We're seeking an experienced Cyber Risk & Assurance Lead to support digital product teams in a highly regulated environment. This role focuses on practical cyber risk discovery, proportionate assurance, and informed decision-making, embedded directly into delivery.
Responsibilities
* Lead cyber risk discovery across digital products (data flows, endpoints, pipelines, integrations)
* Identify gaps in security controls, data handling, and architecture documentation
* Assess risks relating to PII, sensitive data, endpoints, and third-party dependencies
* Embed cyber requirements early in design and delivery
* Validate implementation of agreed security controls
* Provide cyber assurance input to Architecture Reviews, HLDs, and ADRs
* Own cyber risk assessments, residual risk statements, and assurance artefacts
* Present clear risk options and recommendations to senior stakeholders
* Act as a trusted cyber partner to product, engineering, architecture, and compliance teams
* Drive continuous improvement in cyber assurance processes
* Strong background in cyber security, risk management, or security assurance
* Understanding of modern architectures (cloud, APIs, data pipelines)
* Experience working with PII and regulated data
* Ability to review and challenge architectural designs
* Excellent communication and stakeholder management skills
* Experience in aviation, critical infrastructure, or regulated industries
* Familiarity with GDPR, NIS, and enterprise cyber governance
* Background in security architecture or engineering
#J-18808-Ljbffr