1 to 25 of 104 Risk Register Jobs in the UK

bonus and benefits Hybrid working available (3 days in the office) Our client, a dynamic and rapidly growing UK-based EMI FinTech Payments firm, is seeking an experienced Enterprise Risk Analyst to support their Head of Risk. This is a focused Enterprise Risk Analyst role dedicated entirely to the Second Line of Defence (2LOD), centred on embedding the … firm’s Governance, Risk, and Compliance (GRC) model. You will be instrumental in the day-to-day operation of the ERM framework, ensuring risk is managed consistently and strategically across the entire business. Duties of the Enterprise Risk Analyst to include: Risk Register Management: Own the central Risk Register , ensuring all key risks … Strategic, Financial, Operational, and Compliance) are accurately identified, assessed, and maintained. Risk Assessment Cycle: Facilitate and manage the formal Risk and Control Self-Assessment (RCSA) process across all business units. Control Framework: Maintain and evolve the company’s Risk Control Framework , ensuring controls are effective and aligned with the established risk appetite. Residual Risk Analysis More ❯

a continuously developing relationship with I Squared Capital - a global infrastructure investment fund manager - who acquired Arriva in 2024. We are looking for a Head of Information Security Governance, Risk, Compliance (GRC) & Awareness to join our Information Security Team on a full-time, permanent basis, based from either our Doxford office, Sunderland or Lacon House, London. Reporting to the … Group Chief Information Security Officer, the Head of InfoSec GRC & Awareness is responsible for leading the governance, risk, and compliance functions within the Information Security domain. This role ensures that the organisation maintains a robust security posture through the development and enforcement of policies, standards, and awareness initiatives. The role is pivotal in aligning security practices with business objectives … comprehensive Operational Technology (OT) compliance framework, ensuring alignment with broader Arriva and industry recognised cyber security standards. The Head of InfoSec GRC & Awareness manages the enterprise-wide information security risk management process, including the maintenance of the InfoSec Risk Register, oversight of residual risk declarations, and escalation of serious risks in accordance with the Arriva Risk More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

have within the community. So, what’s your possible? Salary: £60,000 - £71,000 Opportunity: This is more than just a job; it’s a mission. As the PMO Risk Manager at Northrop Grumman you will be responsible for leading risk management in a portfolio of complex projects delivering technology solutions to UK Defence. In line with departmental … procedures, you will develop, maintain and execute a robust risk management framework, enabling the adoption of risk management best practice across the department’s portfolio to ensure delivery of value to our customers. Our UK Defence business is a Sovereign software and systems centre of excellence. As well as developing and supporting UK wide and internationally deployed multi … Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems. Responsibilities: Develop, embed and manage an effective and robust risk management framework Working with Project and Programme Management colleagues to agree and assist with the management of programme, project and portfolio risks, ensuring a holistic risk management strategy More ❯

Cyber Security Risk Manager required to join a globally recognised SaaS company in Edinburgh, leading the governance, risk, and compliance (GRC) function and helping shape cyber security strategy in a cutting edge environment. The Company This is a modern, globally recognised SaaS company operating at the forefront of data analytics. Their datasets are relied upon by clients to … confident decision making in complex markets. Security is integral to the company's operations, safeguarding platforms, data, and users against evolving cyber threats. The business is currently enhancing its risk management program, providing a unique opportunity to shape processes, influence strategy, and drive tangible results. You'll join a collaborative and transparent team that values open communication, shared success … and measurable impact. The Role As Cyber Risk Manager, you will lead the maturity and execution of the governance, risk, and compliance (GRC) function. You will ensure the business has clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk More ❯

Cyber Security Risk Manager required to join a globally recognised SaaS company in Edinburgh, leading the governance, risk, and compliance (GRC) function and helping shape cyber security strategy in a cutting edge environment. The Company This is a modern, globally recognised SaaS company operating at the forefront of data analytics. Their datasets are relied upon by clients to … confident decision making in complex markets. Security is integral to the company's operations, safeguarding platforms, data, and users against evolving cyber threats. The business is currently enhancing its risk management program, providing a unique opportunity to shape processes, influence strategy, and drive tangible results. You'll join a collaborative and transparent team that values open communication, shared success … and measurable impact. The Role As Cyber Risk Manager, you will lead the maturity and execution of the governance, risk, and compliance (GRC) function. You will ensure the business has clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk More ❯

Cyber Risk Team Lead We’re working with a large organisation going through major cyber transformation to hire a Cyber Risk Team Lead . This role combines leadership with hands-on delivery, giving you the chance to shape how cyber risks are understood and managed across the business. What you’ll do Own and maintain the cyber risk register Turn risk data into clear insight for senior leaders Drive reviews and ensure risks are mitigated or escalated Work with audit, risk, and continuity teams to embed cyber risk Improve processes, tools, and methodologies What we’re looking for Strong knowledge of cyber risk and enterprise risk registers Familiarity with frameworks like More ❯

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 Months We are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and … transparent third-party risk management framework. Key Responsibilities: Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure. Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners. Review and negotiate security and data protection clauses within contracts, including breach … security standards, and regulatory obligations, escalating non-conformance where required. Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication. Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators. Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks. What You Will Ideally Bring: Deep More ❯

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 Months We are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and … transparent third-party risk management framework. Key Responsibilities: Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure. Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners. Review and negotiate security and data protection clauses within contracts, including breach … security standards, and regulatory obligations, escalating non-conformance where required. Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication. Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators. Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks. What You Will Ideally Bring: Deep More ❯

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 Months We are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and … transparent third-party risk management framework. Key Responsibilities: Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure. Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners. Review and negotiate security and data protection clauses within contracts, including breach … security standards, and regulatory obligations, escalating non-conformance where required. Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication. Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators. Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks. What You Will Ideally Bring: Deep More ❯

Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the … to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers … for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance More ❯

in Computer Science, Cybersecurity, or a related field. *Postgraduate qualification in an IT-related subject. *Professional certifications such as CISSP, CompTIA Security+, or equivalent. *Experience with governance frameworks and risk management tools. Key Responsibilities *Operate and maintain security systems including firewalls, antivirus, intrusion detection/prevention, and authentication platforms. *Monitor system logs and network traffic to identify suspicious activity … forensic investigations. *Develop and maintain security protocols, policies, and procedures. *Conduct vulnerability assessments and recommend mitigation strategies. *Deliver cybersecurity awareness training and guidance to staff. *Maintain the information security risk register and support audit processes. *Collaborate with IT and operational teams to ensure secure system configurations. *Assist in compliance with frameworks such as the Data Security Protection Toolkit. … proud to be an equal opportunities employer. Keywords IT Security Specialist, Cybersecurity Analyst, SOC Analyst, Azure Security, Information Security, Firewalls, Intrusion Detection, Antivirus, ITIL, CISSP, Security Compliance, Vulnerability Management, Risk Register, Public Sector IT, Hybrid Role, Manchester Jobs, Security Awareness Training More ❯

to join a growing organisation with a diverse digital environment and a wide range of technology partners. You’ll play a key role in strengthening our cybersecurity governance and risk management framework, helping to ensure systems, data, and third-party relationships remain secure and compliant. Working closely with internal IT teams and external suppliers, you’ll help manage cyber … risk, maintain compliance with relevant frameworks, and support continuous improvement in how we protect our business. Key Responsibilities Support the onboarding and assessment of third-party vendors and managed security service providers (MSSPs). Maintain an accurate register of suppliers and their associated security risks. Coordinate and oversee cyber audits, penetration tests, and remediation activities. Assist in maintaining … the organisation’s cyber risk register and conducting risk assessments for new systems or projects. Help develop, document, and maintain information security policies, procedures, and standards. Support compliance activities related to data protection and other relevant regulations. Contribute to incident response processes, including tracking and post-incident reviews. Stay informed about emerging cyber threats and work with More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - 35,000 per annum base + benefits The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

IT Risk & Policy Analyst - Leatherhead (2-3 days per week) - £35,000 per annum base + benefits** The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and … This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory requirements, while fostering collaboration across teams to embed robust IT practices: Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. … Main accountabilities: Assisting in managing IT Risk Register inputs and outcomes, liaising with IT SLT & Group Assurance and external auditors as appropriate. Liaising with other teams to ensure SLAs in scope are met. Identifying policy/procedure gaps and working with SMEs to create the material. Managing review process for existing IT policies and procedures, updating, or archiving More ❯

ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health/Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management System … ISMS) in accordance with ISO27001 in a company that manages highly sensitive data. You will support the firm's governance, addressing areas of risk and supporting plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber … threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. Assessing security posture, identifying vulnerabilities, and developing mitigation strategies to manage enterprise-wide information security risks. Maintaining and enhancing the organisation's risk register and heat map, ensuring More ❯

with strategic business engagement, ensuring that security is seamlessly integrated across all commercial activities. This role will oversee the organization’s security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the Group CISO. Responsibilities Strategic Leadership & Business Partnership … to embed security into projects & daily operations. Define and drive the overall security roadmap, ensuring it evolves with the business. Lead security benchmarking and strategic planning Continuous assessment of risk across the organization paired with the ability to implement risk treatment plans that do not hamper innovation. Technical & Operational Oversight Oversee network security architecture, monitoring, and the segmentation … and AWS, including monitoring, workload protection, and identity governance. Oversee vulnerability management for hybrid cloud environments, integrating tools such as Wiz, Axonius, and ServiceNow. Oversee advanced DLP and insider risk management to protect critical IP. Partner with IT and Operations to ensure resilience in the event of cyber incidents or infrastructure outages. Coordinate penetration testing, red team exercises, and More ❯

negotiation of flow-down terms for non complex agreements with minimal supervision. Responsible for on-going supplier performance and supplier relationship management throughout the contract lifetime, including inputs to risk register and risk mitigation strategies. Support input into corporate and functional business continuity and disaster recovery plan. Implement legislative and international standards within the supply base. Support More ❯

the either the Vitality Bournemouth or London office. Full time, 35 hours per week. We are happy to discuss flexible working! Top 3 skills needed for this role: IT risk & compliance expertise – strong knowledge of controls and regulatory frameworks Capacity planning & performance monitoring – forecasting, optimisation, and tool usage Stakeholder communication – translating technical risks and influencing decisions What this role … is all about: As our IT Capacity and Risk Manager, you’ll play a pivotal role in ensuring our technology environment remains robust, compliant, and future-ready. Lead cross-team efforts to embed risk management and capacity planning, advancing IT operations and strategic goals with excellence and compliance.This is a high-impact role where you’ll translate complex … activities across infrastructure and applications Forecast resource needs based on business growth and usage trends Ensure systems meet SLAs without over-provisioning Identify performance bottlenecks and underutilised resources Governance & Risk Management Design and assess IT controls (e.g., access, change, application, general IT controls) Conduct gap analyses against different frameworks such as ISO 27001 Maintain and enhance the IT risk More ❯

ensuring a comprehensive purchase review is carried out by the team to ensure cost-effective and value add purchase on technological equipment, software, contracts and systems. Maintain the IT Risk Register, reporting to the Board any internal information security issues and incidents providing solutions and recommendations to resolution. Support the Board in the management of Group Risk on all IT related matters and report on risk levels and mitigation monthly. Skills & experience Extensive experience in IT, ideally have experience of operating at strategic level and reporting up to Board level Worked in a complex IT environment which is solution focussed Experience of leading large complex IT projects in a fast-paced environment Strong leadership and … written communication skills including the ability to explain technical concepts and technologies to senior leaders including non-technical members of staff Good understanding of data privacy (GDPR) governance and risk management activities and how this influences IT and business operations Excellent understanding of the Microsoft eco-system, particularly M365, D365 F&O, Power Suite & Fabric Proven experience with Data More ❯

staff members. We care for approximately 1.5 million people annually, including over 200,000 emergency cases. Leeds Teaching Hospitals is committed to our process of redeploying 'at risk' members of our existing workforce to new roles. As such, all our job adverts are subject to this policy and we reserve the right to close, delay or remove adverts while … jobholder will be responsible for the design and creation of robotic process automation (RPA) solutions and for the integration of these into, and between, existing systems. Providing cost-effective, risk-controlled, robust, reliable, responsive and secure automation solutions, this role will support clinical and corporate transformation needs to assist the organisation in delivering its strategy. The jobholder will be … Ensure the RPA processes meet the required performance standards. Ensure that unplanned variation in service delivery (activity, income, expenditure, capacity, performance) is identified and appropriate, timely action taken. 10. Risk Management and Governance Work collaboratively with colleagues to ensure that effective governance arrangements and performance management systems are in place. Work collaboratively with colleagues to ensure that all risks More ❯

IT Risk and Policy (GRC) Analyst Permanent - Up to £38k + strong benefits Location: Hybrid - Leatherhead Your new company A leading construction and development company in Surrey is currently looking for an IT Risk and Policy (GRC) Analyst to come in and support the existing IT Risk & Policy Manager with the day-to-day tasks involved with … role is full-time, with a hybrid working pattern, usually around 2/3 days a week in the office. Your new role You will be supporting the IT Risk & Policy Manager across a broad variety of work, with the ability to gain a lot of different experience across multiple areas. The Analyst is responsible for managing IT risks … and governance aspects, with a focus on standards and regulations, whilst ensuring collaboration across the business to ensure strong IT practices are put in place. Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. More ❯

IT Risk and Policy (GRC) Analyst Permanent - Up to 38k + strong benefits Location: Hybrid - Leatherhead Your new company A leading construction and development company in Surrey is currently looking for an IT Risk and Policy (GRC) Analyst to come in and support the existing IT Risk & Policy Manager with the day-to-day tasks involved with … role is full-time, with a hybrid working pattern, usually around 2/3 days a week in the office. Your new role You will be supporting the IT Risk & Policy Manager across a broad variety of work, with the ability to gain a lot of different experience across multiple areas. The Analyst is responsible for managing IT risks … and governance aspects, with a focus on standards and regulations, whilst ensuring collaboration across the business to ensure strong IT practices are put in place. Ensuring that all IT risk and IT audit actions are highlighted, monitored, and escalated where appropriate. Maintaining the suite of IT policies and procedures. Providing support to the Privacy Team in ensuring GDPR compliance. More ❯

organisations navigate complex business challenges with confidence. With a strong presence in the UK, we partner with companies across industries to deliver best-in-class advisory services in accounting, risk, cyber security, technology, and business transformation. We pride ourselves on combining technical expertise with a practical, hands-on approach, helping our clients strengthen resilience, meet regulatory requirements, and stay … ahead in an increasingly digital and risk-driven landscape. Technical and Domain Experience: Conduct cybersecurity maturity and risk assessment and for clients. Practical experience implementing security controls, in areas such as MDR, IAM, Network Security, Cloud Deployments. Advise clients on cybersecurity strategy, metrics and reporting for various levels of stakeholders, including Audit Committees and Board of Directors. Build … risk management practices for clients, including policies, procedures, Risk Register, etc. Previous experience as a systems administrator, systems engineer, or security analyst. Understanding of operating system hardening principles, network design principles, and systems security. Guide clients in establishing cybersecurity policies, standards, and procedures. Manage cybersecurity training & awareness services for clients from design to implementation. Understanding of security More ❯