1 to 25 of 29 Risk Register Jobs in the South East

bonus and benefits Hybrid working available (3 days in the office) Our client, a dynamic and rapidly growing UK-based EMI FinTech Payments firm, is seeking an experienced Enterprise Risk Analyst to support their Head of Risk. This is a focused Enterprise Risk Analyst role dedicated entirely to the Second Line of Defence (2LOD), centred on embedding the … firm’s Governance, Risk, and Compliance (GRC) model. You will be instrumental in the day-to-day operation of the ERM framework, ensuring risk is managed consistently and strategically across the entire business. Duties of the Enterprise Risk Analyst to include: Risk Register Management: Own the central Risk Register , ensuring all key risks … Strategic, Financial, Operational, and Compliance) are accurately identified, assessed, and maintained. Risk Assessment Cycle: Facilitate and manage the formal Risk and Control Self-Assessment (RCSA) process across all business units. Control Framework: Maintain and evolve the company’s Risk Control Framework , ensuring controls are effective and aligned with the established risk appetite. Residual Risk Analysis More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the … to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers … for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - 35,000 per annum base + benefits The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - £35,000 per annum base + benefits** The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - £35,000 per annum base + benefits** The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health/Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management System … ISMS) in accordance with ISO27001 in a company that manages highly sensitive data. You will support the firm's governance, addressing areas of risk and supporting plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber … threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. Assessing security posture, identifying vulnerabilities, and developing mitigation strategies to manage enterprise-wide information security risks. Maintaining and enhancing the organisation's risk register and heat map, ensuring More ❯

IT Risk and Policy (GRC) Analyst Permanent - Up to £38k + strong benefits Location: Hybrid - Leatherhead Your new company A leading construction and development company in Surrey is currently looking for an IT Risk and Policy (GRC) Analyst to come in and support the existing IT Risk & Policy Manager with the day-to-day tasks involved with … role is full-time, with a hybrid working pattern, usually around 2/3 days a week in the office. Your new role You will be supporting the IT Risk & Policy Manager across a broad variety of work, with the ability to gain a lot of different experience across multiple areas. The Analyst is responsible for managing IT risks … and governance aspects, with a focus on standards and regulations, whilst ensuring collaboration across the business to ensure strong IT practices are put in place. Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. More ❯

IT Risk and Policy (GRC) Analyst Permanent - Up to 38k + strong benefits Location: Hybrid - Leatherhead Your new company A leading construction and development company in Surrey is currently looking for an IT Risk and Policy (GRC) Analyst to come in and support the existing IT Risk & Policy Manager with the day-to-day tasks involved with … role is full-time, with a hybrid working pattern, usually around 2/3 days a week in the office. Your new role You will be supporting the IT Risk & Policy Manager across a broad variety of work, with the ability to gain a lot of different experience across multiple areas. The Analyst is responsible for managing IT risks … and governance aspects, with a focus on standards and regulations, whilst ensuring collaboration across the business to ensure strong IT practices are put in place. Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. More ❯

SLAs, quality gates, secure access, and code ownership. Manage engineering/infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering execution across distributed in-house and outsourced teams. Champion 24/7/365 platform operations with SLAs … capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity/authorisation, privacy … management, and privacy by design. Ability to partner with product and legal teams on security trade-offs and customer due diligence. Skilled in agile delivery, quarterly planning, dependency/risk management, and quality assurance. Ability to drive predictable delivery, manage technical debt, and continuously improve engineering velocity. Strong financial acumen: managing engineering/cloud budgets, AWS FinOps, and tracking More ❯

digital estate, encompassing enterprise IT, operational technology (OT), and research platforms. This role sits within the Information & Cyber Security Group and provides subject matter expertise in security architecture, cyber risk governance, and assurance frameworks. This is a cross-functional role with both advisory and hands-on responsibilities, focusing on security assurance, risk management and supporting architecture reviews, vulnerability … management, risk assessments, cyber defence posture, driving technical assurance, and embedding risk-aligned security controls across IT and OT systems and secure-by-design practices. You will work across hybrid environments including cloud, infrastructure, applications, and OT systems. You will be responsible for designing and advising on security architecture patterns, reviewing and maintaining risk registers, leading assurance … Cyber Essentials (CE and CE+) while supporting the secure operation of core services. The role requires strong stakeholder engagement, technical depth, and a sound understanding of UK-specific cyber risk frameworks. You will help shape and maintain a secure posture across UKAEA. A degree in Cybersecurity, Information Technology, or a STEM subject (or equivalent experience). Essential o Security More ❯

aspects are actively driven. Document actions and follow up with individuals in between meetings. Escalate where appropriate. Report progress of the STB to other governance meetings. Regional IT Governance & Risk: Develop the regional IT delivery processes, in line with the DDaT Guardrails, to ensure all IT delivery in the Region complies with this National standard, Own and coordinate the … review of the Regional IT risk register, ensuring mitigation actions are implemented and issues are escalated to the STB andother relevant regional governance meetings. Essential Job Skills, Experience and Qualifications Excellent communication skills and the ability to develop relationships with a wide range of key stakeholders up to Director and Executive level Demonstrable experience in leading the formulation More ❯

data, and operations across a growing organisation. Key responsibilities:* Design and implement security policies and procedures aligned with ISO 27001, NIST, and other recognised frameworks. * Manage the information security risk register and lead internal and external audits. * Oversee incident response, including investigation, containment, and recovery. * Conduct vendor security assessments and review contractual security requirements. * Lead day-to-day More ❯

ideal for someone who thrives in a fast-paced, multi-contract environment. Key Responsibilities Lead delivery of MOD projects across multiple contracts, producing and maintaining high-quality documentation (PMPs, risk registers, schedules). Maintain oversight of all active projects, ensuring alignment with contractual scopes and internal service readiness. Act as a key contact for technical issue resolution and service More ❯

Cyber Security Lead to drive cybersecurity across a family of independent specialist schools. You will take ownership of protecting staff, students, and data, coordinating with multiple MSPs, managing cyber risk, monitoring threats, and embedding robust security practices across the organisation. Key Responsibilities: Act as the central point for all cybersecurity matters and incident response. Maintain the cybersecurity risk register and lead Cyber Essentials certification. Oversee Microsoft 365 and Google Workspace security, including vulnerability management, patching, MFA, and email security. Coordinate security audits, penetration tests, and third-party application reviews. Manage and monitor MSP performance, ensuring consistent security standards. Promote cybersecurity awareness, provide guidance, and support staff training. Report on cyber incidents, risks, and improvements to senior More ❯

risks, implementation plans, and open jobs). Project management ownership of your own projects across all contracts. Production and ongoing management of high-quality documentation including Project Management Plans, Risk Registers, Project Schedules, and other project documentation Assist in managing the resolution process to ensure project engineering/technical issues are rectified. Assisting in the roll-out of Service More ❯

projects Ensure that projects progress smoothly through the company and according to agreed timescales Assist in the production and ongoing management of high-quality documentation including Project Management Plans, Risk Registers, Project Schedules and other project documentation Maintain financial records of all projects Produce monthly financial reports to the Senior Commercial Bid and Programme Manager Conduct internal review meetings More ❯

new clients to streamline their transition. Actively resolve any operational roadblocks and ensure that all integration steps are completed efficiently. Oversight of post-completion issues including working to resolve risk register issues to protect the assets we have acquired. 2.Operational & Administrative Oversight Coordinate and execute operational tasks such as accounting consolidation, office and car lease terminations, and other More ❯

new clients to streamline their transition. Actively resolve any operational roadblocks and ensure that all integration steps are completed efficiently. Oversight of post-completion issues including working to resolve risk register issues to protect the assets we have acquired. 2.Operational & Administrative Oversight Coordinate and execute operational tasks such as accounting consolidation, office and car lease terminations, and other More ❯

Requirements: Proven commercial experience working as an IT Project Manager, ideally within healthcare/clinical environments. Strong application integration and migration experience. Brings strong expertise within the Governance and Risk space, with a solid understanding of regulatory requirements and risk management frameworks. The ability to articulate challenges around business change. Demonstrates a high level of awareness and practical … experience with risk registers, risk assessments, and facilitating or contributing to risk meetings. Excellent communication and stakeholder management skills. Demonstrates a proactive approach and takes full ownership of responsibilities and outcomes. Proactively seeks information to ensure clarity and alignment with tasks and objectives. Nice to have: Clinical/Healthcare sector experience Merger and Acquisition (M&A) experience More ❯

Responsibilities Programme Leadership: Drive the end-to-end delivery of the infrastructure transformation programme, ensuring objectives, scope, timelines, and budgets are achieved. Planning & Governance: Develop programme plans, dependencies, and risk registers. Establish clear governance structures and provide regular reports to senior stakeholders. Technical Delivery Oversight: Work with engineers, architects, and vendors to ensure solutions meet technical standards and security … leadership, business units, and external vendors to align technical outcomes with organisational goals. Vendor & Partner Coordination: Manage third-party suppliers, ensuring contracts, SLAs, and deliverables meet agreed quality standards. Risk & Issue Management: Identify, assess, and mitigate technical and delivery risks to maintain momentum and control. Change & Transition Management: Oversee testing, cut over planning, and service transition to minimise business … cloud security, DevSecOps, and IAM. Experience in data migration, integration, and testing methodologies . Knowledge of fraud prevention systems and technology is desirable. Excellent programme management skills - planning, governance, risk management, and stakeholder engagement. Strong interpersonal, communication, and influencing skills, with the ability to work effectively at all levels. High personal integrity with a respectful, transparent, and collaborative approach. More ❯

A leading financial services firm is looking for a Senior GRC Associate to help develop and maintain its IT Governance, Risk & Compliance framework. Key Responsibilities: Support IT risk assessments and control compliance activities Maintain risk registers and GRC documentation Assist with internal governance reviews and formal reporting Work with IT teams and third-party providers on GRC … 5+ years' experience in IT GRC or Information Security Knowledge of ISO 27001, NIST, and (ideally) DORA Strong analytical, communication, and stakeholder engagement skills Experience with IT infrastructure risk and control assessments This is a great opportunity to join a well-established and forward-thinking team, where you'll be empowered to make a real impact on IT risk More ❯

change control documentation. Negotiate pricing, SLAs, licensing agreements, and implementation milestones with suppliers. Monitor supplier performance and contract delivery to ensure project and operational requirements are met. Maintain commercial risk registers and develop mitigation plans for high-risk suppliers or dependencies. ERP Transformation Support Work closely with the BFS Programme team, IT, and Finance to align procurement deliverables … and Ariba. CIPS qualification or equivalent. SC or DV Security Clearance (or ability to obtain). Experience using Oracle ERP or similar procurement modules. Key Competencies: Commercial acumen and risk management Strong stakeholder management and communication skills Analytical and detail-oriented approach Negotiation and influencing Organisational agility and adaptability Proactive problem-solving More ❯

IR readiness, and regulatory requirements relevant to SMBs (e.g., HIPAA, PCI-DSS, GDPR nuances as applicable). Customer engagement and discovery: Conduct customer workshops, requirements gathering, current-state assessments, risk analyses, ROI/tco analysis, and roadmaps that translate business outcomes into concrete IT capabilities. Commercial ownership: Collaborate with sales on proposal development, scoping, pricing constructs, RFP/RFI … responses, and executive-level communications; create compelling business cases grounded in the value of reduced downtime, improved productivity, and scalable future-state architectures. Governance and risk management: Define program governance, risk registers, milestone plans, and success metrics; ensure alignment with customer expectations and Teceze delivery standards. People and skills development: Mentor delivery teams on solutioning methods, best practices More ❯