1 to 25 of 283 Risk Register Jobs in the UK

with business objectives. Key Duties/Responsibilities Strategy & Planning Develop and implement cybersecurity strategies aligned with organisational goals and industry standards. Identify and deploy cybersecurity solutions that balance cost, risk, and organisational needs. Create and execute security roadmaps, ensuring alignment with Agile project delivery methodologies. Work with the Global Information Security Officer to participate in the design and architecture … lifecycle. Team Management Lead and manage an outsourced Security Operations Centre (SOC) team and Cyber Security Analysts. Collaborate with internal teams and external vendors to optimise cybersecurity operations. Compliance & Risk Management Plan and conduct annual PCI DSS compliance assessments in collaboration with qualified security assessors, maintaining and communicating cybersecurity risk registers to business stakeholders. Perform third-party risk More ❯

Senior Cyber Risk Analyst We are seeking a Senior Analyst with a robust background in cybersecurity risk assessment and internal security audits, complemented by broad technical expertise across modern IT environments. This role requires a deep understanding of desktops, mobile devices, networks, operating systems, and cloud services, as well as the ability to effectively communicate complex technical concepts … The ideal candidate will possess advanced analytical skills, relevant certifications, and experience working cross-functionally-including direct client engagement-to support regulatory and business objectives. Primary Responsibilities Conduct comprehensive risk assessments of information systems, applications, business processes, and underlying technical infrastructure-including desktops, phones, network devices, operating systems (Windows, macOS, Linux), and cloud platforms (AWS, Azure, GCP). Collaborate … closely with compliance, legal, IT, business stakeholders, and external clients to understand operational requirements, regulatory obligations, and risk tolerance. Serve as a technical point of contact for clients, addressing and managing their technical requirements, security concerns, and risk management needs. Clearly document identified risks and work with stakeholders to propose, evaluate, and track compensating controls that address security More ❯

Information Security and Supplier Assurance Consultant Requisition ID 35730 Office Country United Kingdom Office City London Division Risk Management Contract Type Short Term Contract Length 12 months Posting End Date 26/06/2025 We are looking for a highly skilled Information Security and Supplier Assurance Consultant to join our Operational Risk Management (ORM) team at the … a unique opportunity to play a vital role in protecting the EBRD's Information Assets and IT Facilities, supporting the delivery of critical projects, and shaping our security and risk governance across the Bank. Your Role and Purpose As an Information Security and Supplier Assurance Consultant, you will support the Head of Information Security in managing Information Security (IS … key IS projects and driving supplier and project security assurance activities. Reviewing and updating IS policies, procedures, and the broader Information Security Framework. Providing technical security consultancy and managing risk assessments, including third-party and cybersecurity risks. Ensuring regulatory compliance and supporting internal/external reviews. Key Responsibilities Act as the Bank's IS technical consultant on Supplier and More ❯

of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Requisition ID 35730 Office Country United Kingdom Office City London Division Risk Management Contract Type Short Term Contract Length 12 months Posting End Date 26/06/2025 We are looking for a highly skilled Information Security and Supplier Assurance … Consultant to join our Operational Risk Management (ORM) team at the European Bank for Reconstruction and Development (EBRD). This is a unique opportunity to play a vital role in protecting the EBRD’s Information Assets and IT Facilities, supporting the delivery of critical projects, and shaping our security and risk governance across the Bank. Your Role and … key IS projects and driving supplier and project security assurance activities. Reviewing and updating IS policies, procedures, and the broader Information Security Framework. Providing technical security consultancy and managing risk assessments, including third-party and cybersecurity risks. Ensuring regulatory compliance and supporting internal/external reviews. Key Responsibilities Act as the Bank’s IS technical consultant on Supplier and More ❯

security advisor to client stakeholders, including CISOs, security teams, IT management, and executive leadership. Work with different delivery partners across a complex product and service ecosystem to pragmatically manage risk and drive successful outcomes. Develop and own the programme delivery and security services operational risk register. Develop deep, trusted relationships across the client organization, fostering open communication and … insights and best practices with the client's security team to foster continuous improvement. Support executive engagement/peer relationships across the UK Public Sector and international peers. Security Risk Management & Remediation Conduct cybersecurity risk assessments, vulnerability analyses, and maturity assessments for clients. Develop and implement client-specific cybersecurity roadmaps, strategies, policies, and procedures. Provide expert advice on … and managing security controls. Assist clients with compliance requirements related to various regulations (GDPR, CCPA, HIPAA, PCI DSS, etc.) and standards (e.g., ISO 27001, SOC 2). Manage security risk committees to support client cyber risk management practices. Track and manage remediation of security audit and compliance findings for clients. Review security metrics and lead remediation programs within More ❯

Adopt a continuous improvement approach to the management of Information Technology, Information Security and Privacy. Ensure that main stakeholders are informed and consulted via an effective Management Review process. Risk Identify information security threats and manage an effective Vulnerability Management Process. Maintain an effective, proactive Risk Management Framework. Manage and maintain the Satalia Risk Register. Ensure an More ❯

Adopt a continuous improvement approach to the management of Information Technology, Information Security and Privacy. Ensure that main stakeholders are informed and consulted via an effective Management Review process Risk Identify information security threats and manage an effective Vulnerability Management Process. Maintain an effective, proactive Risk Management Framework. Manage and maintain the Satalia Risk Register. Ensure an More ❯

Consultant EBRD London, United Kingdom Apply now Posted 21 hours ago Permanent Competitive Information Security and Privacy Consultant Requisition ID 35706 Office Country United Kingdom Office City London Division Risk Management Contract Type Short Term Contract Length 12 months Posting End Date 03/06/2025 About the Role The European Bank for Reconstruction and Development (EBRD) is … ensure that the Bank maintains high standards of security, privacy, and compliance, contributing to our mission of promoting sustainable development across our regions of operation. About the Department Operational Risk Management (ORM) is part of the Bank's Risk Management group and forms the second line of defence . ORM is responsible for independently identifying, assessing, and supporting … data subject requests and support the Personal Data Review Panel on personal data-related complaints. Advise on IT and business projects with respect to InfoSec and privacy risks. Maintain risk registers , provide ongoing risk analysis, and contribute to risk mitigation plans. Support completion and review of Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs). More ❯

multidisciplinary delivery environments. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases, control matrices, and evidence submissions. Ensure alignment with applicable defence and industry standards and other MOD-aligned frameworks. Engage with engineering and project teams to ensure … governance. Liaise with client representatives, suppliers, and accreditation authorities to support the assurance lifecycle and manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain … on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential skills Strong understanding of cybersecurity assurance principles, risk management, and regulatory compliance in defence or safety-critical environments. Proven ability to produce and review assurance artefacts, including security management plans, risk registers, assurance cases, and audit More ❯

/or CISSP or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is highly desirable Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Experience of information security management and/or security awareness. Good knowledge of industry … NIS2, AI Act etc. and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience of developing, implementing, managing, and maintaining Information Security policies, guidance, & procedures. Experience of risk management and maintaining risk registers. Knowledge & experience of risk … England, United Kingdom 3 weeks ago Cyber Security Manager - Tesco Mobile Ireland Cyber Security Manager - Tesco Mobile Ireland London, England, United Kingdom 1 week ago Senior Director of Governance, Risk, Compliance & Privacy London, England, United Kingdom 1 week ago London, England, United Kingdom 2 days ago Security Analyst, Security Operations and Incident Response London, England, United Kingdom 1 week More ❯

multidisciplinary delivery environments. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases, control matrices, and evidence submissions. Ensure alignment with applicable defence and industry standards and other MOD-aligned frameworks. Engage with engineering and project teams to ensure … governance. Liaise with client representatives, suppliers, and accreditation authorities to support the assurance lifecycle and manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain … on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential Skills Strong understanding of cybersecurity assurance principles, risk management, and regulatory compliance in defence or safety-critical environments. Proven ability to produce and review assurance artefacts, including security management plans, risk registers, assurance cases, and audit More ❯

My client, a Financial Services company based in London, are looking for an Information Security Governance, Risk and Assurance specialsit to join their growing team. This role is two days per week in the office in London (near Canary Wharf). About the Information Security Governance, Risk and Assurance specialist: The individual will be part of the security … function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. … alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation's information assets and environments. Understanding security gaps and More ❯

value projects across multiple industries. Managing the full project lifecycle – from planning and scoping through to delivery and reporting. Creating and maintaining detailed documentation including project plans, RAID logs, risk registers, and status updates. Coordinating with cross-functional teams and stakeholders to ensure aligned and timely delivery. Supporting business development activities such as RFPs, tenders, and proposal writing. Facilitating More ❯

and the security of private equity backing. It's an inspiring time to join the team! Looking for a self-starting highly motivated and detail-orientated Information Security Governance, Risk, and Compliance (GRC) Analyst to support the design, implementation, and ongoing improvement of our information security governance and risk management framework. This role is essential in ensuring the … organisation proactively manages information security risk across its employees, technologies, vendors, and operations and adheres to the regulatory and security standards pertinent to financial services while providing visibility to key stakeholders. Job Responsibilities Support the development, maintenance, and enforcement of information security policies, procedures, and standards Conduct risk assessments on technology systems, third-party vendors, and new services. … implemented and effective Assist in preparing for and responding to regulatory audits and compliance reviews (e.g., NIST CSF, ISO 27001, DORA, GDPR. ITGC) Maintain and update the information security risk register with appropriate scenarios and control frameworks Conduct regular control testing, evaluation and reporting findings to stakeholders Stay current on changes in regulations, industry standards, and emerging risks More ❯

Senior Cybersecurity Risk Analyst (Remote) needed, £28.49ph PAYE – Reference: RQ1548059 Role Overview We are looking for a highly skilled and technically proficient Senior Cybersecurity Risk Analyst to join our team on an interim basis. This role is critical in identifying, assessing, and managing information security risks across the organization. The ideal candidate will have a strong technical background … the ability to translate threats into business risks, and experience working in fast-paced environments. Key Responsibilities – Conduct in-depth security risk assessments across systems, applications, and infrastructure. – Identify and evaluate technical and operational risks, vulnerabilities, and control gaps. – Translate complex technical threats into clear, actionable business risks. – Maintain and update the Cybersecurity Risk Register. – Produce detailed risk … the Security Operations Centre (SOC). – Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). – Review security aspects of tenders and conduct third-party/vendor risk assessments to ensure alignment with organisational security requirements. – Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have – – Proven experience in technical More ❯

Role Overview We're looking for an experienced Senior Cyber Risk Analyst to join a purpose-driven organisation on a part-time basis . In this role, you'll take the lead in strengthening the organisation's security posture by driving forward incident response, vulnerability management, and compliance initiatives. You'll be a key player in embedding security best … Work 7-hour days, 3 days a week Act as a trusted advisor on information security matters, supporting projects, solution development, and change initiatives with expert guidance. Perform regular risk evaluations to uncover and address potential security gaps. Lead the end-to-end management of security incidents, ensuring swift and effective resolution. Design and deliver engaging training sessions to … Essentials Plus, ISO 27001, and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk assessments and developing threat models. Comprehensive knowledge of core cybersecurity domains, including network, endpoint, and cloud security. Skilled at translating technical vulnerabilities into business-relevant language for diverse audiences. More ❯

This role is crucial in ensuring IT risks are identified, measured, and actively managed to protect the organisation from potential impacts. You will develop and implement IT policies, conduct risk assessments, and ensure compliance with regulatory requirements while driving improvements in IT governance processes. Key Accountabilities * Identify, evaluate, and manage IT risks across infrastructure, data protection, and lifecycle management. … Own and maintain the IT risk register, ensuring mitigation plans are in place. * Align risk management frameworks with industry standards (ISO27001, NIST, CIS Critical Controls). * Lead IT audits, coordinate fieldwork, and track findings to ensure timely resolution. * Develop and implement IT policies, procedures, and security awareness initiatives. * Act as an SME, providing guidance on IT governance … compliance, and risk mitigation strategies. Required Skills & Qualifications * Proven experience in IT risk management, security governance, and compliance. * Strong knowledge of ISO27001, GDPR, PCI-DSS, and cybersecurity frameworks. * Experience in IT audit coordination and risk assessment methodologies. * Excellent communication and stakeholder management skills. * Desirable - Certifications such as CRISC, CISA, CISM, or CISSP Benefits * 10% discretionary performance related More ❯

adheres to best practices and legislation in data protection, information security, quality management, environmental compliance and industry-specific security standards. The ideal candidate will have experience in compliance management, risk assessment, audits, security frameworks and policy implementation. They will need to work across teams such as IT, Operations, Finance, Delivery and Engineering to ensure robust governance, risk management … and compliance Information security and Cyber Essentials Plus Oversee Cyber Essentials Plus compliance ensuring security controls are in place Work closely with the IT team to assess vulnerabilities, manage risk and implement cyber security policies Work with the Head of IT to manage incident response planning and ensure security incidents are managed in line with best practices Data protection … Assessments (DPIAs) Implement processes around Data Subject Access Requests (DSARs) and breach management Ensure compliance with any client and third-party data processing agreements (DPAs) and data retention rules Risk management and policy development Review, update, maintain and enforce policies and procedures related to: Information security Data protection Environmental sustainability Business continuity Incident response Supplier security assessment Maintain a More ❯

adheres to best practices and legislation in data protection, information security, quality management, environmental compliance and industry-specific security standards. The ideal candidate will have experience in compliance management, risk assessment, audits, security frameworks and policy implementation. They will need to work across teams such as IT, Operations, Finance, Delivery and Engineering to ensure robust governance, risk management … and compliance Information security and Cyber Essentials Plus Oversee Cyber Essentials Plus compliance ensuring security controls are in place Work closely with the IT team to assess vulnerabilities, manage risk and implement cyber security policies Work with the Head of IT to manage incident response planning and ensure security incidents are managed in line with best practices Data protection … Assessments (DPIAs) Implement processes around Data Subject Access Requests (DSARs) and breach management Ensure compliance with any client and third-party data processing agreements (DPAs) and data retention rules Risk management and policy development Review, update, maintain and enforce policies and procedures related to: Information security Data protection Environmental sustainability Business continuity Incident response Supplier security assessment Maintain a More ❯

Harvey's IT environment and enterprise applications, you will be responsible for the operational management of the Company's Information Security Management System and ensuring that our IT governance, risk management, and compliance measures are effective and implemented. The role will support the implementation and maintenance of security controls across the group, aligned with our cyber security policy, group … are as secure as possible. Create and maintain security documents (policies, standards, baselines, guidelines, and procedures). Maintain & improve Business Continuity and Disaster Recovery plans. Contribute to the IT risk register and mitigation plans. Ensure Endpoint security compliance, including Mobile Device Management. Organise audits, external and internal vulnerability scans, web, infrastructure and application penetration tests and ensure remediation … effectively with technical and non-technical colleagues at all levels in the organisation. Essential Previous experience within a cyber/information security role. Strong knowledge and understanding of security risk assessment, including security testing principles and tools. Network, operating system, application and organisational security concepts. An investigative and analytical nature with a focus on ensuring the organisation is as More ❯

such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders in relation to cyber security issues and provide recommendations. Maintain an information security risk register and assist with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends … in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security audits of company solutions. Implementing and maintaining security policies, standards, procedures, and best practices to ensure compliance with regulatory and industry requirements. Researching and evaluating new More ❯

such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders in relation to cyber security issues and provide recommendations. Maintain an information security risk register and assist with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends … in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security audits of company solutions. Implementing and maintaining security policies, standards, procedures, and best practices to ensure compliance with regulatory and industry requirements. Researching and evaluating new More ❯

such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders in relation to cyber security issues and provide recommendations. Maintain an information security risk register and assist with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends … in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security audits of company solutions. Implementing and maintaining security policies, standards, procedures, and best practices to ensure compliance with regulatory and industry requirements. Researching and evaluating new More ❯

colleagues from across Projects and Programme Delivery. Your Responsibilities include: Managing the whole life project delivery process for our client sponsors. Applying strong commercial acumen in project, contract, and risk management, ensuring delivery of high-quality projects to time and budget. Working collaboratively with our suppliers, client representatives, technical specialists, and other partners to deliver successful outcomes. Monitoring and … forecasting expenditure, ensuring compliance with EA guidance. Using project management tools to aid development and maintenance of business cases, programmes, trackers and risk registers. Administering contracts with supply chain in accordance with framework policy. Making project decisions supported by the Project Executive and informed by technical leads whilst following governance procedures, project assurance and legislation. Everyone that joins us … on incident response can be found within your candidate pack. The team The Innovation Delivery Group (IDG) specialises in delivering complex national projects and programmes that drive innovation, manage risk, and support Environment Agency’s 2025 action plan. The group is part of Projects and Programme Delivery (PPD) within the Flood and Coastal Risk Management (FCRM) directorate. The More ❯

Project Initiation & Planning Define project scope, goals, deliverables, and success criteria in alignment with business objectives. Develop and maintain comprehensive project plans, including Gantt charts, resource forecasts, milestones, and risk registers. Conduct feasibility analysis, business case development, and secure project funding and governance approvals. Ensure alignment with internal methodologies and Lloyd’s change governance standards. Project Execution & Delivery Lead … teams, and external vendors. Communicate project status, issues, and risks clearly through regular reporting and meetings. Manage stakeholder expectations and facilitate decision-making across multiple levels of the organization. Risk & Compliance Identify and assess operational, technical, financial, and regulatory risks associated with project delivery. Implement mitigation strategies and ensure compliance with all relevant standards, including Lloyd’s Minimum Standards … England, United Kingdom 3 months ago Technical Project Manager - Live Event Production Technical Project Adoption Manager, Cisco Spaces, UK London, England, United Kingdom 2 weeks ago Program Manager, Regional Risk and Compliance London, England, United Kingdom 1 week ago Senior Engineering Project Manager, UK field Engineering Team London, England, United Kingdom 2 weeks ago London, England, United Kingdom More ❯