1 to 25 of 196 Risk Assessment Jobs in the UK

Supply Chain Risk Assessor Rate - £500 (a day) Duration - 6 Months (Initially) Location - London (Hybrid) Ir35 - Inside (Must use an umbrella company) Key Responsibilities: Risk Posture Articulation: Develop and communicate a clear understanding of the FOS (Function of Supply) supply chain risk posture, taking into account critical factors for each supplier such as controls, policies, procedures, and … overall risk management frameworks in alignment with established security standards and industry best practices. Risk Assessment Prioritization: Conduct comprehensive risk assessments for each supplier, categorized by risk priority, based on tier levels. Ensure that existing risk assessments are up-to-date, and identify any gaps in risk management practices. Where necessary, lead the … development of new or updated risk assessments to address these gaps. Supplier Questionnaire Refinement: Oversee the supplier questionnaire process, ensuring that it accurately captures the relevant data needed to assess risk levels effectively. If necessary, refine and improve the questionnaire to ensure its efficacy in gathering the necessary information. Framework Development: Design and implement a repeatable and scalable More ❯

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and … be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be beneficial Experience More ❯

Security Risk Analyst 6-month contract London/Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and … be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed , and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be More ❯

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and … be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed)), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Cyber Risk Manager will be responsible for the following: Operational Develop and define key risk indicators to provide cyber risks insights to Deloitte Technology BISOs and executives. Gather requirements and … build dashboards that accurately depict Deloitte Technology's cyber risk exposure. Drive organizational change and work with multiple business units of a large organization to effect change. Understand the Deloitte global line of business, gain familiarity with priorities, and become an advocate for the cyber risk within the BISO organization. Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business. Actively govern cyber risk in the Deloitte Technology risk register. Partner effectively with Deloitte Technology and BISO teams to facilitate cyber security risk reviews and analysis. Empower Deloitte Technology teams to establish cyber risk ownership and agree on More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Cyber Risk Manager will be responsible for the following: Operational Develop and define key risk indicators to provide cyber risks insights to Deloitte Technology BISOs and executives. Gather requirements and … build dashboards that accurately depict Deloitte Technology's cyber risk exposure. Drive organizational change and work with multiple business units of a large organization to effect change. Understand the Deloitte global line of business, gain familiarity with priorities, and become an advocate for the cyber risk within the BISO organization. Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business. Actively govern cyber risk in the Deloitte Technology risk register. Partner effectively with Deloitte Technology and BISO teams to facilitate cyber security risk reviews and analysis. Empower Deloitte Technology teams to establish cyber risk ownership and agree on More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Cyber Risk Manager will be responsible for the following: Operational Develop and define key risk indicators to provide cyber risks insights to Deloitte Technology BISOs and executives. Gather requirements and … build dashboards that accurately depict Deloitte Technology's cyber risk exposure. Drive organizational change and work with multiple business units of a large organization to effect change. Understand the Deloitte global line of business, gain familiarity with priorities, and become an advocate for the cyber risk within the BISO organization. Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business. Actively govern cyber risk in the Deloitte Technology risk register. Partner effectively with Deloitte Technology and BISO teams to facilitate cyber security risk reviews and analysis. Empower Deloitte Technology teams to establish cyber risk ownership and agree on More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Cyber Risk Manager will be responsible for the following: Operational Develop and define key risk indicators to provide cyber risks insights to Deloitte Technology BISOs and executives. Gather requirements and … build dashboards that accurately depict Deloitte Technology's cyber risk exposure. Drive organizational change and work with multiple business units of a large organization to effect change. Understand the Deloitte global line of business, gain familiarity with priorities, and become an advocate for the cyber risk within the BISO organization. Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business. Actively govern cyber risk in the Deloitte Technology risk register. Partner effectively with Deloitte Technology and BISO teams to facilitate cyber security risk reviews and analysis. Empower Deloitte Technology teams to establish cyber risk ownership and agree on More ❯

These five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Cyber Risk Manager will be responsible for the following: Operational Develop and define key risk indicators to provide cyber risks insights to Deloitte Technology BISOs and executives. Gather requirements and … build dashboards that accurately depict Deloitte Technology's cyber risk exposure. Drive organizational change and work with multiple business units of a large organization to effect change. Understand the Deloitte global line of business, gain familiarity with priorities, and become an advocate for the cyber risk within the BISO organization. Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business. Actively govern cyber risk in the Deloitte Technology risk register. Partner effectively with Deloitte Technology and BISO teams to facilitate cyber security risk reviews and analysis. Empower Deloitte Technology teams to establish cyber risk ownership and agree on More ❯

Cyber Security Supply Chain Analyst Location: Remote Contract: Inside IR35 Day rate: Up to £700 per day Duration: 6 Months Start date: ASAP Key skills: Supply Chain, Risk Management, TPRM process, NCSC CAF framework We have an opportunity with one of the UK's biggest Retailers who have a network of branches nationwide. MI & Data Automation Analyst, you will … and wider business functions responsible for facilitating supplier onboarding, operational management and offboarding activities, to review, establish and drive adoption of a revised target operating model for supplier security risk management. The goal is to ensure that the Client has a robust and continually managed enterprise-wide supplier cyber risk assessment process to reduce exposure to potential … compromise of security, compliance or operational integrity of its supply chain. Principal accountabilities: - Key point of contact and subject matter expertise for third-party risk guidance - Oversee the review of target supply chain risk assessment processes, establishing agreed recommendations and operating model in accordance with the National Cyber Security Centre Cyber Assessment Framework principles - Product and More ❯

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this … and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO … and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in More ❯

NAT CAT Risk - Modelling & Analytics Lead Hybrid As Nat CAT Risk Modelling and Analytics Lead you will be responsible for leading our NAT CAT modelling and analytics team with the CAT Risk function, reporting directly into the AVP for CAT Risk and Capital. You will lead in the areas of complex pricing support, portfolio analysis and … industry leading expertise within our Enterprise Cat function.You will have a thorough understanding of the Lloyd’s market and hold specialist qualifications such as the Certified Specialist in Catastrophe Risk (CSCR), Certified Catastrophe Risk Management Professional (CCRMP), or a CAT modelling designation from a leading third-party vendor, such as Verisk’s Certified Extreme Event Modeler (CEEM). … and verbal communication skills allow you to consult on complex projects and present confidently at all levels of seniority. What Will You Do? Provide complex pricing support to optimize risk assessment and pricing strategies. Conduct portfolio risk reward analysis to influence CAT underwriting strategy Lead model validation efforts and play an leading role in CAT View of More ❯

materials Supporting workshop delivery and client meetings Conducting research and analysis Client Engagement Support Typical activities include: Leading client workshops such as security strategy sessions, Cloud security architecture reviews, Risk assessment workshops, technology evaluation sessions. Producing client materials including, Security assessment reports, technical architecture diagrams, implementation roadmaps and project status updates. Conducting security assessments by gathering and …/security experience in the Defence Sector Demonstrable experience of one or more of the following areas: MoD Security GRC/Assurance Processes: Secure by Design and RMADs/Risk Assessment Cloud security architecture documentation, s ecurity controls mapping and c ompliance checking automation MoD Cyber Operations: SOC tool evaluation support, SIEM use case development, Metrics and reporting … frameworks, and Technology integration assessment. Cyber Vulnerability Investigations Identity & Access: IAM architecture reviews, p rivileged access solutions, authentication technology assessment, and Zero Trust implementation planning OT Security OT Risk Assessment/Assurance and OT Vulnerability Management Key Strengths Detail-oriented with a strong focus on quality Well-organised and committed to developing customer service skills Enthusiastic about More ❯

Risk and Assurance Analyst | Hybrid working | Permanent | Up to £42,000 | Annual Bonus Cherry Professional are pleased to be working with their public sector client to support the recruitment of a Risk and Assurance Analyst to join their dedicated team. Responsibilities: Implement and maintain effective risk management activities Develop and implement qualitative and quantitative risk assessment processes Conduct risk workshops to identify, assess, and document risks Provide risk management support to project and programme managers Maintain and oversee RAIIDD reporting and escalation processes. Lead formal and informal assurance reviews of projects and programmes Review and assure project documentation Oversee compliance with external programme governance and assurance processes Support and challenge project managers to … ensure best practices in planning, risk management , and project delivery assurance Ideal Candidate: Educated to Degree level or with equivalent experience Professional qualification in Risk Management , Assurance, or Programme/Project Management (e.g., APM Risk Certificate, MoR, MSP, PRINCE2). Degree in a relevant field (e.g., Risk Management , Business, Project Management, Engineering) or equivalent experience. Proven More ❯

contributor in ensuring safe submarines by design. You will engage with a wide range of engineering stakeholders across our programmes to develop and embed fire safety requirements, conduct fire risk assessments and reduce risks from fire hazards. Responsibilities Taking a lead role in fire risk assessment activities Developing, producing and maintaining fire safety process documentation Producing and … reviewing fire and explosion safety strategies and risk assessments Engaging with engineering stakeholders to develop and implement fire safety requirements Production and review of safety case documentation (relevant to fire safety) Providing support to regulatory compliance Chairing fire and explosion safety workshops and working groups Proven Ability/Key Skills Fire risk assessment proven ability gained from … construction environment Knowledge of working in a fire safety engineering environment and applying various fire safety guidance including Defence Standards, ADB, BS 9999 and relevant NFPA standards. Application of risk based approaches to fire safety engineering Safety case development proven ability Fire hazard identification and analysis Fire risk assessment production and review Fire strategies Safety case authoring More ❯

interact with people at all levels effectively. Team Player: Flexible and adaptable approach, able to collaborate with colleagues. Health & Safety: Sound understanding of Health & Safety regulations , environmental impacts, and risk assessments. Reporting: Capable of providing detailed and summarised reports on operational activities. Qualifications: Hold a recognised mechanical services qualification . Character & Attributes: Resilient Under Pressure: Able to work effectively … control circuits . Lone Working: Familiarity with lone working requirements. Compliance: Ability to adhere to all required regulations . Desirable Experience: Building Management Systems (BMS): Experience working with BMS. Risk Assessment: Risk Assessment and Method Statement (RAMS) training. Multi-Discipline Work: Willingness and ability to work outside core discipline when required. Personal Specification: Education & Experience: Knowledge More ❯

Job ID: Amazon Ireland Support Services Limited This is a mid-level position ideal for candidates looking to grow their career in IT Risk Management. Are you an Information Technology (IT) Risk Manager ready for a step-up role with within Amazon's unique IT environment? We are looking for an experienced IT Risk Manager within the … First Line of Defense (1LoD) to enhance our IT risk management and control environment. Reporting to the Senior IT Risk Manager, the successful candidate will contribute to the development of a 1st Line IT Risk program across Amazon global regulated entities. The ideal candidate must have IT risk management experience, preferably, within the payments or financial … services sector. Key job responsibilities • Support the Global Technology Officer (GTO) to attest compliance with the Global IT Risk Management Framework and legal entity regulatory requirements. • Design and implement IT risk controls, mitigation strategies, and remediation plans. • Establish IT risk management policies and procedures, ensure their implementation. • Define key risk indicators (KRIs), key performance indicators (KPIs More ❯

unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Our Digital Risk team is dedicated to providing innovative solutions that mitigate risks associated with digital transformation, cybersecurity, and regulatory compliance. The Digital Risk practice is growing rapidly, and we are … looking for Senior Consultants to help drive success for our clients by helping them navigate the complexities of the digital landscape. The opportunity Our Digital Risk team provides innovative solutions that mitigate risks associated with digital transformation, cybersecurity, and regulatory compliance. As organizations increasingly adopt AI technologies, the need for trusted AI frameworks and governance has become paramount. The … Digital Risk practice is growing rapidly, and we are looking for Senior Consultants to help drive success for our clients by navigating the complexities of the digital landscape, including the integration of AI in risk management strategies. Your key responsibilities Collaborate with clients and internal stakeholders to assess and improve digital risk management strategies, compliance frameworks, and More ❯

organization culture Monitoring and assessing the effectiveness of compliance programs Keeping pace with and understanding the impact of complex, changing regulatory environments on organizations' business models and processes Developing risk strategies and frameworks for compliance and regulatory risks Leveraging analytics and data to optimize compliance risk assessments and compliance monitoring What you will do: As a Gartner analyst … Compliance & Ethics Officer, CEO, and Board of Directors). Knowledge of and experience with the chief compliance officer role, the obligations and requirements of compliance & ethics programs, and compliance risk management (risk assessment processes, key stakeholders involved, etc.) in general. Familiarity and experience with compliance program management systems and tools for regulatory tracking, policy management, risk assessment, and reporting. Effective verbal and written communication skills; ability to adjust style to different audiences. Executive presence; can immediately establish credibility with executives and additional stakeholders. Ability to navigate and thrive in a highly matrixed work environment Willingness to offer flexible working hours within reason to serve Gartner's global client base Ability to travel on occasion More ❯

an accurate view of the vulnerabilities in its asset estate and follows an agreed methodology for prioritising and remediating vulnerabilities. Work closely with colleagues performing related penetration testing and risk assessment activities, providing accurate and timely technical information regarding assets and the status of vulnerabilities. Prepare and deliver regular, high-quality management reporting regarding the asset estate and … proven experience in a vulnerability management role Strong understanding of operational technology concepts and differences between IT and OT environments Strong understanding of attacker TTPs Strong understanding of security risk assessment and risk management concepts and approaches Ability to work with less technical colleagues and be able to convey technical information in a way that all can More ❯

an accurate view of the vulnerabilities in its asset estate and follows an agreed methodology for prioritising and remediating vulnerabilities. Work closely with colleagues performing related penetration testing and risk assessment activities, providing accurate and timely technical information regarding assets and the status of vulnerabilities. Prepare and deliver regular, high-quality management reporting regarding the asset estate and … proven experience in a vulnerability management role Strong understanding of operational technology concepts and differences between IT and OT environments Strong understanding of attacker TTPs Strong understanding of security risk assessment and risk management concepts and approaches Ability to work with less technical colleagues and be able to convey technical information in a way that all can More ❯

champions for product responsible for security operations, architecture, and related functions. Establish and maintain strong communication channels, facilitate knowledge sharing, and drive team collaboration to achieve common security goals. Risk Assessment and Compliance: Conduct regular risk assessments and audits to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective … identity and access management, encryption, and secure coding practices. Demonstrated ability to effectively manage remote offshore teams, fostering collaboration, communication, and achieving shared security objectives. In-depth understanding of risk assessment methodologies, compliance requirements, and privacy regulations. Excellent leadership and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization. Strong analytical More ❯

cyber security incidents, to minimise the damage to our organisation and prevent recurrence. Management of the configuration of protected systems to ensure that any vulnerabilities are understood and managed. Assessment, validation and reporting of information on current and potential cyber threats to maintain the organisation's situational awareness. Management of cyber security risks in line with business objectives and … CISSP, CCSP, CISM. Or equivalent proven Level of experience. Minimum of two years' experience in a similar role. Working experience of security operations and incident management. Working experience of risk management and mitigation. Working experience of developing and delivering security education and awareness programmes. Desirable: Experience of working in a public sector or highly regulated organisation. Good time management … systems, detection and response to incidents, and collection and use of threat intelligence. Knowledge of security management systems and organisational security controls, including standards, best practices, and approaches to risk assessment and mitigation. Knowledge of human factors, including usable security, social and behavioural factors impacting security, security culture and awareness, as well as the impact of security controls More ❯

I'm currently recruiting for a highly skilled Cyber Risk Manager to lead the development and implementation of a cyber risk management programme. Key Responsibilities Design and deliver a robust cyber security risk management framework. Conduct regular risk and vulnerability assessments. Work collaboratively across departments to define risk tolerance and align with strategic objectives. Analyse … cyber security data to identify risks and recommend mitigation strategies. Maintain comprehensive risk documentation, including registers, impact analyses, and treatment plans. Communicate risk insights and recommendations clearly to stakeholders. Develop and monitor key risk indicators (KRIs) and key performance indicators (KPIs). Support project teams in embedding risk management throughout the project lifecycle. Collaborate with internal … and external partners to enhance incident response and cyber resilience. Candidate Requirements Experience in a cyber security risk management role. Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR). Excellent analytical, communication, and stakeholder engagement skills. Proficient in risk assessment tools and methodologies. Professional certifications such as CRISC, CISM, or CISSP are More ❯

strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and … creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a … sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯