threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in … riskassessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP/IP, and core network security principles. Proficiency in scripting and programming (i.e., Python) to More ❯
five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber RiskAssessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯
St. Albans, Hertfordshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber RiskAssessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber RiskAssessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Deloitte LLP
five shared values lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The Technical Cyber RiskAssessment Manager will be responsible for the following: Develop an understanding of Deloitte's global line of business and its priorities, becoming an advocate for addressing cyber risk. … Demonstrate familiarity with the Three Lines of Defense (3LOD) model. Possess knowledge of risk management practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security … reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest More ❯
hands on testing of Security controls. The Specialist applies their expertise to recommend corrective actions, improvements to security controls and runs lessons learned forums. You will also conduct regular risk assessments and maintain risk register in RSA Archer. The company operate a hybrid work policy and therefore you must be willing to commit to 2 days per week … security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Hands on testing of Security controls Conduct regular risk assessments and maintain risk register in RSA Archer. Represent security on audits and assessments, ensuring compliance with internal and external requirements. Identify assess and prioritize security risk … and provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and More ❯
City of London, Greater London, UK Hybrid / WFH Options
Spencer Rose
hands on testing of Security controls. The Specialist applies their expertise to recommend corrective actions, improvements to security controls and runs lessons learned forums. You will also conduct regular risk assessments and maintain risk register in RSA Archer. The company operate a hybrid work policy and therefore you must be willing to commit to 2 days per week … security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Hands on testing of Security controls Conduct regular risk assessments and maintain risk register in RSA Archer. Represent security on audits and assessments, ensuring compliance with internal and external requirements. Identify assess and prioritize security risk … and provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and More ❯
This program plays a central role in the bank's digital transformation. The team operates in an Agile setup, offering a collaborative and forward-thinking environment. The role combines riskassessment, advisory, and data governance with a focus on privacy and regulatory compliance. Function description Riskassessment & governance Conduct Data Protection Impact Assessments (DPIAs) in various … data analytics, data governance, BI, reporting) Languages Dutch: fluent English: fluent French: optional Experience First professional experience in a similar role, or strong interest in data privacy, data quality, risk management or digital ethics Good development skills (technical or analytical background preferred) Soft skills Team player and proactive mindset Strong analytical and synthesis skills Excellent communication and stakeholder management More ❯
a company that simplifies and enhances financial opportunities using state-of-the-art technology. About the Position Interactive Brokers (U.K.) Limited, based in central London, is looking for a RiskAssessment Analyst to join our New Accounts department. We seek applicants with a keen attention to detail to join our Enhanced Due Diligence process. If you have experience … public domain searches for negative information about applicants and associated entities. Provide advice on issues and escalations to other New Accounts Teams to address difficult applications and independently recommend risk-based decisions to AML. Responsible for timely escalations of suspected financial crime to AML; Work closely with other New Account Teams and AML to review and evaluate all financial … concentration in Finance, Law, Accounting, or Information Systems, etc. Minimum of 2 years' experience and familiarity, preferably gained in brokerage or corporate banking environment, with onboarding or reviewing high-risk client relationships and carrying out EDD. Excellent written and oral communication skills in English. Strong research, investigatory, and problem-solving skills. Ability to make risk-based recommendations and More ❯
City of London, London, United Kingdom Hybrid / WFH Options
IPS Group
Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and riskassessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. Stakeholder Engagement Coordinate workshops and sessions … operational leads. Monitor implementation progress and support a smooth transition into standard business processes. Training & Culture Develop and deliver resilience-focused training across various teams. Promote best practices in risk and continuity planning. Embed a culture of awareness, accountability, and continuous improvement. What We’re Looking For: A degree in Risk Management, Cyber Security, Information Technology, or a … resilience, cybersecurity, or regulatory roles. Solid understanding of UK and EU regulatory frameworks, with hands-on experience relating to DORA. Demonstrable experience conducting regulatory gap analyses, resilience testing, and risk assessments. Strong organisational skills and the ability to manage competing priorities in a deadline-driven environment. Excellent interpersonal and stakeholder management skills, particularly in regulated settings. Desirable Attributes: Relevant More ❯
Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and riskassessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. Stakeholder Engagement Coordinate workshops and sessions … operational leads. Monitor implementation progress and support a smooth transition into standard business processes. Training & Culture Develop and deliver resilience-focused training across various teams. Promote best practices in risk and continuity planning. Embed a culture of awareness, accountability, and continuous improvement. What We’re Looking For: A degree in Risk Management, Cyber Security, Information Technology, or a … resilience, cybersecurity, or regulatory roles. Solid understanding of UK and EU regulatory frameworks, with hands-on experience relating to DORA. Demonstrable experience conducting regulatory gap analyses, resilience testing, and risk assessments. Strong organisational skills and the ability to manage competing priorities in a deadline-driven environment. Excellent interpersonal and stakeholder management skills, particularly in regulated settings. Desirable Attributes: Relevant More ❯
City of London, London, England, United Kingdom Hybrid / WFH Options
IPS Group
Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and riskassessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. Stakeholder Engagement Coordinate workshops and sessions … operational leads. Monitor implementation progress and support a smooth transition into standard business processes. Training & Culture Develop and deliver resilience-focused training across various teams. Promote best practices in risk and continuity planning. Embed a culture of awareness, accountability, and continuous improvement. What We’re Looking For: A degree in Risk Management, Cyber Security, Information Technology, or a … resilience, cybersecurity, or regulatory roles. Solid understanding of UK and EU regulatory frameworks, with hands-on experience relating to DORA. Demonstrable experience conducting regulatory gap analyses, resilience testing, and risk assessments. Strong organisational skills and the ability to manage competing priorities in a deadline-driven environment. Excellent interpersonal and stakeholder management skills, particularly in regulated settings. Desirable Attributes: Relevant More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
Ohio Society of CPAs
Job Description: Job Title Information Technology (IT) Auditor - Investment Banking Location Birmingham Corporate Title Assistant Vice President The Group Audit (GA) function takes a proactive, risk-based and independent approach to assist the Bank's business and infrastructure functions to identify key control weaknesses. You will be joining the global GA Investment Banking Application & Innovation Technology team reporting into … the effectiveness of internal IT controls supporting Innovation and Investment Banking areas including Fixed Income & Currencies, Electronic Trading, Origination and Advisory in accordance with GA methodology and the established riskassessment framework Conduct technology assessments, continuous monitoring and complete all work assignments on a timely basis - including planned audits, finding validations, and ad-hoc projects Prepare, coordinate and … and audit management, facilitate tracking and closure validation of findings Stay abreast of business/industry changes and their effect on the team's audit plan, GA methodology and risk assessments Pro-actively develop and maintain professional working relationships with colleagues, the business and respective support areas. Contribute to departmental projects and initiatives Your skills and experience Experience in More ❯
Amherst, Massachusetts, United States Hybrid / WFH Options
University of Massachusetts Amherst
capabilities that enable the full lifecycle management of UMass Amherst account identities, credentials, and entitlements according to security, privacy, and compliance requirements. This position will perform security analysis and riskassessment and improve security by setting policies and standards. This position requires deep knowledge in Governance, Risk, and Compliance (GRC), solid understanding of data security, academic business … the university. Prepares and delivers training material independently or via third party training partners. Interfaces with, and responds to, internal and state auditor's requests as needed. Performs security risk assessments/audits in accordance with established security policies and procedures. Researches, recommends, and promotes IT security policies and guidelines which focus on protecting confidentiality, integrity, and availability of More ❯
Easter Howgate, Midlothian, United Kingdom Hybrid / WFH Options
Leonardo UK Ltd
This is an exciting opportunity to be part of significant programmes, during which you will ensure that products meet the highest standards, in accordance with customer's requirements and risk appetite. You will be supported in this role as part of a larger team of consultants, engineers and product domain specialists. Your work at Leonardo UK will see you … and detailed system and security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security riskassessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects More ❯
Yeovil, Somerset, United Kingdom Hybrid / WFH Options
Leonardo UK Ltd
of a significant programme, during which you will ensure that the product and associated deliverables are as secure as reasonably practicable, and in accordance with customer's requirements and risk appetite. You will be supported in this role as part of a larger consulting team, engineers and product domain specialists. Your work at Leonardo UK will see you take … and detailed system and security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security riskassessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with More ❯
This is an exciting opportunity to be part of significant programmes, during which you will ensure that products meet the highest standards, in accordance with customer's requirements and risk appetite. You will be supported in this role as part of a larger team of consultants, engineers and product domain specialists. Your work at Leonardo UK will see you … and detailed system and security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security riskassessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects More ❯
City of London, London, United Kingdom Hybrid / WFH Options
WNTD
Job Title: Risk Analyst - Application RiskAssessment Location: London Wall, London (Hybrid - 3 days onsite per week) Start Date: ASAP Contract Duration: Until End of Year (Potential Extension) Inside IR35 About the Role Our client is seeking an experienced Risk Analyst - Application RiskAssessment to join their global Information Security team. In this key … business and IT stakeholders, and recommending mitigation strategies-especially for applications processing classified or secret data . You'll be working closely with global teams, including IS, IT, and Risk Management, and will act as a champion for application security risk across the organization. Key Responsibilities Conduct Application Risk Assessments (ISARA) in line with global security standards … and frameworks Serve as the liaison between IS, IT, and business stakeholders to identify and assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO 31000) to rate risks and update internal risk registers Propose, document, and More ❯
Job Title: Risk Analyst - Application RiskAssessment Location: London Wall, London (Hybrid - 3 days onsite per week) Start Date: ASAP Contract Duration: Until End of Year (Potential Extension) Inside IR35 About the Role Our client is seeking an experienced Risk Analyst - Application RiskAssessment to join their global Information Security team. In this key … business and IT stakeholders, and recommending mitigation strategies-especially for applications processing classified or secret data . You'll be working closely with global teams, including IS, IT, and Risk Management, and will act as a champion for application security risk across the organization. Key Responsibilities Conduct Application Risk Assessments (ISARA) in line with global security standards … and frameworks Serve as the liaison between IS, IT, and business stakeholders to identify and assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO 31000) to rate risks and update internal risk registers Propose, document, and More ❯
Watford, Hertfordshire, United Kingdom Hybrid / WFH Options
Essential Employment
Senior Cybersecurity Risk Analyst (Remote) needed, £28.49ph PAYE - Reference: RQ Role Overview We are looking for a highly skilled and technically proficient Senior Cybersecurity Risk Analyst to join our team on an interim basis. This role is critical in identifying, assessing, and managing information security risks across the organization. The ideal candidate will have a strong technical background … the ability to translate threats into business risks, and experience working in fast-paced environments. Key Responsibilities - Conduct in-depth security risk assessments across systems, applications, and infrastructure. - Identify and evaluate technical and operational risks, vulnerabilities, and control gaps. - Translate complex technical threats into clear, actionable business risks. - Maintain and update the Cybersecurity Risk Register. - Produce detailed riskassessment reports and present findings to stakeholders. - Collaborate with IT, SOC, and business units to ensure risks are understood and mitigated. - Provide technical escalation support in the absence of a cybersecurity specialist, particularly in coordination with the Security Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of More ❯
We are seeking an experienced Business Analyst with a strong background in Financial Crime , Compliance , and Anti-Money Laundering (AML) to support a high-impact programme focused on client risk exits and customer offboarding. The ideal candidate will bring a deep understanding of financial crime risk typologies and regulatory expectations, along with excellent analytical and documentation skills. Key … the design and implementation of an intelligence-led client exit process across Corporate, Investment, and Private Banking units. Gather, document, and validate business and functional requirements for exiting high-risk clients based on internal intelligence or external regulatory/legal obligations. Analyse client profiles, transaction behaviours, and financial crime intelligence to support decision-making and escalation processes. Collaborate with … Financial Crime Investigations, Client RiskAssessment, and Legal teams to ensure compliance with due process in offboarding. Produce Management Information (MI) and reporting on case volumes, trends, SLAs, and investigation outcomes. Identify control gaps, process inefficiencies, and opportunities for system enhancements; contribute to solution design. Act as a liaison between business, compliance, and technology teams to ensure alignment More ❯
in the organization by ensuring high quality, consistency, and adherence to policies and procedures with a focus on the Compliance Function of Guavapay. This position focuses on providing independent assessment to drive continuous improvement initiatives, and to enhance efficiency, effectiveness, and overall performance of Compliance activities. Through data-driven decision-making, the Quality Control analyst will lead efforts to … to ensure efficient and effective testing. Prepare QC and testing Management Information (MI) reports for DMLRO/MLRO to provide insights and recommendations for enhancements. Support management in performing risk-based assessments, issue reporting and management, preparing board reports, and providing compliance oversight and challenges on self-assessment reviews. Conduct self-assessment reviews on internal AML and … reports and presenting findings to senior management. Strong communication skills, both written and verbal, with the ability to effectively collaborate and provide guidance to cross-functional teams. Familiarity with riskassessment methodologies and issue management reporting is a plus. Ability to adapt to changing regulatory requirements and stay up-to-date with industry best practices. Benefits: 25 days More ❯
into customer behaviour and preferences, allowing for personalized product recommendations. Marketing Campaigns: Use AI to target customers with tailored marketing campaigns based on their transaction history and preferences. 5. Risk Management RiskAssessment: AI can analyze market trends and economic indicators to provide early warnings about potential risks. Compliance Monitoring: Automate compliance checks and monitoring to ensure … adherence to regulations and reduce the risk of non-compliance penalties. 6. Operational Efficiency Process Automation: Use robotic process automation (RPA) to handle repetitive tasks such as data entry, account reconciliation, and report generation. Workflow Optimization: AI can optimize workflows by identifying bottlenecks and suggesting improvements. Implementation Strategy Assessment: Evaluate the current state of digital banking operations and More ❯
Birmingham, West Midlands, West Midlands (County), United Kingdom Hybrid / WFH Options
Michael Page
specialist advice and recommend approaches across teams and various stakeholders communicate widely with other stakeholders, agencies and National Technical Authorities Advise on important security-related technologies and assess the risk associated with proposed changes Inspire and influence others to execute security principles Help review other people's work Recommend a security riskassessment approach and vulnerability analyses … Collaborative and inclusive ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, riskassessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security More ❯
and cost-effective for our customers. About the role As a Senior Onboarding Analyst at Equals Group, you will be responsible for conducting Enhanced Due Diligence (EDD) on high-risk clients and performing detailed onboarding reviews You will play a pivotal role in assessing potential risks, ensuring compliance with AML regulations and the firm's risk appetite Working … individual interviews for shortlisted candidates and assess who is best suited for the role after we have discussed everything with you. Responsibilities Conduct Enhanced Due Diligence (EDD) on high-risk customers to assess potential risks and compliance requirements Perform detailed customer reviews, including verification of corporate structures and Ultimate Beneficial Owners (UBOs) Verify and validate the accuracy of customer … policies, AML, KYC, and other regulatory requirements Support the implementation of process improvements to enhance the efficiency and effectiveness of the onboarding function Mentor and support onboarding analysts in risk assessments and reviews Essential Skills Strong analytical and problem-solving skills, with the ability to conduct detailed risk assessments and identify potential risks In-depth knowledge of KYC More ❯