2,758 Cybersecurity Risk jobs in the United Kingdom

Our client, a prominent cybersecurity advisory firm, is seeking a Senior Cybersecurity Consultant with expertise in risk management to join their growing team. This role offers a hybrid working arrangement, providing flexibility with a blend of remote work and client-facing activities. You will be instrumental in assessing and mitigating cybersecurity risks for a diverse range of clients, developing robust risk management frameworks, and advising on compliance. The ideal candidate will possess a deep understanding of risk assessment methodologies, industry standards, and regulatory requirements.

Responsibilities:

• Conduct comprehensive cybersecurity risk assessments for clients, identifying potential threats and vulnerabilities across their IT infrastructure and business processes.
• Develop and implement tailored cybersecurity risk management strategies and frameworks.
• Advise clients on compliance with relevant regulations and standards (e.g., GDPR, ISO 27001, NIST).
• Perform security audits and gap analyses to evaluate the effectiveness of existing security controls.
• Develop and deliver clear, concise, and actionable recommendations for risk mitigation.
• Engage with clients to understand their business objectives and integrate cybersecurity risk management into their overall strategy.
• Create detailed reports and presentations for senior management on risk posture and mitigation plans.
• Stay current with emerging cybersecurity threats, vulnerabilities, and risk management best practices.
• Collaborate with internal technical teams to support the implementation of security controls.
• Mentor junior consultants and contribute to the firm's knowledge base.

Qualifications:

• Bachelor's or Master's degree in Computer Science, Information Security, Risk Management, or a related field.
• Minimum of 6 years of experience in cybersecurity, with a significant focus on risk assessment, management, and compliance.
• In-depth knowledge of risk assessment methodologies (e.g., qualitative, quantitative) and frameworks (e.g., NIST RMF, ISO 31000).
• Experience with compliance requirements such as GDPR, ISO 27001, PCI DSS, HIPAA.
• Strong understanding of various IT security domains, including network security, application security, and cloud security.
• Excellent analytical, problem-solving, and critical thinking skills.
• Exceptional written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.
• Proficiency in using risk management tools and GRC platforms.
• Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Auditor are highly desirable.
• Ability to work both independently and collaboratively in a client-facing environment.

This hybrid role serves clients predominantly within the region of **Norwich, Norfolk, UK**, and surrounding areas, offering a mix of remote work and on-site client consultations. We are looking for an experienced and strategic consultant to guide clients through complex cybersecurity challenges.

**Role Overview**
We are seeking a highly motivated and experienced Senior Manager of Risk to lead our cyber risk and third-party risk management functions within the Cyber Governance, Risk & Compliance (GRC) team. This individual will manage a small team of risk professionals and be responsible for building, embedding, and continuously improving the organisation's cyber risk management framework, ensuring effective oversight of third-party and supplier risks, and supporting executive and board-level reporting.
**Key Responsibilities**
Cyber Risk Management
+ Lead the development, implementation, and ongoing maturity of the cyber risk management framework.
+ Oversee risk identification, assessment, treatment, and monitoring across all cyber domains.
+ Provide risk insights and reporting to senior leadership, risk committees, and the board.
+ Partner with business and technology teams to ensure risks are effectively understood, prioritised, and mitigated.
+ Drive risk culture awareness, ensuring risk management principles are embedded across the organisation.
Third-Party Risk Management
+ Oversee the third-party risk management (TPRM) programme, including onboarding, due diligence, and ongoing monitoring of suppliers.
+ Define risk appetite, assurance requirements, and contractual controls for third-party cyber security.
+ Partner with procurement, legal, and business teams to ensure suppliers meet security and compliance requirements.
+ Provide risk assessments, recommendations, and remediation guidance to business stakeholders.
+ Escalate material supplier risks and lead risk acceptance discussions where required.
Leadership & Team Management
+ Manage, coach, and develop a small team of cyber risk and third-party risk professionals.
+ Allocate workload effectively and foster a high-performance culture.
+ Support professional development and provide clear career growth pathways.
+ Act as a senior subject matter expert and escalation point within the Cyber GRC function
**Key Skills & Experience**
+ Proven experience in cyber risk management and/or third-party risk management, ideally within financial services, technology, or a regulated industry.
+ Strong understanding of risk management frameworks (e.g., ISO 31000, NIST CSF, FAIR, ISO 27005).
+ Experience in third-party/vendor risk management practices, frameworks, and tools.
+ Excellent leadership, team management, and stakeholder engagement skills.
+ Strong analytical, problem-solving, and decision-making abilities.
+ Ability to produce clear, concise, and executive-ready risk reporting.
+ Professional certifications desirable (e.g., CRISC, CISM, CISSP, CISA).
**Who we are:**
At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.
Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing
**Job:** Security
**Job Family:** TECHNOLOGY
**Organization:** Corporate Strategy & Technology
**Schedule:** PART_TIME
**Workplace Type:** Hybrid
**Req ID:** 20994

Our client is seeking a highly skilled and experienced Senior Cyber Risk Analyst to join their dynamic, fully remote security team. This role is critical in identifying, assessing, and mitigating cybersecurity risks across the organisation's global operations. You will play a key part in shaping our client's security posture and ensuring resilience against evolving threats.

Responsibilities:

• Lead the development, implementation, and ongoing refinement of the enterprise-wide cybersecurity risk management framework.
• Conduct comprehensive risk assessments, vulnerability analyses, and penetration tests to identify potential threats and weaknesses in IT systems, networks, and applications.
• Analyze and prioritize cyber risks based on likelihood and impact, developing effective mitigation strategies and remediation plans.
• Collaborate with IT, legal, compliance, and business units to ensure that cybersecurity risks are understood and managed across the organisation.
• Develop and maintain cybersecurity policies, standards, and procedures, ensuring alignment with industry best practices and regulatory requirements (e.g., GDPR, ISO 27001, NIST).
• Monitor the threat landscape, staying informed about emerging cybersecurity threats, vulnerabilities, and attack vectors.
• Design and implement security awareness training programs for employees.
• Manage incident response activities, including investigation, containment, eradication, and recovery, and conduct post-incident reviews.
• Develop and maintain key risk indicators (KRIs) and performance indicators (KPIs) to measure the effectiveness of security controls.
• Prepare detailed reports and presentations for senior management and the board on cybersecurity risk posture, incidents, and mitigation efforts.
• Act as a subject matter expert on cybersecurity risks and controls, providing guidance and support to internal teams.
• Evaluate and recommend security technologies and solutions to enhance the organisation's defence capabilities.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field. Master's degree is a plus.
• Minimum of 7 years of progressive experience in cybersecurity, with a strong focus on risk assessment, vulnerability management, and incident response.
• In-depth understanding of common cyber threats, attack methodologies, and defence strategies.
• Proven experience with risk assessment frameworks such as NIST CSF, ISO 27005, or FAIR.
• Proficiency in security assessment tools and techniques.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong knowledge of information security principles, network security, and cloud security.
• Experience in developing and implementing security policies and procedures.
• Excellent written and verbal communication skills, with the ability to explain complex technical issues to non-technical audiences.
• Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
• Ability to work independently and manage multiple priorities in a remote setting.

This is a critical role offering the chance to significantly influence the cybersecurity strategy of a forward-thinking organisation. This is a fully remote position, supporting teams across the country but specifically aligning with the needs of the Cambridge, Cambridgeshire, UK operational hub. Join our dedicated security team and help protect our digital assets.

Our client, a leading financial services institution, is seeking a highly skilled and experienced Senior Cyber Risk Analyst to join their growing team. This role offers a hybrid working model, combining the benefits of remote flexibility with essential in-office collaboration in Manchester, Greater Manchester, UK . The successful candidate will play a pivotal role in identifying, assessing, and mitigating cyber threats to protect the company's sensitive data and critical infrastructure.

Key Responsibilities:

• Conduct comprehensive risk assessments of IT systems, applications, and third-party vendors to identify vulnerabilities and potential threats.
• Develop and implement robust cyber risk management frameworks, policies, and procedures aligned with industry best practices and regulatory requirements.
• Analyze security incidents and breaches to determine root causes, impact, and remediation strategies.
• Collaborate with IT security, compliance, and business units to foster a proactive security culture.
• Design and deliver security awareness training programs to employees.
• Monitor and report on key cyber risk metrics and indicators to senior management.
• Evaluate the effectiveness of existing security controls and recommend enhancements.
• Stay abreast of emerging cyber threats, vulnerabilities, and mitigation techniques.
• Participate in internal and external audits, ensuring compliance with relevant standards.
• Develop and maintain disaster recovery and business continuity plans related to cyber security.
• Mentor junior analysts and contribute to the overall development of the risk management team.

Qualifications and Skills:

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• At least 5 years of experience in cyber risk management, information security, or a related field within the financial services industry.
• In-depth knowledge of risk assessment methodologies, frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, FCA).
• Strong understanding of common cyber threats, vulnerabilities, and attack vectors.
• Experience with security tools and technologies such as SIEM, vulnerability scanners, and threat intelligence platforms.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
• Proven ability to work effectively both independently and as part of a team in a hybrid environment.
• Relevant certifications such as CISSP, CISM, CRISC are highly desirable.

This is an exceptional opportunity to contribute to the security posture of a major financial organization and advance your career in a dynamic and challenging field.

Our client, a leading specialty insurance provider, is seeking a Senior Cyber Risk Analyst to bolster their risk management capabilities. This is a fully remote position, allowing you to contribute to our mission from anywhere within the UK.

As a Senior Cyber Risk Analyst, you will play a crucial role in identifying, assessing, and mitigating the complex cyber risks faced by the business and its clients. You will develop and implement robust frameworks and methodologies for evaluating cyber threats, vulnerabilities, and the potential impact of cyber incidents. Your expertise will be vital in shaping the company's cyber risk appetite and strategy, ensuring resilience in an increasingly digital landscape.

Key Responsibilities:

• Conduct comprehensive assessments of cyber risks across the organization, including third-party vendor risks.
• Develop and refine methodologies for quantifying and qualifying cyber risks.
• Design and implement effective risk mitigation strategies and controls.
• Monitor the evolving threat landscape and geopolitical factors impacting cyber security.
• Prepare detailed risk reports and present findings and recommendations to senior management and relevant committees.
• Collaborate with IT security, legal, compliance, and business units to integrate cyber risk management into daily operations.
• Develop and deliver cyber risk awareness training programs.
• Stay current with emerging cyber threats, vulnerabilities, and regulatory requirements.
• Contribute to the development of incident response plans and business continuity strategies related to cyber events.
• Mentor junior analysts and contribute to the team's overall expertise in cyber risk management.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CRISC, CISA) are highly desirable.
• Minimum of 5 years of experience in cyber risk analysis, information security, or a related risk management function.
• Proven experience in conducting risk assessments, threat modeling, and vulnerability analysis.
• Strong understanding of various cyber security frameworks (e.g., NIST CSF, ISO 27001) and best practices.
• Excellent analytical and problem-solving skills, with the ability to translate complex technical concepts into clear business language.
• Strong written and verbal communication skills, with the ability to influence stakeholders at all levels.
• Experience with risk management tools and platforms.
• Ability to work independently and manage multiple priorities in a remote work environment.

Join a proactive and dedicated team focused on safeguarding the business and its clients from evolving cyber threats. This role, based in Bristol, South West England, UK , offers a significant opportunity to shape cyber resilience.

Our client is seeking a highly analytical and experienced Senior Cyber Risk Analyst to join their dynamic team. This is a fully remote position, allowing you to work from anywhere in the UK, contributing to the strategic protection of critical financial assets and data. In this pivotal role, you will be responsible for identifying, assessing, and mitigating cyber security risks across the organization. You will develop and implement robust risk management frameworks, conduct comprehensive threat assessments, and evaluate the effectiveness of existing security controls. Your expertise will be crucial in translating complex technical risks into actionable insights for both technical and non-technical stakeholders. This includes leading risk assessments for new projects and third-party vendors, ensuring compliance with regulatory requirements such as GDPR and NIS directives. You will also play a key role in incident response planning and execution, providing expert analysis during security breaches. The ideal candidate will possess a deep understanding of current cyber threats, vulnerabilities, and attacker methodologies, along with extensive experience in risk assessment methodologies (e.g., FAIR, ISO 27005). Proficiency in risk management tools and technologies, as well as strong report-writing and presentation skills, are essential. You will be expected to stay current with the evolving threat landscape and proactively advise the business on emerging risks and mitigation strategies. This role demands excellent communication and interpersonal skills, enabling you to collaborate effectively with IT security teams, business units, and senior management. If you are passionate about cyber security, possess a strategic mindset, and thrive in a challenging, remote-first environment, we want to hear from you. This is an exceptional opportunity to advance your career and make a significant impact from your home base, contributing to the security posture of a leading firm based in **London, England, UK**.

Our client is seeking a highly motivated and detail-oriented Remote Cyber Risk Analyst to join their growing insurance technology team. This role is entirely remote, offering the flexibility to work from anywhere within the UK. You will play a crucial role in assessing and mitigating cyber risks for the organization and its clients, ensuring the security and integrity of our digital assets and client data. Responsibilities include conducting comprehensive risk assessments, identifying vulnerabilities, developing and implementing security controls, and monitoring compliance with industry standards and regulations. You will collaborate with various internal departments, including IT, legal, and compliance, to ensure a cohesive security posture. This position requires a deep understanding of cybersecurity threats, attack vectors, and defense mechanisms, coupled with strong analytical and problem-solving skills. The ideal candidate will have experience with risk management frameworks, such as ISO 27001 or NIST, and proficiency in security assessment tools. You will be responsible for reporting on risk exposures, recommending mitigation strategies, and staying abreast of the evolving threat landscape. This is an excellent opportunity for a seasoned cybersecurity professional to contribute to a forward-thinking company and shape its risk management strategies in a fully remote capacity. The ability to communicate complex technical information clearly to both technical and non-technical stakeholders is essential. If you are passionate about cybersecurity and thrive in an independent, remote work environment, we want to hear from you.

Key Responsibilities:

• Conduct thorough cybersecurity risk assessments and vulnerability analyses.
• Develop, implement, and maintain security policies, procedures, and controls.
• Monitor and analyze security events and alerts to detect and respond to potential threats.
• Ensure compliance with relevant regulations and industry best practices (e.g., GDPR, ISO 27001).
• Collaborate with IT and business units to integrate security into system design and development lifecycles.
• Prepare detailed reports on risk posture, incidents, and mitigation efforts for management.
• Stay current with emerging cybersecurity threats, trends, and technologies.
• Assist in the development and delivery of security awareness training programs.
• Manage and coordinate security incident response activities.
• Provide expert advice on cybersecurity best practices and risk mitigation strategies.

Required Qualifications:

• Proven experience in cybersecurity, risk management, or a related field.
• Strong knowledge of cybersecurity principles, frameworks, and technologies.
• Experience with risk assessment methodologies and tools.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Ability to work independently and manage time effectively in a remote setting.
• Strong written and verbal communication skills, with the ability to articulate technical concepts clearly.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• Relevant certifications such as CISSP, CISM, or CRISC are a plus.
• Familiarity with the insurance industry and its specific cyber risks is advantageous.

At ServiceNow, our technology makes the world work for everyone, and our people make it possible. We move fast because the world can't wait, and we innovate in ways no one else can for our customers and communities. By joining ServiceNow, you are part of an ambitious team of change makers who have a restless curiosity and a drive for ingenuity. We know that your best work happens when you live your best life and share your unique talents, so we do everything we can to make that possible. We dream big together, supporting each other to make our individual and collective dreams come true. The future is ours, and it starts with you.
With more than 7,700+ customers, we serve approximately 85% of the Fortune 500®, and we're proud to be one of FORTUNE 100 Best Companies to Work For® and World's Most Admired Companies.
Learn more on Life at Now blog ( and hear from our employees ( about their experiences working at ServiceNow.
Unsure if you meet all the qualifications of a job description but are deeply excited about the role? We still encourage you to apply! At ServiceNow, we are committed to creating an inclusive environment where all voices are heard, valued, and respected. We welcome all candidates, including individuals from non-traditional, varied backgrounds, that might not come from a typical path connected to this role. We believe skills and experience are transferrable, and the desire to dream big makes for great candidates.
As a member of our Solution Consulting team, you will have a major impact on our future success by supporting the Risk&Security Solution Sales Team in driving net new business in the risk domain. You will guide revenue for our risk products with the support and partnership of Sales, Product Management, and the executive team. This is a hands-on technical consultant who can go wide and deep on solution delivery and solution positioning, as well as the risk domain itself, during sales cycles.
**What you get to do in this role:**
The Solution Consultant is a technical consultant with the ability to develop, position and provide product-specific support during sales cycles while achieving quarterly and annual sales goals for an assigned territory. In particular, you will:
+ Support discovery workshops to determine customers' challenges and give product demonstrations to align our solution with customer needs
+ Understand customer challenges and goals and map this back to solution capabilities
+ Answer product feature and technical questions from customers, channel partners and ServiceNow colleagues
+ Act as the domain SME across the core areas of cyber risk
+ Provide feedback to product management about product enhancements that can address customer needs and provide additional value
+ Share and learn best practices and re-usable assets with other Solution Consultants to enhance the quality and efficiency of the team
+ Identify, build-out and deliver cross product sales opportunities (solutions that cover multiple different ServiceNow solutions) that map to customer challenges and industry needs
+ Stay current on competitive analysis, trending regulatory and risk developments and broader market differentiation
+ Support/speak at marketing events including executive briefings, conferences, user groups, and trade shows
To be successful in this role you should have:
+ Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.
+ Proven (c. 3-4 years) pre-sales solution consulting or sales engineering experience with specific demonstrable knowledge of cyber risk topics and solutions
+ Demonstrable domain knowledge in one or many of our core risk domains (either in consulting, implementation, delivery, SC, sales or industry practitioner context)
+ Proficiency with the ServiceNow platform or technical experience with cloud software solutions
+ Experience working collaboratively with product management, product marketing, partners, and professional services
+ Proven soft skills relating to effective presentation of content, working collaboratively in a team or partnership and personal drive to improve current skillsets or expand into new areas
+ Territory management skills, including pipeline building and working with Sales counterpart to guide execution excellence
+ The ability to travel, as necessary. Offices are in Staines and London where regular attendance is expected
+ Fluency in English
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.
At ServiceNow, we lead with flexibility and trust in our distributed world of work. Click here ( to learn about our work personas: flexible, remote and required-in-office.
If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at for assistance.
For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.
Please Note: Fraudulent job postings/job scams are increasingly common. Click here ( to learn what to watch out for and how to protect yourself. All genuine ServiceNow job postings can be found through the ServiceNow Careers site ( .
From Fortune. © 2022 Fortune Media IP Limited All rights reserved. Used under license.
Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, ServiceNow.

Our client is seeking a highly experienced Senior Commercial Underwriter to join their rapidly expanding, fully remote insurance division. This is a unique opportunity to shape underwriting strategy and contribute to the growth of our cyber insurance portfolio from anywhere in the UK. As a remote-first employer, we offer a fully equipped virtual workspace and support to ensure you can perform at your best without needing to be in an office. You will be responsible for evaluating, selecting, and pricing complex commercial insurance risks, with a specific focus on cyber threats and liabilities. This involves thorough analysis of financial statements, risk management practices, IT infrastructure, and industry-specific exposures. Developing and maintaining strong relationships with brokers and agents is a critical component of this role, requiring excellent communication and negotiation skills. You will be expected to provide expert guidance on policy terms, conditions, and coverage limits, ensuring profitability and adherence to company guidelines. Staying ahead of evolving cyber risks, threat landscapes, and regulatory changes is paramount, requiring continuous learning and research. The successful candidate will also play a key role in training and mentoring junior underwriters, sharing best practices and fostering a collaborative team environment. You will contribute to the development and refinement of underwriting guidelines and tools, helping to enhance our risk appetite and efficiency. A deep understanding of various insurance products, particularly in the commercial lines and cyber specialty space, is essential. A strong analytical mindset, exceptional problem-solving abilities, and meticulous attention to detail are non-negotiable. Candidates must demonstrate a proven track record of successful underwriting within a commercial insurance setting, ideally with a specialization in cyber or technology-related risks. The ability to interpret complex data, make sound judgments, and articulate recommendations clearly is crucial. Qualifications such as ACII or equivalent are highly desirable. This is an excellent opportunity for a seasoned underwriter to make a significant impact within a leading, remote-capable insurance provider.