3 of 3 Remote/Hybrid Risk Register Jobs in the South West

observability practices. Map findings to compliance frameworks (e.g., ISO 27001, SOC 2, or NHS DSPT where applicable). Produce a comprehensive gap analysis, risk register (with severity and likelihood ratings), and prioritised remediation backlog. Define minimum DevOps guardrails for the next delivery phase (e.g., mandatory checks, branch protection … audit) DevOps Audit Report (executive summary + detailed findings). Compliance mapping (ISO 27001 Annex A/SOC 2 trust principles) with gap list. Risk register including mitigations, effort, and impact estimates. Prioritised remediation backlog and proposed guardrails for Phase 2. RACI for change/release management ...

Responsibilities Provide portfolio-level security leadership , ensuring secure-by-design principles are embedded throughout delivery Work with senior stakeholders to define security outcomes, risk appetite, and governance Establish and own the security risk management and assurance framework , aligned to legislation, regulation, policy, standards, and best practice Define required … implementation to ensure consistency and coherence across the portfolio Provide technical assurance of cyber security analysis, designs, and assurance evidence Manage the portfolio security risk register and conduct security maturity assessments Act as the primary security interface with SROs, SLT, and portfolio engineering and delivery teams ...

business-critical to remote working and client delivery. Compared with other core functions, their internal IT capability requires strengthening to align with their scale, risk profile and strategic ambitions. The role will be responsible for ensuring that their digital infrastructure, systems and innovation capability are robust, secure, scalable … software partners where required. Oversee testing, quality assurance and human-in-the-loop validation. Ensure all solutions are scalable, maintainable and well-documented. Governance, Risk and Compliance. Maintain and refine the organisation's AI and Digital Innovation Policy, Quick Guide and data-classification standards. Work closely with the Data ...