3,375 Cybersecurity Risk jobs in the United Kingdom

Responsibilities
Kroll Cyber and Data Resilience is seeking a Sales Manager, Enterprise Sales, responsible for end-to-end sales of new business opportunities to the largest clients in the region including FTSE 100 companies. The Kroll Cyber and Data Resilience sales team is responsible for selling the suite of expert services including:

• React: Digital Forensics & Incident Response, eDiscovery, Cyber Due Diligence.
• Advise: Cyber Risk Assessments, Compliance Advisory, vCISO, Pentesting, Red Teaming, AI Risk Management.
• Transformation: Technology Implementation, Cloud & Application Security.
• Operate: Managed Detection & Response , Threat Intelligence, Corporate Legal Solutions.

This role involves new business acquisition and the management of existing accounts for enterprise organisations. The successful candidate will sell the Cyber and Data Resilience portfolio from incident response through to transformational services and managed services and will work in conjunction with practitioners and subject matter experts. The role involves the coverage of the full sales lifecycle from the initial lead through to opportunity closure. Leads will be from multiple channels including being self-generated and referrals from various sources.

The right candidate will be an experienced and independent professional who has the ability to own and manage a pipeline of opportunities and leads, working together with practitioners and subject matter experts.

Day-to-day Responsibilities

• Build and develop a qualified pipeline of new Cyber and Data Resilience opportunities.
• Effectively pitch the Cyber and Data Resilience capabilities, services, and value proposition.
• Build or already have a set of existing target buyers (e.g. CISO, CIO).
• Collaborate heavily with cyber practitioners and solution engineering through the full sales cycle.
• Develop and deliver sales presentations, product demonstrations, and proposals.
• Work with internal teams and our clients to reach mutually beneficial business relationships.
• Maintain knowledge of current market conditions.
• Undertake account management of existing and newly acquired clients including selling additional services.
• Participate in lead generation activities, including events and prospecting campaigns.
• Maintain highly responsive and professional communications with clients and prospects.
• Use and other tools to document sales activities.
• Close new sales opportunities and achieve annual quota.

Essential Traits

• Have 10+ years related experience in cyber security and / or services sales.
• Demonstrate consistent over-performance and target achievement.
• Prior experience in selling complex deals to the largest UK commercial organisations.
• Demonstrate exemplary written and oral communication skills.
• Experienced in proposal and contract preparation.
• Excellent relationship building skills with both internal and external stakeholders.
• Must be adaptive, enthusiastic, and have the drive to succeed.
• Must be able to think independently and make sound decisions.
• Must be proficient in , Microsoft Office, and able to learn new sales tools.
• Display ability to communicate effectively particularly with external clients and internal colleagues
• Knowledge of Artificial Intelligence is desirable.

About Kroll
Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients' value? Your journey begins with Kroll.

Kroll is committed to equal opportunity and diversity, and recruits people based on merit.

In order to be considered for a position, you must formally apply via

Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

Primary Details

Time Type: Full timeWorker Type: EmployeeThe purpose of this role is to enhance risk assessment and decision-making processes through the provision of advanced risk modelling analytics. This is achieved through engaging with business stakeholders to define requirements and combining this Accumulation Management expertise and knowledge of data sets.

Senior Cyber Risk Analyst

London/Hybrid

Your new role:

• Utilize cyber modelling tools and software to assess and quantify potential risks associated with cyber events.
• Enhance our early warning systems for emerging cyber threats and their potential portfolio impact
• Be the subject matter expert and serve as a leading resource on cyber accumulations, providing expert guidance and insights to internal teams and external stakeholders.
• Collaborate with Global Cyber team other divisional stakeholders to develop effective risk mitigation strategies and optimize risk management processes.
• Collect, validate, and analyse large datasets related to cyber risks, ensuring data accuracy and reliability.
• Present findings in a clear and concise manner to both technical and non-technical stakeholders, facilitating informed decision-making.
• Ownership of cyber vendor model evaluations and continuously enhance QBE's proprietary view of risk.
• Work closely with cross-functional teams, including Global Cyber team, underwriting, actuarial, and claims, to ensure a holistic understanding of the company's risk landscape.
• Communicate effectively with external stakeholders, including reinsurers and regulatory bodies, to maintain transparency and compliance with industry standards.
• Stay abreast of the latest developments in cyber modelling, risk assessment methodologies, and emerging technologies.
• Propose and implement innovative approaches to enhance the company's ability to manage and mitigate cyber risks.

About you:

• A deep knowledge and understanding of Cyber accumulations and experience with cyber catastrophe models (CyberCube, Moody's RMS, Guidewire).
• Advanced SQL and excel skills. Familiarity with Power BI and Python an advantage.
• Excellent analytical and problem-solving skills, with a keen attention to detail.
• Current knowledge of compliance, regulatory and statutory requirements
• Effective communication skills, both written and verbal, and can navigate conversations with clarity, tact and self-assurance.
• Proven ability to work collaboratively in a team-oriented environment.

Why QBE? At My Best

At QBE, we want our people to feel rewarded and inspired to perform at their best, that's why we have created "At My Best". It's our connection, our way of showing we have your back. We understand that one size doesn't fit all and that priorities can change depending on your life stage. That is why our blend of wellbeing initiatives and benefits offer flexibility to suit what matters most to you. It's in the culture of our business, our QBE DNA, to support our people. Everything we do is underpinned by our QBE DNA.

We're an international insurer that's building momentum towards realising our vision of becoming the most consistent and innovative risk partner. We can never really predict what's around the corner, but at QBE we're asking the right questions to enable a more resilient future – helping those around us build strength and embrace change to their advantage.

QBE aims to build a workplace that is fair and inclusive because we want to attract and retain the best people to do the job, we have adopted flexible working across the company and welcome this conversation (

).

With more than 13,000 people working across 27 countries, we're big enough to make a real impact, but small enough to provide a friendly workplace, where people are down-to-earth, passionate, and kind.

To find out more about why you should work for QBE, visit our

careers website.

At My Best - QBE Benefits

You are more than your work – and QBE is more than a workplace, which is why we provide you with the benefits, support and flexibility to help you concentrate on living your best life personally and professionally.

30 days holiday a year with the option to buy up to 2 additional days.

Flexible working - balancing work and life is important so our flexible working opportunities are open to all, this can include part-time, job share and compressed hours.

Pension – you are automatically enrolled into the QBE pension plan, which entitles you to receive employer contributions of 10% of your basic salary.

Private medical insurance – we fund fully comprehensive private medical cover for you and all the family.

Family friendly policies – we offer 26 weeks leave at full pay regardless of gender identity, sexual orientation or how you become a parent.

Short term remote work abroad - you can request up to 20 days per year to work remotely from certain locations abroad.

Sustainable investing - we believe sustainable integration is important for long term financial, environmental, and social outcomes. Our pension strategy supports our net-zero goal to achieve year-on-year reductions in carbon footprint, by investing more in green businesses than the broader market, so your savings are looking after the planet's future, as well as your own.

Cycle-to-Work – benefit from regular exercise whilst making your commute greener and cheaper, select a bike and/or accessories up to the value of £5,000.

To find out more visit our Reward Page

QBE Awards

Some of the award's QBE are proud to have won, been a finalist for, and shortlisted for include;

AXCO Global Insurance Awards 2024 Winner: Network Management of the Year

Insurance Business UK 5-Star Cyber Awards 2024: QBE rated as a 5-Star Cyber Insurer

UK IT Industry Awards 2023 Winner: Green Technology Innovation of the Year

Working Dads Employer Awards 2023 Winner: Parental Policies Award

Insurance Post British Insurance Awards 2023: QBE rated as a 5-Star Employer

You can view all our awards

here

Inclusion of Diversity

We are striving to create a workplace culture where all our people feel included, and we are committed to building a diverse workforce that is reflective of the communities we operate in. We are proud to have partnerships with organisations such as Stonewall and Working Families, and our commitment to the Women in Finance Charter, the UN Women's Empowerment Principles and Race at Work charter helps keep us accountable and transparent. For more information on our strategy targets please take a look at our

Careers Page

Accessibility

Here at QBE, we are promoting an accessible workplace for all, which includes supporting candidates to perform at their best during their recruitment process. If you require any accommodations, please make your Talent Acquisition contact aware.

ESG & Sustainability

At QBE, we believe that integrating sustainability into our business helps us deliver on our purpose of enabling a more resilient future. Our three key focus areas include fostering an orderly and inclusive transition to a net-zero economy, enabling a sustainable and resilient workforce, and partnering for growth through innovative, sustainable, and impactful solutions. For further information regarding QBE's sustainability targets, including our net-zero pledges and inclusion of diversity targets, and our award-winning impact investment initiative 'Premiums4Good', please visit our

Sustainability homepage

and read our latest Sustainability Report

What next?

If you have a passion to contribute to QBE's vision of enabling a more resilient future for our customers and the community, we encourage you to apply Simply click the "apply" button to submit your CV and other relevant documents, and a member of our friendly Talent Acquisition team will be in contact to discuss your interest further if you meet the requirements of the role.

We believe this is our moment – what if it was yours too?

APPLY NOW and let's make it happen

Skills:

Actuarial Science, Analytical Thinking, Business Planning, Catastrophe Risk Management, Communication, Critical Thinking, Financial Modeling, High Accuracy, Insurance Underwriting, Intentional collaboration, Managing performance, Programming Languages, Reporting and Analysis, Stakeholder Management, Team Development

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.

• Conducting comprehensive cyber risk assessments and vulnerability analyses.
• Developing and implementing advanced cyber risk management strategies and frameworks.
• Monitoring the global threat landscape and providing timely intelligence on emerging cyber risks.
• Designing and refining incident response and business continuity plans.
• Collaborating with IT and security teams to implement effective security controls.
• Performing security audits and penetration testing oversight.
• Developing risk mitigation strategies and recommendations for technical and non-technical audiences.
• Ensuring compliance with relevant data protection regulations (e.g., GDPR, CCPA).
• Educating employees on cybersecurity best practices and awareness training.
• Managing third-party risk assessments for vendors and partners.
• Reporting on cyber risk posture to senior management and key stakeholders.

• A Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. A Master's degree is a plus.
• A minimum of 6 years of experience in cybersecurity, risk management, or a related field, with a specific focus on cyber risk.
• Proven expertise in risk assessment methodologies (e.g., NIST, ISO 27005).
• Strong understanding of cybersecurity principles, technologies, and threat intelligence.
• Experience with security frameworks and compliance regulations within the financial services or insurance sector.
• Excellent analytical and problem-solving skills.
• Superb written and verbal communication skills, with the ability to present complex information clearly.
• Experience with SIEM, vulnerability scanners, and other security tools.
• Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
• Demonstrated ability to work independently and collaboratively in a remote setting.

• Conduct comprehensive cyber risk assessments and vulnerability analyses.
• Develop, implement, and maintain cybersecurity policies, standards, and procedures.
• Monitor the threat landscape and provide timely intelligence to relevant stakeholders.
• Evaluate and recommend security controls to mitigate identified risks.
• Assist in incident response planning and execution.
• Ensure compliance with relevant data privacy regulations and industry best practices.
• Collaborate with IT and business units to integrate security into all aspects of operations.
• Develop and deliver cybersecurity awareness training to employees.
• Manage relationships with third-party security vendors and service providers.
• Contribute to the continuous improvement of the organization's cybersecurity posture.

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum of 5 years of experience in cybersecurity risk management or analysis.
• Strong knowledge of cybersecurity frameworks (NIST, ISO 27001), risk assessment methodologies, and security controls.
• Experience with cloud security (AWS, Azure, GCP) and network security principles.
• Familiarity with data privacy regulations (GDPR, CCPA).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and presentation skills, with the ability to articulate complex technical issues to diverse audiences.
• Relevant certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
• Proven ability to work independently and collaboratively in a remote environment.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in cyber risk management or information security.
• Strong knowledge of risk assessment methodologies and frameworks.
• Experience with security compliance and regulatory requirements.
• Excellent analytical, problem-solving, and communication skills.
• Relevant cybersecurity certifications (CISSP, CISM, CRISC) are a plus.
• Ability to work independently and collaboratively in a remote setting.
• Familiarity with insurance industry standards is beneficial.

• Underwrite new and existing cyber insurance business, assessing risk exposures and pricing appropriately.
• Develop and maintain strong relationships with brokers, clients, and internal stakeholders.
• Conduct thorough analysis of client's IT infrastructure, security controls, and cyber threat landscape.
• Ensure adherence to underwriting guidelines, company strategies, and regulatory requirements.
• Manage and grow a profitable portfolio of cyber insurance business.
• Contribute to the development and refinement of underwriting tools and methodologies.
• Mentor and train junior members of the underwriting team.
• Stay abreast of emerging cyber threats, industry trends, and the competitive landscape.
• Collaborate with claims and risk engineering teams to enhance the client experience.
• Provide expert advice and solutions to complex cyber risk challenges.

• Bachelor's degree in Finance, Economics, Business Administration, or a related field.
• Minimum of 5 years of experience in insurance underwriting, with a significant specialization in Cyber Risk.
• In-depth knowledge of cyber threats, vulnerabilities, and risk management strategies.
• Strong understanding of insurance principles, policy wording, and regulatory frameworks.
• Excellent analytical, decision-making, and problem-solving skills.
• Proven ability to build and maintain strong business relationships.
• Strong negotiation and communication skills.
• Experience working in a hybrid environment.
• Professional qualifications such as CII or equivalent are highly desirable.
• Ability to work independently and as part of a team.

• Lead the development, implementation, and ongoing refinement of the enterprise-wide cybersecurity risk management framework.
• Conduct comprehensive risk assessments, vulnerability analyses, and penetration tests to identify potential threats and weaknesses in IT systems, networks, and applications.
• Analyze and prioritize cyber risks based on likelihood and impact, developing effective mitigation strategies and remediation plans.
• Collaborate with IT, legal, compliance, and business units to ensure that cybersecurity risks are understood and managed across the organisation.
• Develop and maintain cybersecurity policies, standards, and procedures, ensuring alignment with industry best practices and regulatory requirements (e.g., GDPR, ISO 27001, NIST).
• Monitor the threat landscape, staying informed about emerging cybersecurity threats, vulnerabilities, and attack vectors.
• Design and implement security awareness training programs for employees.
• Manage incident response activities, including investigation, containment, eradication, and recovery, and conduct post-incident reviews.
• Develop and maintain key risk indicators (KRIs) and performance indicators (KPIs) to measure the effectiveness of security controls.
• Prepare detailed reports and presentations for senior management and the board on cybersecurity risk posture, incidents, and mitigation efforts.
• Act as a subject matter expert on cybersecurity risks and controls, providing guidance and support to internal teams.
• Evaluate and recommend security technologies and solutions to enhance the organisation's defence capabilities.

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field. Master's degree is a plus.
• Minimum of 7 years of progressive experience in cybersecurity, with a strong focus on risk assessment, vulnerability management, and incident response.
• In-depth understanding of common cyber threats, attack methodologies, and defence strategies.
• Proven experience with risk assessment frameworks such as NIST CSF, ISO 27005, or FAIR.
• Proficiency in security assessment tools and techniques.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong knowledge of information security principles, network security, and cloud security.
• Experience in developing and implementing security policies and procedures.
• Excellent written and verbal communication skills, with the ability to explain complex technical issues to non-technical audiences.
• Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
• Ability to work independently and manage multiple priorities in a remote setting.

• Conduct comprehensive risk assessments of IT systems, applications, and third-party vendors to identify vulnerabilities and potential threats.
• Develop and implement robust cyber risk management frameworks, policies, and procedures aligned with industry best practices and regulatory requirements.
• Analyze security incidents and breaches to determine root causes, impact, and remediation strategies.
• Collaborate with IT security, compliance, and business units to foster a proactive security culture.
• Design and deliver security awareness training programs to employees.
• Monitor and report on key cyber risk metrics and indicators to senior management.
• Evaluate the effectiveness of existing security controls and recommend enhancements.
• Stay abreast of emerging cyber threats, vulnerabilities, and mitigation techniques.
• Participate in internal and external audits, ensuring compliance with relevant standards.
• Develop and maintain disaster recovery and business continuity plans related to cyber security.
• Mentor junior analysts and contribute to the overall development of the risk management team.

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• At least 5 years of experience in cyber risk management, information security, or a related field within the financial services industry.
• In-depth knowledge of risk assessment methodologies, frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, FCA).
• Strong understanding of common cyber threats, vulnerabilities, and attack vectors.
• Experience with security tools and technologies such as SIEM, vulnerability scanners, and threat intelligence platforms.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
• Proven ability to work effectively both independently and as part of a team in a hybrid environment.
• Relevant certifications such as CISSP, CISM, CRISC are highly desirable.