Cyber and IT Risk Analyst Location: Hybrid (c. 3–4 times per month in the Staines area) Type: Full-time, Permanent Salary: £62,000 – £79,000 per annum Benefits Foundations Executive Search is proud to be partnering with one of the UK’s most prestigious and recognised brands to support the appointment of a Cyber and IT Risk Analyst. This is a fantastic opportunity for an analytical, detail-driven cyber risk professional to join a nationally critical organisation undergoing significant digital transformation. You'll be supporting enterprise-wide cyber risk decision-making at scale—helping to shape and mature security practices across a complex operational environment. The Opportunity As a Cyber and IT Risk Analyst, you will play a vital role in supporting the enterprise security team to assess, manage, and remediate cyber and IT risks. Working closely with a wide range of stakeholders, you’ll ensure that cyber risk is measured, tracked, and embedded within broader technology and business decision-making frameworks. You’ll leverage risk methodologies such as NIST and ISO 27005 to deliver detailed qualitative and quantitative analysis, supporting effective security prioritisation and investment decisions. Key Responsibilities Perform detailed cyber and IT risk analysis using recognised frameworks (e.g. NIST, ISO27005) Collaborate pragmatically with technical and business stakeholders to undertake cyber risk assessments and influence control decisions Act as a subject matter expert and trusted advisor on cyber and IT risk management Communicate risk findings clearly, tailoring insights for both technical and non-technical audiences Manage, maintain, and report on the organisation’s Risk Log using platforms such as SureCloud and RiskLedger Support the remediation of identified risks, aligned to the organisation’s cyber risk appetite and strategic objectives Contribute to the ongoing delivery and implementation of the broader Cyber Strategy Assist Cyber Assurance Leads with risk tracking, documentation, and reporting activities About You You’ll be a proactive, structured, and collaborative professional who brings strong analytical skills and the ability to work comfortably across complex technology environments. You’ll have the confidence to engage a variety of stakeholders, from technical experts to senior management, and the attention to detail required for effective risk governance. Essential Experience and Skills Demonstrable experience applying at least two recognised cyber and/or IT risk methodologies (e.g., NIST, ISO27005, FAIR, OCTAVE) Experience managing cyber risk in complex, geographically distributed organisations Strong documentation skills with the ability to manage and track detailed risk registers Excellent communication skills with the ability to present complex technical issues in a clear and approachable way Calm and methodical approach, able to prioritise effectively under pressure Desirable Experience Experience working in safety-critical, aviation, or critical infrastructure environments Experience with risk management platforms such as SureCloud and RiskLedger Working towards or holding relevant certifications such as CompTIA Security, CEH, SSCP, or equivalent Why Apply? This is an exciting chance to build your career in cyber risk within one of the UK's most prestigious and highly respected organisations. With the opportunity to work across a wide range of strategic projects, and strong support for career development, this role offers excellent professional growth and long-term impact