Senior Cyber & Technology Risk Analyst
Location: London
Contract Type: 12-Month Contract
Salary: £600-£700 per day (via Umbrella)
About the Organisation
A leading energy-focused organisation operating across the UK and Europe is seeking to strengthen its security and risk capability. The business plays a critical role in supporting the energy transition, with diverse operations spanning conventional power, emerging technologies, and large-scale infrastructure projects.
The organisation brings together expertise in engineering, operations, trading, and technology to deliver secure, flexible, and resilient energy solutions.
The Role
Are you an experienced cyber or technology risk professional looking for a high-impact position within a fast-evolving operational environment?
This role sits within a central cyber security and risk function, supporting a wide stakeholder base across the UK and Europe. Based in London, with occasional travel to other operational sites, you will help shape and mature the organisation's security governance, risk management practices, and compliance frameworks.
You will work across both IT and OT domains, with specific focus on human risk management, supply chain security, policy development, and integration of risk processes into wider business operations.
Key Responsibilities
Lead and deliver cyber and technology risk assessment outputs across the organisation's risk management framework.
Consolidate risk findings into group-level and strategic reporting.
Implement and enhance risk toolkit methodologies across the supply chain risk management lifecycle (onboarding and aftercare).
Lead initiatives to align supply chain risk maturity with NIST Cyber Supply Chain Risk Management (C-SCRM) principles.
Deliver improvements in personnel security controls following National Protective Security Authority (NPSA) guidance.
Produce risk outputs linking security tools with user-level behaviours (e.g., DLP, social engineering indicators, high-risk activity).
Analyse and interpret threat intelligence to support security policies and governance updates.
Contribute to the education, awareness, and training programme, including delivering stakeholder briefings.
Review metrics to strengthen phishing resilience and behavioural security controls.
Provide risk consultancy across new business initiatives, development projects, and technology change.
Work closely with suppliers and partners to ensure alignment with internal security and supply chain governance standards.
What We're Looking For
Essential Experience & Skills
Strong experience in cyber and technology risk assessments, especially in supply chain risk.
Proven experience managing risk governance across multiple technology domains at enterprise level.
Familiarity with risk tools aligned to the NCSC Cyber Assessment Framework (CAF) and secure-by-design practices.
Experience improving controls relating to human risk factors.
Strong background in developing cyber security policies, guidance, and awareness content.
Excellent communication skills with the ability to convert technical data into clear stakeholder-specific reporting.
Advanced Microsoft Office capability (Word, Excel, PowerPoint, Teams, Outlook).
Desirable
Professional certifications such as CISM, SANS GICSP, ISO27001 Implementor/Auditor, or cloud provider security certifications.
HND/Degree-level education.
Experience within high-assurance environments and familiarity with NIS regulations.
The Person
Self-managing and able to operate confidently within defined strategic objectives.
Collaborative and considerate, with a strong understanding of the people-process-technology balance.
Adaptable to changing business needs and comfortable with evolving working methods.
Strong organisational skills with the ability to manage multiple workstreams simultaneously.
Curious, proactive, and eager to share knowledge and drive continuous improvement.
Why Join?
This organisation is known for rapid decision-making, forward-thinking strategy, and a strong commitment to supporting the energy transition. You'll be joining a team where your expertise will directly influence operational resilience and long-term security strategy.
A competitive daily rate, professional development opportunities, and a supportive working environment form part of the overall offering.
Ready to Apply?
If you're looking for a rewarding and progressive opportunity within a dynamic environment, we'd love to hear from you.
Rullion celebrates and supports diversity and is committed to ensuring equal opportunities for both employees and applicants.
TPBN1_UKTJ