About the Role
Our client is currently seeking an experienced cyber risk professional to lead and mature our cyber risk management capability. This role plays a critical part in assessing, managing, and communicating cyber risks across the organisation, supporting leadership decision‑making and ensuring alignment with regulatory, legislative, and business requirements.
You will act as a subject matter expert on cyber risk, working closely with technical and non‑technical stakeholders to embed effective risk management practices across systems, architecture, and procurement activities.
Key Responsibilities
* Lead cyber security risk assessments for complex and high‑impact scenarios, applying sound risk management principles and methodologies.
* Maintain and continuously improve the corporate cyber risk register, ensuring risks are clearly articulated, prioritised, and tracked.
* Monitor compliance with applicable regulatory and legislative requirements related to cyber security and risk management.
* Support the design, implementation, and ongoing effectiveness of security controls, recommending improvements where necessary.
* Conduct comprehensive analyses of complex security requirements and deliver clear, actionable cyber risk assessment outcomes.
* Provide guidance on cyber security governance arrangements and risk treatment strategies.
* Shape leadership decision‑making through high‑quality reporting on security process effectiveness and risk posture.
* Embed cyber risk management practices into business activities including system development, security architecture, and procurement processes.
* Apply standardised control frameworks (such as ISO 27001/27002), while recognising their strengths, limitations, and practical business impact.
* Advise on the balance between security controls, user experience, and business needs.
* Proactively gather, analyse, and interpret threat intelligence to understand the evolving threat landscape and strengthen organisational resilience.
Skills & Experience
* Proven experience delivering cyber security risk assessments in complex environments.
* Strong understanding of risk management principles, governance, and compliance obligations.
* Hands‑on experience with recognised security control frameworks (e.g., ISO 27001/27002).
* Ability to communicate complex cyber risk concepts clearly to senior leaders and non‑technical stakeholders.
* Experience influencing decision‑making through structured analysis and effective reporting.
* Strong analytical mindset with the ability to assess emerging threats and their business impact.
* Collaborative approach, with experience embedding risk practices into broader business processes.
#J-18808-Ljbffr