Overview:
Our client is currently seeking an experienced Security Risk Analyst to join their team on a contract basis through the end of the year. This role sits inside IR35 and will require three days per week onsite at their Central London office. You ll play a key role in assessing and managing information security risks across the business and IT landscape.
Key Responsibilities:
Conduct risk assessments across both IT and business units, ensuring compliance with internal security policies and relevant regulatory frameworks (eg, ISO 27001, NIST, FCA ).
Collaborate with key stakeholders to gather and analyze technical security data for accurate risk evaluation and remediation.
Work closely with Vulnerability Assessment & Penetration Testing (VAPT), Threat Intelligence, and Incident Response teams to understand technical risks and validate that appropriate controls are in place.
Contribute to the ongoing improvement of Governance, Risk, and Compliance (GRC) practices by incorporating findings from technical assessments and adapting to emerging threat landscapes.
Prepare clear and concise documentation and reporting for senior leadership, audit committees, and regulatory authorities.
Support internal and external audit activities by providing required risk assessments, compliance documentation, and evidence.
Key Skills & Experience:
Proven experience in cybersecurity risk analysis or information security governance .
Strong knowledge of information security frameworks and regulatory standards, particularly ISO 27001, NIST, and FCA requirements.
Experience working collaboratively with technical security teams (eg, VAPT, Threat Intel, IR).
Understanding of risk management principles and GRC practices.
Excellent communication skills, with the ability to convey technical risk to both technical and non-technical audiences.
Experience supporting audit and compliance efforts.
TPBN1_UKTJ