birkenhead, north west england, united kingdom Hybrid / WFH Options
S&W
Job Description What will you be doing? S&W Group is looking for an experienced Information Security Risk Professional with expertise in security compliance and assurance, ISO 27001 implementation, PMO (project management office), risk assessments, supply chain and working on other governance, risk and compliance projects within a team. You’ll be highly motivated, pro-active and … Chain Analyst, you’ll verify that third parties meet the minimum-security requirements to protect our organisation from a supply chain related attack or incident. You’ll apply relevant risk mitigations and deal with multiple stakeholders to ensure end to end treatment is applied. You’ll also be part of our PMO and governance and compliance processes and will … the business remains compliant to regulatory frameworks and good practice standards. This role works within the Information Security Team and collaborates with other teams such as Privacy, Legal, Group Risk, Infrastructure, SecOps and Procurement, providing you with great opportunities for stakeholder engagement – it’s a great time to join us at S&W. This role is a permanent position More ❯
old swan, north west england, united kingdom Hybrid / WFH Options
S&W
Job Description What will you be doing? S&W Group is looking for an experienced Information Security Risk Professional with expertise in security compliance and assurance, ISO 27001 implementation, PMO (project management office), risk assessments, supply chain and working on other governance, risk and compliance projects within a team. You’ll be highly motivated, pro-active and … Chain Analyst, you’ll verify that third parties meet the minimum-security requirements to protect our organisation from a supply chain related attack or incident. You’ll apply relevant risk mitigations and deal with multiple stakeholders to ensure end to end treatment is applied. You’ll also be part of our PMO and governance and compliance processes and will … the business remains compliant to regulatory frameworks and good practice standards. This role works within the Information Security Team and collaborates with other teams such as Privacy, Legal, Group Risk, Infrastructure, SecOps and Procurement, providing you with great opportunities for stakeholder engagement – it’s a great time to join us at S&W. This role is a permanent position More ❯
warrington, cheshire, north west england, united kingdom Hybrid / WFH Options
S&W
Job Description What will you be doing? S&W Group is looking for an experienced Information Security Risk Professional with expertise in security compliance and assurance, ISO 27001 implementation, PMO (project management office), risk assessments, supply chain and working on other governance, risk and compliance projects within a team. You’ll be highly motivated, pro-active and … Chain Analyst, you’ll verify that third parties meet the minimum-security requirements to protect our organisation from a supply chain related attack or incident. You’ll apply relevant risk mitigations and deal with multiple stakeholders to ensure end to end treatment is applied. You’ll also be part of our PMO and governance and compliance processes and will … the business remains compliant to regulatory frameworks and good practice standards. This role works within the Information Security Team and collaborates with other teams such as Privacy, Legal, Group Risk, Infrastructure, SecOps and Procurement, providing you with great opportunities for stakeholder engagement – it’s a great time to join us at S&W. This role is a permanent position More ❯
providing strategic guidance on delivery timelines and client priorities. Expert Advisory & Consulting Post-Adaptation Strategy: Deliver high-level consulting and advice on post-adaptation strategies, helping clients transition from riskassessment to actionable, long-term resilience plans. Regulatory Guidance: Serve as an expert on emerging sustainability regulations, including TCFD, CSRD, and IFRS S2, guiding clients through compliance related … to physical risk. Physical RiskAssessment: Oversee or conduct high-level physical risk assessments, scenario modeling, and vulnerability analysis for clients. Product Co-Development Product Input: Leverage deep client needs and market expertise to co-develop the next generation of our SaaS product. Translating Expertise: Translate client challenges and emerging market needs into clear, functional requirements for More ❯
Cambridge, England, United Kingdom Hybrid / WFH Options
Hays
About the role As a Risk Manager, you will be taking a lead on cybersecurity and third-party cyber risk management, risk quantification and post-incident reviews. You will be translating insights into action and helping to drive data-driven, and risk informed decisions. You will be playing a critical role in embedding and operating within … the ServiceNow IRM tool, contributing to the development and embedding of a new risk management framework. Tell me more, tell me more... Our client is currently looking for a new recruit in joining their Team, please read on! You can also ask our friendly recruitment team any questions you may have about the role, between 09.00am till 17.00pm Monday … to Friday. Shifts: Monday to Friday (37.5 hours) Must Haves: ServiceNow IRM experience Previously worked in a technical, large-scale environment such as semiconductors. Hands on experience with riskassessment methodologies. Deep knowledge of security technologies and control frameworks such as ISO 27001, NIST CSF and NIST SP800-53. Strong stakeholder management skills Proven ability to embed frameworks More ❯
cambridge, east anglia, united kingdom Hybrid / WFH Options
Hays
About the role As a Risk Manager, you will be taking a lead on cybersecurity and third-party cyber risk management, risk quantification and post-incident reviews. You will be translating insights into action and helping to drive data-driven, and risk informed decisions. You will be playing a critical role in embedding and operating within … the ServiceNow IRM tool, contributing to the development and embedding of a new risk management framework. Tell me more, tell me more... Our client is currently looking for a new recruit in joining their Team, please read on! You can also ask our friendly recruitment team any questions you may have about the role, between 09.00am till 17.00pm Monday … to Friday. Shifts: Monday to Friday (37.5 hours) Must Haves: ServiceNow IRM experience Previously worked in a technical, large-scale environment such as semiconductors. Hands on experience with riskassessment methodologies. Deep knowledge of security technologies and control frameworks such as ISO 27001, NIST CSF and NIST SP800-53. Strong stakeholder management skills Proven ability to embed frameworks More ❯
Nottingham, England, United Kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
Bristol, England, United Kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
ilkeston, midlands, united kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
Nailsea, England, United Kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
long eaton, midlands, united kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
portishead, south west england, united kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
nailsea, south west england, united kingdom Hybrid / WFH Options
Capital One UK
Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire Risk Remediation Assessor About the Role Capital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency. What you’ll do: Support kick-off, planning and scoping activities for cyber-focused More ❯
Bath, England, United Kingdom Hybrid / WFH Options
None
Trent House (95002), United Kingdom, Nottingham, NottinghamshireRisk Remediation AssessorAbout the RoleCapital One has a team of Information Security specialists who not only focus on security, but are relationship experts, riskassessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR) program defines the framework and … internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry … requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency.What you’ll do:Support kick-off, planning and scoping activities for cyber-focused riskMore ❯
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Summer-Browning Associates Ltd
supporting our Central Government client who are seeking a Cyber Security Advisor on an initial 8 contract Service Location: Glasgow (Hybrid) Essential Skills Experience of cyber security analysis and assessment, including threat identification, riskassessment, evaluation of technical controls, and assessment against industry standards Experience of engaging, advising and influencing at all levels of an organisation More ❯
paisley, central scotland, united kingdom Hybrid / WFH Options
Summer-Browning Associates Ltd
supporting our Central Government client who are seeking a Cyber Security Advisor on an initial 8 contract Service Location: Glasgow (Hybrid) Essential Skills Experience of cyber security analysis and assessment, including threat identification, riskassessment, evaluation of technical controls, and assessment against industry standards Experience of engaging, advising and influencing at all levels of an organisation More ❯
milton, central scotland, united kingdom Hybrid / WFH Options
Summer-Browning Associates Ltd
supporting our Central Government client who are seeking a Cyber Security Advisor on an initial 8 contract Service Location: Glasgow (Hybrid) Essential Skills Experience of cyber security analysis and assessment, including threat identification, riskassessment, evaluation of technical controls, and assessment against industry standards Experience of engaging, advising and influencing at all levels of an organisation More ❯
Responsibilities Clearance Operational Support: Oversee and execute the screening, onboarding, review and data transfer requests fulfillment across all businesses within Citi as defined in rules provided by Independent Compliance Risk Management (ICRM). Discuss, implement and operationalize new country privacy and regulatory changes impacting the cross-border transfer process as advised by Country ICRM. Quality Assurance: Perform regular reviews … Contribute to Data Enablement Process: Provide support and guidance to the business in the execution of the transformational data enablement process to streamline, standardize and simplify global program related riskassessment questionnaires by driving efficiency through organizing questions into logical groups and reducing redundancies. Target State Process Model Implementation: Support the design and implementation of the target state … operational model for the Data Transfers Office, contributing to projects and initiatives to drive consistency and reduce risk in DTO processes. Team Collaboration: Lead, mentor, and train a high-performing team responsible for execution, coordination, and control adherence, fostering accountability, excellence and continuous improvement. Process Implementation & Enhancements: Assist in the implementation of a scalable and efficient operating model aligned More ❯
Hereford, Herefordshire, England, United Kingdom Hybrid / WFH Options
QA
About SPS: Special Projects and Services Limited (SPS) is a UK-based security and risk management company founded in 1991. Operating globally, SPS provides crisis response, riskassessment, medical operations support, and project management in high-risk or complex environments. Known for its expertise in global assistance and specialist security operations, SPS was acquired by Concentric … in 2025, strengthening its position as a trusted provider of integrated risk and crisis management solutions. Overview: You will support the delivery of IT services across the UK business, assisting with technical support, device management, and ongoing tech ops projects. This role provides structured, hands-on training in IT systems administration, cyber security, and compliance, contributing to the smooth More ❯
of over 140 across London, Toronto, New York and Singapore. We have achieved scale by building the best-in class surveillance tooling, where our analytics bring the front office risk mindset to the compliance function. Though we have developed in the trade surveillance arena, we have always been more than that. At heart, we are a finance focused big … s leading financial markets analytics platform. The Role We are seeking a Head of Information Security to join our team in London and lead our cybersecurity strategy and manage risk across our corporate estate. You can expect to work closely with our Engineering and Infrastructure teams to effect change through our organisation, as well as customer facing teams such … the development, implementation, and continuous improvement of information security practices across all teams Manage regular pentests by external consultants and coordinate with internal resources to remediate issues Information security riskassessment of third party service providers Offer guidance, direction and approval on security solutions and approaches Advocate for secure engineering best practices throughout the company Manage the standards More ❯
Camberley, Surrey, South East, United Kingdom Hybrid / WFH Options
Morson Edge
of our clients Product Security Engineering teams, supporting the delivery and through-life management of secure submarine systems and products. As a key focal point for security and information risk, you'll apply deep technical expertise to ensure that solutions are designed, delivered, and supported securely, safely, and in compliance with contractual and regulatory requirements. You'll provide subject … policies, and best practices across major defence programmes. Key Responsibilities Provide expert advice on Product Security to engineering and project teams. Analyse system architectures to identify threats, vulnerabilities, and risk mitigation strategies. Develop and manage Product Security analysis using recognised riskassessment techniques. Contribute to the development of Product Security strategies, policies, and guidance. Recommend and present … programmes and provide technical leadership to junior engineers. Support incident management and contribute to key project documentation including RMADS, Security Strategies, and accreditation evidence. Key Deliverables & Accountabilities Delivery of Risk Management Accreditation Document Sets (RMADS) and associated security documentation. Ensuring compliance with contractual and regulatory security requirements. Providing specialist input to verification, qualification, and design review processes. Contribution to More ❯
financial services is essential. Experience designing Target Operating Models or strategic business blueprints at programme or enterprise level (not just project level). Deep understanding of the Compliance and Risk landscape, including: Policy and control frameworks Riskassessment and monitoring Investigations, sanctions, and anti-financial crime The Three Lines of Defence model Strong knowledge of business architecture … deliverable for the next stage of programme execution. Act as a trusted advisor during implementation, ensuring designs are translated into practical, scalable solutions. Support stakeholder engagement across senior compliance, risk, and technology leaders, ensuring buy-in for the proposed operating model. Designing the Target State Business Architecture for EMEA, including capability maps, operating models, and value streams. Collaborating with … Technology, Data Architects, Compliance, and Risk SMEs to develop a holistic design that aligns with business strategy. Recommending a comprehensive roadmap to implement the Target State, balancing business outcomes, costs, and risks. Supporting project teams to ensure alignment with the Target State Business Architecture. Leading best practises in business design and process engineering to enhance operational efficiency. Your Key More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Adecco
financial services is essential. Experience designing Target Operating Models or strategic business blueprints at programme or enterprise level (not just project level). Deep understanding of the Compliance and Risk landscape, including: Policy and control frameworks Riskassessment and monitoring Investigations, sanctions, and anti-financial crime The Three Lines of Defence model Strong knowledge of business architecture … deliverable for the next stage of programme execution. Act as a trusted advisor during implementation, ensuring designs are translated into practical, scalable solutions. Support stakeholder engagement across senior compliance, risk, and technology leaders, ensuring buy-in for the proposed operating model. Designing the Target State Business Architecture for EMEA, including capability maps, operating models, and value streams. Collaborating with … Technology, Data Architects, Compliance, and Risk SMEs to develop a holistic design that aligns with business strategy. Recommending a comprehensive roadmap to implement the Target State, balancing business outcomes, costs, and risks. Supporting project teams to ensure alignment with the Target State Business Architecture. Leading best practises in business design and process engineering to enhance operational efficiency. Your Key More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
Stott and May
company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, riskassessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data poisoning, model … AWS, GCP, Azure), container security, and zero-trust networks. Harden DevSecOps pipelines to ensure secure software delivery. Collaborate with engineering teams to integrate security by design into products. Compliance & Risk Management Ensure regulatory compliance with GDPR, SOC2, ISO, PCI-DSS, and crypto-specific frameworks. Lead risk assessments for third-party vendors and service providers. Work with legal and More ❯
Central London, London, United Kingdom Hybrid / WFH Options
Police Digital Services
schedules and contracts Organising the various professional people and suppliers working on the project to ensure alignment with project plans and timely delivery of their respective inputs Carrying out riskassessment and dealing with/mitigating risks at an appropriate level, escalating where necessary Making sure the quality standards agreed to by Project Boards are met Using project … Programme Manager and senior stakeholders on progress What you need to succeed in the role Significant experience in project management - especially in scope, performance, cost control, delivery, scheduling, resourcing, risk management and demand management. Significant experience of financial control, reporting and monitoring - relating to in-scope project(s) delivery. Proven experience in the delivery of highly technical solutions into More ❯