1 to 25 of 336 Risk Assessment Jobs

LEAD IT RISK & CONTROL WHAT IS THE OPPORTUNITY? "The Lead IT Risk Controls Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of security assessment by the Lead ITRC Security Analyst includes third party security and … overall security program effectiveness in mitigating risk. The ITRC Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external … cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk appetite. The Lead ITRC serves as an expert area of specialization. This role is a working lead that provides functional More ❯

must. • Interact with members of the technical team to understand the current system, subsystems, and component specifications. • Responsible for understanding entire projects or processes spanning multiple technical areas. • Support risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. • Support and assist in documentation production using various software tools … formatting and style throughout documentation. • Participate in the development, facilitation, and coordination of system documentation such as: System Engineering Plans; Initial Capabilities Documents; Requirements Specifications; and Interface Control Documentation; Assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems. • Effectively communicates with the customer and internal team members across multiple areas. • Assist with the … scans for each system and work with vendor and technical leads to bring findings into remediation; Document detailed Plans of Actions and Milestones (POAMs) for all open findings. • Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. • Employing SE approach for systems planning design, execution, and sustainment. More ❯

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and … be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be beneficial Experience More ❯

Security Risk Analyst 6-month contract London/Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and … be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed , and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be More ❯

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and … be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed)), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be More ❯

Cyber Security Supply Chain Analyst Location: Remote Contract: Inside IR35 Day rate: Up to £700 per day Duration: 6 Months Start date: ASAP Key skills: Supply Chain, Risk Management, TPRM process, NCSC CAF framework We have an opportunity with one of the UK's biggest Retailers who have a network of branches nationwide. MI & Data Automation Analyst, you will … and wider business functions responsible for facilitating supplier onboarding, operational management and offboarding activities, to review, establish and drive adoption of a revised target operating model for supplier security risk management. The goal is to ensure that the Client has a robust and continually managed enterprise-wide supplier cyber risk assessment process to reduce exposure to potential … compromise of security, compliance or operational integrity of its supply chain. Principal accountabilities: - Key point of contact and subject matter expertise for third-party risk guidance - Oversee the review of target supply chain risk assessment processes, establishing agreed recommendations and operating model in accordance with the National Cyber Security Centre Cyber Assessment Framework principles - Product and More ❯

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this … and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO … and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001/ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in More ❯

NAT CAT Risk - Modelling & Analytics Lead Hybrid As Nat CAT Risk Modelling and Analytics Lead you will be responsible for leading our NAT CAT modelling and analytics team with the CAT Risk function, reporting directly into the AVP for CAT Risk and Capital. You will lead in the areas of complex pricing support, portfolio analysis and … industry leading expertise within our Enterprise Cat function.You will have a thorough understanding of the Lloyd’s market and hold specialist qualifications such as the Certified Specialist in Catastrophe Risk (CSCR), Certified Catastrophe Risk Management Professional (CCRMP), or a CAT modelling designation from a leading third-party vendor, such as Verisk’s Certified Extreme Event Modeler (CEEM). … and verbal communication skills allow you to consult on complex projects and present confidently at all levels of seniority. What Will You Do? Provide complex pricing support to optimize risk assessment and pricing strategies. Conduct portfolio risk reward analysis to influence CAT underwriting strategy Lead model validation efforts and play an leading role in CAT View of More ❯

Risk and Assurance Analyst | Hybrid working | Permanent | Up to £42,000 | Annual Bonus Cherry Professional are pleased to be working with their public sector client to support the recruitment of a Risk and Assurance Analyst to join their dedicated team. Responsibilities: Implement and maintain effective risk management activities Develop and implement qualitative and quantitative risk assessment processes Conduct risk workshops to identify, assess, and document risks Provide risk management support to project and programme managers Maintain and oversee RAIIDD reporting and escalation processes. Lead formal and informal assurance reviews of projects and programmes Review and assure project documentation Oversee compliance with external programme governance and assurance processes Support and challenge project managers to … ensure best practices in planning, risk management , and project delivery assurance Ideal Candidate: Educated to Degree level or with equivalent experience Professional qualification in Risk Management , Assurance, or Programme/Project Management (e.g., APM Risk Certificate, MoR, MSP, PRINCE2). Degree in a relevant field (e.g., Risk Management , Business, Project Management, Engineering) or equivalent experience. Proven More ❯

contributor in ensuring safe submarines by design. You will engage with a wide range of engineering stakeholders across our programmes to develop and embed fire safety requirements, conduct fire risk assessments and reduce risks from fire hazards. Responsibilities Taking a lead role in fire risk assessment activities Developing, producing and maintaining fire safety process documentation Producing and … reviewing fire and explosion safety strategies and risk assessments Engaging with engineering stakeholders to develop and implement fire safety requirements Production and review of safety case documentation (relevant to fire safety) Providing support to regulatory compliance Chairing fire and explosion safety workshops and working groups Proven Ability/Key Skills Fire risk assessment proven ability gained from … construction environment Knowledge of working in a fire safety engineering environment and applying various fire safety guidance including Defence Standards, ADB, BS 9999 and relevant NFPA standards. Application of risk based approaches to fire safety engineering Safety case development proven ability Fire hazard identification and analysis Fire risk assessment production and review Fire strategies Safety case authoring More ❯

Compliance Function is to assist senior management to effectively manage designated risks, and to support the business by being an expert trusted advisor, overseeing a robust, integrated, and effective risk control framework. Compliance has a remit to develop, implement, oversee, and report on a compliance-risk control framework, working closely with the Payments Risk Committee and Payments … Board. The compliance-risk control framework includes financial crime compliance and regulatory compliance. Financial crime focus is on Anti-Money Laundering (AML), Counter Terrorist Financing (CTF), Sanctions & Anti-Bribery and Corruption (ABC), and on the associated Know Your Customer (KYC) and Know Your Customer’s Business (KYC/B) & Counterparty Due Diligence (CDD) obligations; including primarily but not limited … regimes of the company with a focus on Client and Network Partner Diligence. Key Responsibilities Primary areas of responsibility include: Facilitating client & partner (supplier) diligence; on-boarding and relationship risk management processes, particularly in collection and analysis of due diligence for counterparty verification (i.e., KYC/CDD). Conducting and/or overseeing compliance reviews and audits including KYC More ❯

Compliance Function is to assist senior management to effectively manage designated risks, and to support the business by being an expert trusted advisor, overseeing a robust, integrated, and effective risk control framework. Compliance has a remit to develop, implement, oversee, and report on a compliance-risk control framework, working closely with the Payments Risk Committee and Payments … Board. The compliance-risk control framework includes financial crime compliance and regulatory compliance. Financial crime focus is on Anti-Money Laundering (AML), Counter Terrorist Financing (CTF), Sanctions & Anti-Bribery and Corruption (ABC), and on the associated Know Your Customer (KYC) and Know Your Customer’s Business (KYC/B) & Counterparty Due Diligence (CDD) obligations; including primarily but not limited … regimes of the company with a focus on Client and Network Partner Diligence. Key Responsibilities Primary areas of responsibility include: Facilitating client & partner (supplier) diligence; on-boarding and relationship risk management processes, particularly in collection and analysis of due diligence for counterparty verification (i.e., KYC/CDD). Conducting and/or overseeing compliance reviews and audits including KYC More ❯

Compliance Function is to assist senior management to effectively manage designated risks, and to support the business by being an expert trusted advisor, overseeing a robust, integrated, and effective risk control framework. Compliance has a remit to develop, implement, oversee, and report on a compliance-risk control framework, working closely with the Payments Risk Committee and Payments … Board. The compliance-risk control framework includes financial crime compliance and regulatory compliance. Financial crime focus is on Anti-Money Laundering (AML), Counter Terrorist Financing (CTF), Sanctions & Anti-Bribery and Corruption (ABC), and on the associated Know Your Customer (KYC) and Know Your Customer’s Business (KYC/B) & Counterparty Due Diligence (CDD) obligations; including primarily but not limited … regimes of the company with a focus on Client and Network Partner Diligence. Key Responsibilities Primary areas of responsibility include: Facilitating client & partner (supplier) diligence; on-boarding and relationship risk management processes, particularly in collection and analysis of due diligence for counterparty verification (i.e., KYC/CDD). Conducting and/or overseeing compliance reviews and audits including KYC More ❯

Compliance Function is to assist senior management to effectively manage designated risks, and to support the business by being an expert trusted advisor, overseeing a robust, integrated, and effective risk control framework. Compliance has a remit to develop, implement, oversee, and report on a compliance-risk control framework, working closely with the Payments Risk Committee and Payments … Board. The compliance-risk control framework includes financial crime compliance and regulatory compliance. Financial crime focus is on Anti-Money Laundering (AML), Counter Terrorist Financing (CTF), Sanctions & Anti-Bribery and Corruption (ABC), and on the associated Know Your Customer (KYC) and Know Your Customer’s Business (KYC/B) & Counterparty Due Diligence (CDD) obligations; including primarily but not limited … regimes of the company with a focus on Client and Network Partner Diligence. Key Responsibilities Primary areas of responsibility include: Facilitating client & partner (supplier) diligence; on-boarding and relationship risk management processes, particularly in collection and analysis of due diligence for counterparty verification (i.e., KYC/CDD). Conducting and/or overseeing compliance reviews and audits including KYC More ❯

Compliance Function is to assist senior management to effectively manage designated risks, and to support the business by being an expert trusted advisor, overseeing a robust, integrated, and effective risk control framework. Compliance has a remit to develop, implement, oversee, and report on a compliance-risk control framework, working closely with the Payments Risk Committee and Payments … Board. The compliance-risk control framework includes financial crime compliance and regulatory compliance. Financial crime focus is on Anti-Money Laundering (AML), Counter Terrorist Financing (CTF), Sanctions & Anti-Bribery and Corruption (ABC), and on the associated Know Your Customer (KYC) and Know Your Customer’s Business (KYC/B) & Counterparty Due Diligence (CDD) obligations; including primarily but not limited … regimes of the company with a focus on Client and Network Partner Diligence. Key Responsibilities Primary areas of responsibility include: Facilitating client & partner (supplier) diligence; on-boarding and relationship risk management processes, particularly in collection and analysis of due diligence for counterparty verification (i.e., KYC/CDD). Conducting and/or overseeing compliance reviews and audits including KYC More ❯

and vulnerability management for the company's network assets including firewalls, switches, IoT devices which includes physical security systems, cameras, UPS devices, HVAC and lighting controls. Key Responsibilities: Cybersecurity Assessment: Conduct security assessments and vulnerability assessments on IT/OT systems to identify potential weaknesses and threats. Incident Response: Develop and implement incident response plans specific to OT environments … for the OT environment, aligned with industry standards and regulatory requirements. Security Monitoring: Implement real-time monitoring solutions to detect anomalies and unauthorized access in OT networks and systems. Risk Assessment: Perform risk assessments and develop risk mitigation strategies for OT assets and processes. Compliance: Ensure compliance with relevant industry standards and regulations, such as NERC … and awareness programs for OT/IT staff to promote cybersecurity best practices. Vendor Management: Review/Monitor/Audit Vendors to confirm they follow Unitil standards which includes: Risk Assessment and Compliance. Periodically evaluate vendor for renew or offboarding. Asset Management: Develop and maintain a comprehensive asset inventory for network and IoT devices. Firmware and Lifecycle Management More ❯

bid, labor category, and skill level is at the discretion of the Contractor. INTRODUCTION: The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise and … and wireless networks, cloud-based computing, network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR … Yes The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking More ❯

The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise and mission systems, IT systems and networks, mobile and wireless networks, cloud-based computing, network … management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR; Yes • The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. • The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being More ❯

to inquiries with internal and external organizations/agencies, and tracking test capability completion. Will also assist with writing test plans, test reports, and help guide Mission Based Cyber Risk Assessment (MBCRA) through execution. Required Skills: Due to the sensitivity of customer related requirements, U.S. Citizenship is required. Bachelor's Degree in Computer Science, Information Systems or related … and Special Access Program (SAP) eligible. The TS security clearance must have been completed within the past 5 years. Minimum of three years of experience conducting cybersecurity test or assessment, consisting of MBCRA, Cybersecurity Table Top analysis, Cyber Vulnerability Identification (CVI), Cooperative Vulnerability and Penetration Assessment (CVPA), or Adversarial Assessment (AA) or 5 years' experience in Highly … Adaptive Cybersecurity Services, which are High Value Asset Assessment, Risk and Vulnerability Assessment, Cyber Threat Hunt, Incident Response and Penetration Testing, in a DoD or government acquisition system. DoD 8140 Baseline Level 2 Information Assurance Technical (IAT) Certification is required. Knowledge and previous experience with cybersecurity; information assurance; full spectrum cyberspace operations; air operations centers; expeditionary communications More ❯

organization culture Monitoring and assessing the effectiveness of compliance programs Keeping pace with and understanding the impact of complex, changing regulatory environments on organizations' business models and processes Developing risk strategies and frameworks for compliance and regulatory risks Leveraging analytics and data to optimize compliance risk assessments and compliance monitoring What you will do: As a Gartner analyst … Compliance & Ethics Officer, CEO, and Board of Directors). Knowledge of and experience with the chief compliance officer role, the obligations and requirements of compliance & ethics programs, and compliance risk management (risk assessment processes, key stakeholders involved, etc.) in general. Familiarity and experience with compliance program management systems and tools for regulatory tracking, policy management, risk assessment, and reporting. Effective verbal and written communication skills; ability to adjust style to different audiences. Executive presence; can immediately establish credibility with executives and additional stakeholders. Ability to navigate and thrive in a highly matrixed work environment Willingness to offer flexible working hours within reason to serve Gartner's global client base Ability to travel on occasion More ❯

Genesis10 is seeking a Senior Risk Business Analyst for a contract position with a mortgage loan corporation located in McLean, VA. This position is remote for the contract and upon conversion requires being onsite 5 days per week. This position can pay up to $54.00 per hour depending on experience Summary: Looking for an eager go-getter who is … with transferable skills in analyzing risks and controls and coming up with results. Has a good sense of project management and will communicate escalations to management as needed. Direct risk management experience is preferred, but demonstrable transferable skills may be acceptable. Supplier Risk Management (SRM) Assessor Job Description: Analyze and assess risks (including technology, privacy security, resiliency, and … other operational risks) that the organization and suppliers (vendors) may face Evaluate and analyze supplier controls, identify, and document risk findings based on that evaluation Recommend action plans/remediation to decrease risk factors Gather confidential financial information from client such as income, assets, and debts Able to handle private, sensitive, confidential information appropriately Make risk-avoiding More ❯

an accurate view of the vulnerabilities in its asset estate and follows an agreed methodology for prioritising and remediating vulnerabilities. Work closely with colleagues performing related penetration testing and risk assessment activities, providing accurate and timely technical information regarding assets and the status of vulnerabilities. Prepare and deliver regular, high-quality management reporting regarding the asset estate and … proven experience in a vulnerability management role Strong understanding of operational technology concepts and differences between IT and OT environments Strong understanding of attacker TTPs Strong understanding of security risk assessment and risk management concepts and approaches Ability to work with less technical colleagues and be able to convey technical information in a way that all can More ❯

an accurate view of the vulnerabilities in its asset estate and follows an agreed methodology for prioritising and remediating vulnerabilities. Work closely with colleagues performing related penetration testing and risk assessment activities, providing accurate and timely technical information regarding assets and the status of vulnerabilities. Prepare and deliver regular, high-quality management reporting regarding the asset estate and … proven experience in a vulnerability management role Strong understanding of operational technology concepts and differences between IT and OT environments Strong understanding of attacker TTPs Strong understanding of security risk assessment and risk management concepts and approaches Ability to work with less technical colleagues and be able to convey technical information in a way that all can More ❯

Blu Omega is seeking a detail-oriented and experienced Security Control Assessor (SCA) to perform comprehensive security and privacy control assessments of IT systems in alignment with the NIST Risk Management Framework (RMF). The successful candidate will bring hands-on expertise in evaluating security postures, identifying risks, and ensuring compliance with federal policies and frameworks. This is an … excellent opportunity for professionals passionate about cybersecurity and risk management, looking to support critical national security initiatives. Key Responsibilities: Conduct independent security control assessments following NIST SP 800-37 and 800-53 standards, ensuring thorough evaluation of technical, operational, and managerial controls. Review and analyze security documentation such as Security Supplement Plans (SSPs), Plans of Action & Milestones (POA&Ms … compliance gaps, and security risks; develop and recommend effective mitigation strategies. Assess the impact of system updates, network changes, or technology upgrades on overall security posture, providing guidance on risk implications. Participate actively in governance and risk review boards, offering expert advice on security concerns and compliance issues. Collaborate with system owners, engineers, and stakeholders to verify the More ❯

champions for product responsible for security operations, architecture, and related functions. Establish and maintain strong communication channels, facilitate knowledge sharing, and drive team collaboration to achieve common security goals. Risk Assessment and Compliance: Conduct regular risk assessments and audits to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective … identity and access management, encryption, and secure coding practices. Demonstrated ability to effectively manage remote offshore teams, fostering collaboration, communication, and achieving shared security objectives. In-depth understanding of risk assessment methodologies, compliance requirements, and privacy regulations. Excellent leadership and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization. Strong analytical More ❯