Risk. Strong relationship-building skills. … Excellent written and verbal communication skills, with proficiency in Microsoft Office tools. Understanding of risk assessment methodologies and frameworks. Knowledge of Operational Risk capital requirement calculations or modeling. Excellent stakeholder management skills, with the ability to liaise across risk, compliance, and IT teams. What you will get in return: Competitive Salary: We reward your skills and talents More ❯

Job Description Description We have an exciting opportunity for a Risk Manager to join us on a permanent contract, based in Luton! (Hybrid Working) The IT Strategy & Architecture team provides leadership around easyJet's technology strategy, the evolution of our enterprise IT architecture, solution architectures for complex change, cybersecurity architecture, our federated technical architecture practice, and areas such as … end-to-end IT risk management. Reporting to the Head of IT Risk & Resilience, the Risk Manager is responsible for implementing, embedding and continuously improving easyJet's IT Risk Management practice. We work collaboratively with a broad range of colleagues and stakeholders at all levels (from the C-suite to the frontline) and focus on striking … a pragmatic balance between supporting in-flight initiatives and steering longer-term investment. What you'll be doing • Planning, designing and implementing the overall risk management process as part of the maturing IT Risk framework that is applied across easyJet IT. • Identifying, analysing and prioritising key areas of IT risk as well as articulating the impacts they More ❯

Security Risk & Compliance Specialist Department: 61-543 - Technology Operations - Technology Governance Employment Type: Fixed Term Contract Location: UK - Leeds Reporting To: Finlay Stannard Description Are you ready to take the challenge to educate all employees in a young and ambitious organisation about their role in making information security a core part of their modus operandi and conduct to appropriate … behaviour change? DAZN is looking to hire an experienced Head of Risk & Compliance to join their Technology Governance team as a Fixed Term 14-month maternity cover role. Leading a team role overseeing the global strategic implementation of DAZN information security management system (ISMS), the chosen candidate will be responsible for delivering annual workstream activities that form the ISMS … conformity with ISO27001. Managing and delivering annual workstreams for the successful completion of audits against ISO27001 and PCI DSS. Providing subject matter expertise within the area of information security risk, business continuity, and supplier risk management, including managing third party risk management activities. Maintain standards and procedures in relation to information security management. Work closely with DAZNs More ❯

Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant/IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will … and Features aligned with the relevant Legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master . Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities . Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. … CoCo, RAR, SSP, POAM, OSMP (including SyOps). . Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services . Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority . Escalate relevant security issues via More ❯

Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant/IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will … Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define … including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the More ❯

Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant/IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will … Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master * Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities * Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. * Define … including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). * Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services * Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority * Escalate relevant security issues via the More ❯

Project Manager with a strong consultancy background to lead and deliver complex Identity and Access Management (IAM) projects across enterprise-level environments. This role will involve managing change and risk frameworks, coordinating with internal and external stakeholders, and ensuring alignment with best practices (ITIL) and compliance with regulatory requirements (e.g., GDPR, SOX). Key Responsibilities: Lead the change management … IAM implementations across enterprise systems, ensuring minimal disruption and maximum adoption. Assess and mitigate risks associated with access management changes, ensuring secure, compliant, and effective solutions. Create and maintain risk registers, define controls, and track mitigation effectiveness through regular reporting. Develop and manage change management frameworks aligned with ITIL best practices to support technology and business transformation. Collaborate with … stakeholders to evaluate change impacts and secure alignment across business units. Monitor and ensure ongoing compliance with security policies, standards, and regulatory frameworks such as GDPR and SOX. Deliver risk assessments and change impact analyses to senior management and governance boards. Lead incident response and problem management activities related to IAM systems and service disruptions. Conduct and escalate commercial More ❯

process. Security: Maintain an understanding of the regulatory and compliance issues driving Sequel's ISMS; With leaders across the business, assist with the maintenance and management of Sequel's Risk Registers; Gain an understanding of the key information risks to the business (systems, networks, data, human error, cyber-attacks); Engage in information security audits, in support of the ongoing … analysis and troubleshooting; Working with external cloud and security providers; Cyber Security experience including resolving issues raised from external PEN testing; Analytical skills in monitoring, evaluating and reporting on risk scenarios; Strong report-writing skills both for policy management and for Team/Board reporting purposes; Communication skills: confidence and clarity in giving direction on information risk issues More ❯

visibility of dependencies and shared risks. Ensure project governance frameworks are adhered to, maintaining structured processes for approvals, escalations, and decision-making. Maintain up-to-date programme documentation, including risk registers, action logs, and workstream updates. Identify and drive continuous improvements in PMO processes to enhance programme delivery. Are you the right candidate? Proven experience in programme/project … PMO roles, ideally within a media, technology, or innovation-driven environment. Strong organisational and analytical skills, with the ability to track complex project dependencies across multiple workstreams. Experience in risk management, with the ability to identify and mitigate programme risks proactively. Exceptional stakeholder engagement and communication skills, ensuring senior leadership receives clear and concise updates. Experience in governance and … reasons and they will be given priority consideration ahead of other applicants. Priority consideration means for those employees seeking redeployment their application will be considered alongside anyone else at risk of redundancy, prior to any individuals being considered who are not at risk. Diversity matters at the BBC. We have a working environment where we value and respect every More ❯