1 to 25 of 225 Risk Assessment Jobs in the UK excluding London

Cyber Risk Assessment Analyst Up to £62,000 + bonus South Wales/Hybrid Permanent I'm looking for a cyber risk assessment specialist to identify and assess cyber risks across our client's IT and OT environments. The successful candidate will also be recommending mitigation strategies to strengthen cyber resilience and meet regulatory requirements. The … ideal candidate will possess extensive experience in cyber risk assessment alongside strong experience translating technical risk and control issues into business language. The role requires eligibility for SC clearance and visa sponsorship cannot be offered. What You'll Be Doing: Conducting structured cyber risk assessments across IT and OT systems Gathering technical and business data to … inform risk analysis Using tools and frameworks to identify, assess, and prioritise risks Collaborating with stakeholders to assign risk levels and remediation priorities Evaluating the effectiveness of existing security controls Recommending mitigation strategies and validating security measures Maintaining accurate records of assessments and mitigation actions Reporting risk trends and recommendations Managing the risk acceptance process and More ❯

Cyber Risk Assessment Analyst Up to 62,000 + bonus South Wales/Hybrid Permanent I'm looking for a cyber risk assessment specialist to identify and assess cyber risks across our client's IT and OT environments. The successful candidate will also be recommending mitigation strategies to strengthen cyber resilience and meet regulatory requirements. The … ideal candidate will possess extensive experience in cyber risk assessment alongside strong experience translating technical risk and control issues into business language. The role requires eligibility for SC clearance and visa sponsorship cannot be offered. What You'll Be Doing: Conducting structured cyber risk assessments across IT and OT systems Gathering technical and business data to … inform risk analysis Using tools and frameworks to identify, assess, and prioritise risks Collaborating with stakeholders to assign risk levels and remediation priorities Evaluating the effectiveness of existing security controls Recommending mitigation strategies and validating security measures Maintaining accurate records of assessments and mitigation actions Reporting risk trends and recommendations Managing the risk acceptance process and More ❯

Chief Operating Office of Markets, responsible for the design and implementation of Markets wide frameworks and practices that are integral and fundamental to the franchise's Operational and Compliance Risk Management. The Governance & Control group covers: 1) Control Framework; 2) Governance of Legal Vehicles and Products; 3) Regulatory Compliance; 4) Strategy and Transformation. As part of the Control Framework … group leads the oversight of the MCA Framework to ensure that best practices are employed across Markets and assist management in the monitoring and management of operational and compliance risk for the franchise. The MCA Framework group is a centralized team specializing in: designing and implementing standard solutions to meet policy and regulatory requirements and provide management with the … modified processes to review through the appropriate governance routines and launch with adequate controls which can be monitored and reported. Collaborates with Markets stakeholders and 2nd Line of Defense Risk Stripe SMEs in the documentation and drafting of process flows, risks-controls to show compliance with internal policies and laws, rules and regulations. Provides a comprehensive view of front More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group's Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations. You will Drive … and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units. Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security … papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story. Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams. Ensure that significant risks are identified, mitigated and effectively More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber Risk Assessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯

IT Risk Specialist - 5 days onsite in Farnborough - SC cleared preferred - £60-65k base plus benefits Our client who specialises in defence and national security is seeking a dedicated Risk Specialist to join their IT business. If you do not currently hold an SC clearance you will need to have resided in the UK for the last … years with no more than 1 month out of the country at a time. In this role, you will be responsible for creating and implementing a comprehensive risk management process. Your mission will be to develop robust risk management policies, establish effective ways of working, and drive training initiatives across the organisation. You will play a pivotal role … in safeguarding their IT operations by identifying, assessing, and mitigating risks in a rapidly evolving technological environment. Key Responsibilities: Risk Management Framework: Design and implement a comprehensive risk management framework tailored to their operations. This includes developing risk assessment methodologies, defining key risk indicators, and establishing reporting mechanisms. Policy Development: Draft, refine, and enforce risk More ❯

MCS Group is seeking a Cyber Security Third Party Risk Management Lead to join their client, a thriving and well-established organisation with headquarters in Dublin. This position is a 12 month Fixed Term Contract into permanency as is standard in the organisation. With multiple projects in the pipeline and a growing team, this is a fantastic opportunity for … an experienced Risk Management professional to join a successful team in a newly created position. The Third-Party Risk Management (TPRM) Lead will be responsible for designing, implementing, and overseeing a robust third-party risk management programme. This role ensures that all external vendors, suppliers, and partners align with the organisation's security, compliance, and operational risk … across procurement, legal, IT, the cyber team, and other business units, the TPRM Lead will assess, monitor, and mitigate third-party risks. This position is part of a growing risk management function, playing a key role in safeguarding the organisation against external threats. The successful candidate will be afforded public sector benefits - increased holidays, fantastic pension and unmatched job More ❯

Overview At Solus, we believe that strong governance and a proactive approach to risk are essential to delivering excellence. As a Risk & Compliance Analyst, you'll play a key role in shaping how we manage risk, uphold compliance, and embed a culture of accountability across the business. This is a fantastic opportunity to grow your career in … a supportive, forward-thinking environment where your voice will be heard. Responsibilities Risk Management Promote risk awareness and help colleagues integrate risk thinking into everyday activities. Maintain the Risk Register and Risk Universe, ensuring risks are clearly owned, mitigated, and monitored. Facilitate risk evaluation meetings, control assessments, and action planning. Work with Risk & Control Owners to improve internal controls and ensure risks remain within tolerance. Log and manage risk events and issues, escalating and resolving them in a timely manner. Support project and IT change initiatives with risk oversight. Contribute to the annual Risk Survey, Company Risk Assessment, and resilience planning. Compliance & Governance Oversee company policies and More ❯

Overview At Solus, we believe that strong governance and a proactive approach to risk are essential to delivering excellence. As a Risk & Compliance Analyst, you'll play a key role in shaping how we manage risk, uphold compliance, and embed a culture of accountability across the business. This is a fantastic opportunity to grow your career in … a supportive, forward-thinking environment where your voice will be heard. Responsibilities Risk Management Promote risk awareness and help colleagues integrate risk thinking into everyday activities. Maintain the Risk Register and Risk Universe, ensuring risks are clearly owned, mitigated, and monitored. Facilitate risk evaluation meetings, control assessments, and action planning. Work with Risk & Control Owners to improve internal controls and ensure risks remain within tolerance. Log and manage risk events and issues, escalating and resolving them in a timely manner. Support project and IT change initiatives with risk oversight. Contribute to the annual Risk Survey, Company Risk Assessment, and resilience planning. Compliance & Governance Oversee company policies and More ❯

of commonplace infosec standards and frameworks. The role requires eligibility for SC clearance and visa sponsorship cannot be offered. What You'll Be Doing: * Leading a team of cyber risk and compliance professionals * Defining and enhancing cyber risk assessment strategies and procedures * Conducting risk assessments and evaluating control effectiveness * Maintaining and updating security policies and the … cyber risk register * Investigating and responding to policy breaches * Recommending and supporting the implementation of mitigation strategies * Ensuring compliance with industry standards and regulations * Reporting risk findings and actions to the Risk Management Manager * Supporting incident response planning with risk insights * Continuously improving risk assessment methodologies What I'm Looking For: * GRC leadership experience … Strong understanding of security frameworks (e.g., NIST, ISO 27001). * Proven experience completing internal and external cyber risk assessments * CNI experience would be very useful What's in it for you: * Up to £78,000 plus bonus * 25 days leave plus bank holidays * Good pension scheme Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and More ❯

of commonplace infosec standards and frameworks. The role requires eligibility for SC clearance and visa sponsorship cannot be offered. What You'll Be Doing: Leading a team of cyber risk and compliance professionals Defining and enhancing cyber risk assessment strategies and procedures Conducting risk assessments and evaluating control effectiveness Maintaining and updating security policies and the … cyber risk register Investigating and responding to policy breaches Recommending and supporting the implementation of mitigation strategies Ensuring compliance with industry standards and regulations Reporting risk findings and actions to the Risk Management Manager Supporting incident response planning with risk insights Continuously improving risk assessment methodologies What I'm Looking For: GRC leadership experience … Strong understanding of security frameworks (e.g., NIST, ISO 27001). Proven experience completing internal and external cyber risk assessments CNI experience would be very useful What's in it for you: Up to 78,000 plus bonus 25 days leave plus bank holidays Good pension scheme Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and More ❯

and patch management, Email and Web Filtering, anti-malware, and hardening of operating systems and applications7. Recognises decisions that have implications beyond their level of responsibility, experience or delegated risk tolerance and escalates them accordingly.8. Fully engage and contribute to delivery of projects, change and continuous improvements by providing specialist information security advice.9. Provides constructive and timely expert advice … levels, KPI's and standards within security operations.21. Monitor, report, present or escalate issues as appropriate to the Cyber Security Operations Team Lead Delivery Management 22. Carry out Information Risk Assessments and produce comprehensive Risk Assessment Documentation in accordance with the National Cyber Security Centre best practice.23. Acts as an SME and recognised point of contact for … services, information, infrastructure, cloud and managed service architectures Has a real interest in information security and ensures they keep up-to-date with the latest Security news Knowledge of risk management techniques and the application of a risk based approach to managing security Has a sufficiently broad understanding of risk management to be able to effectively set More ❯

days per week in the central Edinburgh office Open on daily rate Outside IR35 Be-IT are working with a global consultancy business who are seeking a Cyber Security Risk Manager on an initial 3-month contract with potential extensions. In this role you’ll – Develop and implement a comprehensive cyber security risk management program to identify, assess … and prioritise cyber threats and vulnerabilities. Conduct regular risk assessments and vulnerability assessments. Provide guidance to project teams to integrate risk management practices into the project life cycle. Collaborate with internal and external partners to enhance the organization's cyber resilience and incident response capabilities. You should have the following skills and experiences – Advanced certifications (CRISC, CISM, CISSP … are highly desirable. Proven experience in a cyber security risk management role, strong understanding of risk assessment methodologies. Experience with ServiceNow GRC is a plus. In-depth knowledge of cyber security principles, frameworks and best practices. Experience with risk assessment tools and methodologies. Familiarity with relevant regulations and compliance standards (ISO 27001, SOC2, NIST, GDPR More ❯

Description Drive Risk Awareness. Strengthen Supply Chain Security. We're looking for an experienced Information Security Risk Management Specialist to help safeguard WTW's global operations by identifying and managing information security risks across our supply chain . In this key role, you'll be responsible for developing and implementing risk management strategies, performing in-depth supplier … security assessments , and ensuring compliance with industry standards, regulatory requirements, and internal WTW policies . You'll play a critical part in enhancing our third-party risk posture by working closely with internal teams and external partners to assess vulnerabilities, mitigate threats, and embed security best practices throughout the supply chain. If you have a strong background in information … security, risk management, and a passion for making businesses more resilient-we'd love to hear from you. The Role This role will support the ongoing operations of WTW Technology and Cyber Risk and Controls & Regulatory engagement function in: Evaluate supplier information security practices, policies and systems or risk exposure. Enhance risk assessment methodologies for More ❯

Description Drive Risk Awareness. Strengthen Supply Chain Security. We're looking for an experienced Information Security Risk Management Specialist to help safeguard WTW's global operations by identifying and managing information security risks across our supply chain . In this key role, you'll be responsible for developing and implementing risk management strategies, performing in-depth supplier … security assessments , and ensuring compliance with industry standards, regulatory requirements, and internal WTW policies . You'll play a critical part in enhancing our third-party risk posture by working closely with internal teams and external partners to assess vulnerabilities, mitigate threats, and embed security best practices throughout the supply chain. If you have a strong background in information … security, risk management, and a passion for making businesses more resilient-we'd love to hear from you. The Role This role will support the ongoing operations of WTW Technology and Cyber Risk and Controls & Regulatory engagement function in: Evaluate supplier information security practices, policies and systems or risk exposure. Enhance risk assessment methodologies for More ❯

We use data to help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it? Reporting to the Senior Governance, Risk & Compliance Officer, the Information Security Officer will assist in strengthening the organisation's security posture within a large, complex, and fast-paced environment. This role supports the development and … implementation of GRC policies, risk management frameworks, and control processes to ensure the confidentiality, integrity, and availability of Keyloop's information assets. The Information Security Officer will work cross-functionally with stakeholders across diverse teams and departments to embed strong information security practices throughout the business. The role also includes identifying and tracking risks within the supply chain and … supporting the organisation's broader information security governance, risk, and compliance efforts. A critical part of this role is helping to promote a strong risk-aware culture and embedding positive security behaviours across the organisation. Role & Responsibility : The job holder will be responsible for assisting and supporting in a range of activities across the Governance, Risk and More ❯

Risk Analyst (Third Parties) Utilities Hybrid: 2-3 days per week onsite in Wokingham 6 months+ £600 per day In short: We're seeking a Risk Analyst with experience of assessing third parties to join a personnel security function who assesses, approves and then takes someone through security cleared vetting for a large energy company. Being able to … perform risk assessments to a very competent level is essential. You must meet the criteria for SC Clearance for this role. In full: Role Purpose As a Personnel Security Analyst, you'll play an important role in the delivery of personnel security and National Security Vetting across our business. You'll be the first point of contact for applicants … vetting and will liaise with Government departments providing clear communication and information flow throughout the vetting application lifecycle. You will work across all levels of the organisation providing a risk-based approach to personnel security. You'll maintain effective quality control and audit systems, making sure all information is documented and appropriately retained. You'll need an appreciation of More ❯

About the Role: We are seeking an experienced Cyber Risk Management Specialist with a strong background in in evaluating and quantifying potential risks to the organisation's cyber security posture. This role involves assessing vulnerabilities, identifying threats, quantifying business impacts and developing strategies for risk mitigation. Reporting to the Cyber Risk Management Manager this role will ensure … that the business maintains a proactive and effective approach to managing its cyber risks and meeting strict regulatory requirements for risk management. Key Responsibilities: (not limited to) Conduct comprehensive, structured cyber risk assessments to identify potential threats, vulnerabilities and impacts to information and operational systems. Collaborate with colleagues across the business to gather detailed information on applications, systems … and business processes. Employ appropriate tools and methodologies to identify, assess and prioritise cyber risks across the IT and OT estate. Collaborate with stakeholders to assign appropriate risk levels and priorities for remediation. Work closely with internal colleagues and external teams to understand and assess the effectiveness of existing security controls. Provide recommendations for improving security measures and reducing More ❯

related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements. Responsibilities: Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in … relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap Handle varied and complex security challenges, from system reviews to high-level risk assessments Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing Requirements: Experience with ISO 27001 is essential Strong background in cyber security management … Proven experience in identifying and mitigating security risks# Ability to make actionable recommendations for security improvements Experience with GDPR and data protection, together with knowledge of IS standards Security assessment frameworks (threat modelling, controls assessment, risk assessment) Relevant qualifications; CISSP, CISM or similar would be beneficial. Based in Central London, 4 days per week onsite initially More ❯

specialist advice and recommend approaches across teams and various stakeholders communicate widely with other stakeholders, agencies and National Technical Authorities Advise on important security-related technologies and assess the risk associated with proposed changes Inspire and influence others to execute security principles Help review other people's work Recommend a security risk assessment approach and vulnerability analyses … Collaborative and inclusive ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security More ❯