2,758 Cybersecurity Risk jobs in the United Kingdom
Cybersecurity Risk Analyst
Posted 19 days ago
Job Viewed
Job Description
We are looking for candidates with a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience. A minimum of 3-5 years of experience in cybersecurity risk management, IT audit, or a related security discipline is required. Proven experience in conducting risk assessments, vulnerability analyses, and developing mitigation strategies is essential. Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001), threat intelligence, and common attack vectors is mandatory. Excellent analytical, problem-solving, and communication skills are required, with the ability to clearly articulate complex security risks to various stakeholders. Relevant certifications such as CISSP, CISM, CRISC, or CompTIA Security+ are highly desirable. The ability to work independently, manage time effectively, and collaborate seamlessly with remote teams is crucial. If you are a dedicated cybersecurity professional passionate about risk mitigation and eager to contribute to a secure digital environment, we invite you to apply.
Senior Cybersecurity Consultant - Risk Management
Posted 4 days ago
Job Viewed
Job Description
Responsibilities:
- Conduct comprehensive cybersecurity risk assessments for clients, identifying potential threats and vulnerabilities across their IT infrastructure and business processes.
- Develop and implement tailored cybersecurity risk management strategies and frameworks.
- Advise clients on compliance with relevant regulations and standards (e.g., GDPR, ISO 27001, NIST).
- Perform security audits and gap analyses to evaluate the effectiveness of existing security controls.
- Develop and deliver clear, concise, and actionable recommendations for risk mitigation.
- Engage with clients to understand their business objectives and integrate cybersecurity risk management into their overall strategy.
- Create detailed reports and presentations for senior management on risk posture and mitigation plans.
- Stay current with emerging cybersecurity threats, vulnerabilities, and risk management best practices.
- Collaborate with internal technical teams to support the implementation of security controls.
- Mentor junior consultants and contribute to the firm's knowledge base.
- Bachelor's or Master's degree in Computer Science, Information Security, Risk Management, or a related field.
- Minimum of 6 years of experience in cybersecurity, with a significant focus on risk assessment, management, and compliance.
- In-depth knowledge of risk assessment methodologies (e.g., qualitative, quantitative) and frameworks (e.g., NIST RMF, ISO 31000).
- Experience with compliance requirements such as GDPR, ISO 27001, PCI DSS, HIPAA.
- Strong understanding of various IT security domains, including network security, application security, and cloud security.
- Excellent analytical, problem-solving, and critical thinking skills.
- Exceptional written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences.
- Proficiency in using risk management tools and GRC platforms.
- Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Auditor are highly desirable.
- Ability to work both independently and collaboratively in a client-facing environment.
Senior Cyber Risk Manager

Posted 13 days ago
Job Viewed
Job Description
We are seeking a highly motivated and experienced Senior Manager of Risk to lead our cyber risk and third-party risk management functions within the Cyber Governance, Risk & Compliance (GRC) team. This individual will manage a small team of risk professionals and be responsible for building, embedding, and continuously improving the organisation's cyber risk management framework, ensuring effective oversight of third-party and supplier risks, and supporting executive and board-level reporting.
**Key Responsibilities**
Cyber Risk Management
+ Lead the development, implementation, and ongoing maturity of the cyber risk management framework.
+ Oversee risk identification, assessment, treatment, and monitoring across all cyber domains.
+ Provide risk insights and reporting to senior leadership, risk committees, and the board.
+ Partner with business and technology teams to ensure risks are effectively understood, prioritised, and mitigated.
+ Drive risk culture awareness, ensuring risk management principles are embedded across the organisation.
Third-Party Risk Management
+ Oversee the third-party risk management (TPRM) programme, including onboarding, due diligence, and ongoing monitoring of suppliers.
+ Define risk appetite, assurance requirements, and contractual controls for third-party cyber security.
+ Partner with procurement, legal, and business teams to ensure suppliers meet security and compliance requirements.
+ Provide risk assessments, recommendations, and remediation guidance to business stakeholders.
+ Escalate material supplier risks and lead risk acceptance discussions where required.
Leadership & Team Management
+ Manage, coach, and develop a small team of cyber risk and third-party risk professionals.
+ Allocate workload effectively and foster a high-performance culture.
+ Support professional development and provide clear career growth pathways.
+ Act as a senior subject matter expert and escalation point within the Cyber GRC function
**Key Skills & Experience**
+ Proven experience in cyber risk management and/or third-party risk management, ideally within financial services, technology, or a regulated industry.
+ Strong understanding of risk management frameworks (e.g., ISO 31000, NIST CSF, FAIR, ISO 27005).
+ Experience in third-party/vendor risk management practices, frameworks, and tools.
+ Excellent leadership, team management, and stakeholder engagement skills.
+ Strong analytical, problem-solving, and decision-making abilities.
+ Ability to produce clear, concise, and executive-ready risk reporting.
+ Professional certifications desirable (e.g., CRISC, CISM, CISSP, CISA).
**Who we are:**
At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.
Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing
**Job:** Security
**Job Family:** TECHNOLOGY
**Organization:** Corporate Strategy & Technology
**Schedule:** PART_TIME
**Workplace Type:** Hybrid
**Req ID:** 20994
Senior Cyber Risk Analyst
Posted 2 days ago
Job Viewed
Job Description
Responsibilities:
- Lead the development, implementation, and ongoing refinement of the enterprise-wide cybersecurity risk management framework.
- Conduct comprehensive risk assessments, vulnerability analyses, and penetration tests to identify potential threats and weaknesses in IT systems, networks, and applications.
- Analyze and prioritize cyber risks based on likelihood and impact, developing effective mitigation strategies and remediation plans.
- Collaborate with IT, legal, compliance, and business units to ensure that cybersecurity risks are understood and managed across the organisation.
- Develop and maintain cybersecurity policies, standards, and procedures, ensuring alignment with industry best practices and regulatory requirements (e.g., GDPR, ISO 27001, NIST).
- Monitor the threat landscape, staying informed about emerging cybersecurity threats, vulnerabilities, and attack vectors.
- Design and implement security awareness training programs for employees.
- Manage incident response activities, including investigation, containment, eradication, and recovery, and conduct post-incident reviews.
- Develop and maintain key risk indicators (KRIs) and performance indicators (KPIs) to measure the effectiveness of security controls.
- Prepare detailed reports and presentations for senior management and the board on cybersecurity risk posture, incidents, and mitigation efforts.
- Act as a subject matter expert on cybersecurity risks and controls, providing guidance and support to internal teams.
- Evaluate and recommend security technologies and solutions to enhance the organisation's defence capabilities.
- Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field. Master's degree is a plus.
- Minimum of 7 years of progressive experience in cybersecurity, with a strong focus on risk assessment, vulnerability management, and incident response.
- In-depth understanding of common cyber threats, attack methodologies, and defence strategies.
- Proven experience with risk assessment frameworks such as NIST CSF, ISO 27005, or FAIR.
- Proficiency in security assessment tools and techniques.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong knowledge of information security principles, network security, and cloud security.
- Experience in developing and implementing security policies and procedures.
- Excellent written and verbal communication skills, with the ability to explain complex technical issues to non-technical audiences.
- Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
- Ability to work independently and manage multiple priorities in a remote setting.
Senior Cyber Risk Analyst
Posted 3 days ago
Job Viewed
Job Description
Key Responsibilities:
- Conduct comprehensive risk assessments of IT systems, applications, and third-party vendors to identify vulnerabilities and potential threats.
- Develop and implement robust cyber risk management frameworks, policies, and procedures aligned with industry best practices and regulatory requirements.
- Analyze security incidents and breaches to determine root causes, impact, and remediation strategies.
- Collaborate with IT security, compliance, and business units to foster a proactive security culture.
- Design and deliver security awareness training programs to employees.
- Monitor and report on key cyber risk metrics and indicators to senior management.
- Evaluate the effectiveness of existing security controls and recommend enhancements.
- Stay abreast of emerging cyber threats, vulnerabilities, and mitigation techniques.
- Participate in internal and external audits, ensuring compliance with relevant standards.
- Develop and maintain disaster recovery and business continuity plans related to cyber security.
- Mentor junior analysts and contribute to the overall development of the risk management team.
Qualifications and Skills:
- Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
- At least 5 years of experience in cyber risk management, information security, or a related field within the financial services industry.
- In-depth knowledge of risk assessment methodologies, frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, FCA).
- Strong understanding of common cyber threats, vulnerabilities, and attack vectors.
- Experience with security tools and technologies such as SIEM, vulnerability scanners, and threat intelligence platforms.
- Excellent analytical, problem-solving, and decision-making skills.
- Strong written and verbal communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
- Proven ability to work effectively both independently and as part of a team in a hybrid environment.
- Relevant certifications such as CISSP, CISM, CRISC are highly desirable.
This is an exceptional opportunity to contribute to the security posture of a major financial organization and advance your career in a dynamic and challenging field.
Senior Cyber Risk Analyst
Posted 4 days ago
Job Viewed
Job Description
As a Senior Cyber Risk Analyst, you will play a crucial role in identifying, assessing, and mitigating the complex cyber risks faced by the business and its clients. You will develop and implement robust frameworks and methodologies for evaluating cyber threats, vulnerabilities, and the potential impact of cyber incidents. Your expertise will be vital in shaping the company's cyber risk appetite and strategy, ensuring resilience in an increasingly digital landscape.
Key Responsibilities:
- Conduct comprehensive assessments of cyber risks across the organization, including third-party vendor risks.
- Develop and refine methodologies for quantifying and qualifying cyber risks.
- Design and implement effective risk mitigation strategies and controls.
- Monitor the evolving threat landscape and geopolitical factors impacting cyber security.
- Prepare detailed risk reports and present findings and recommendations to senior management and relevant committees.
- Collaborate with IT security, legal, compliance, and business units to integrate cyber risk management into daily operations.
- Develop and deliver cyber risk awareness training programs.
- Stay current with emerging cyber threats, vulnerabilities, and regulatory requirements.
- Contribute to the development of incident response plans and business continuity strategies related to cyber events.
- Mentor junior analysts and contribute to the team's overall expertise in cyber risk management.
Required Qualifications:
- Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CRISC, CISA) are highly desirable.
- Minimum of 5 years of experience in cyber risk analysis, information security, or a related risk management function.
- Proven experience in conducting risk assessments, threat modeling, and vulnerability analysis.
- Strong understanding of various cyber security frameworks (e.g., NIST CSF, ISO 27001) and best practices.
- Excellent analytical and problem-solving skills, with the ability to translate complex technical concepts into clear business language.
- Strong written and verbal communication skills, with the ability to influence stakeholders at all levels.
- Experience with risk management tools and platforms.
- Ability to work independently and manage multiple priorities in a remote work environment.
Join a proactive and dedicated team focused on safeguarding the business and its clients from evolving cyber threats. This role, based in Bristol, South West England, UK , offers a significant opportunity to shape cyber resilience.
Senior Cyber Risk Analyst
Posted 15 days ago
Job Viewed
Job Description
Be The First To Know
About the latest Cybersecurity risk Jobs in United Kingdom !
Remote Cyber Risk Analyst
Posted 15 days ago
Job Viewed
Job Description
Key Responsibilities:
- Conduct thorough cybersecurity risk assessments and vulnerability analyses.
- Develop, implement, and maintain security policies, procedures, and controls.
- Monitor and analyze security events and alerts to detect and respond to potential threats.
- Ensure compliance with relevant regulations and industry best practices (e.g., GDPR, ISO 27001).
- Collaborate with IT and business units to integrate security into system design and development lifecycles.
- Prepare detailed reports on risk posture, incidents, and mitigation efforts for management.
- Stay current with emerging cybersecurity threats, trends, and technologies.
- Assist in the development and delivery of security awareness training programs.
- Manage and coordinate security incident response activities.
- Provide expert advice on cybersecurity best practices and risk mitigation strategies.
- Proven experience in cybersecurity, risk management, or a related field.
- Strong knowledge of cybersecurity principles, frameworks, and technologies.
- Experience with risk assessment methodologies and tools.
- Excellent analytical, problem-solving, and critical-thinking skills.
- Ability to work independently and manage time effectively in a remote setting.
- Strong written and verbal communication skills, with the ability to articulate technical concepts clearly.
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- Relevant certifications such as CISSP, CISM, or CRISC are a plus.
- Familiarity with the insurance industry and its specific cyber risks is advantageous.
Presales Solution Consultant - Cyber Risk

Posted 13 days ago
Job Viewed
Job Description
With more than 7,700+ customers, we serve approximately 85% of the Fortune 500®, and we're proud to be one of FORTUNE 100 Best Companies to Work For® and World's Most Admired Companies.
Learn more on Life at Now blog ( and hear from our employees ( about their experiences working at ServiceNow.
Unsure if you meet all the qualifications of a job description but are deeply excited about the role? We still encourage you to apply! At ServiceNow, we are committed to creating an inclusive environment where all voices are heard, valued, and respected. We welcome all candidates, including individuals from non-traditional, varied backgrounds, that might not come from a typical path connected to this role. We believe skills and experience are transferrable, and the desire to dream big makes for great candidates.
As a member of our Solution Consulting team, you will have a major impact on our future success by supporting the Risk&Security Solution Sales Team in driving net new business in the risk domain. You will guide revenue for our risk products with the support and partnership of Sales, Product Management, and the executive team. This is a hands-on technical consultant who can go wide and deep on solution delivery and solution positioning, as well as the risk domain itself, during sales cycles.
**What you get to do in this role:**
The Solution Consultant is a technical consultant with the ability to develop, position and provide product-specific support during sales cycles while achieving quarterly and annual sales goals for an assigned territory. In particular, you will:
+ Support discovery workshops to determine customers' challenges and give product demonstrations to align our solution with customer needs
+ Understand customer challenges and goals and map this back to solution capabilities
+ Answer product feature and technical questions from customers, channel partners and ServiceNow colleagues
+ Act as the domain SME across the core areas of cyber risk
+ Provide feedback to product management about product enhancements that can address customer needs and provide additional value
+ Share and learn best practices and re-usable assets with other Solution Consultants to enhance the quality and efficiency of the team
+ Identify, build-out and deliver cross product sales opportunities (solutions that cover multiple different ServiceNow solutions) that map to customer challenges and industry needs
+ Stay current on competitive analysis, trending regulatory and risk developments and broader market differentiation
+ Support/speak at marketing events including executive briefings, conferences, user groups, and trade shows
To be successful in this role you should have:
+ Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.
+ Proven (c. 3-4 years) pre-sales solution consulting or sales engineering experience with specific demonstrable knowledge of cyber risk topics and solutions
+ Demonstrable domain knowledge in one or many of our core risk domains (either in consulting, implementation, delivery, SC, sales or industry practitioner context)
+ Proficiency with the ServiceNow platform or technical experience with cloud software solutions
+ Experience working collaboratively with product management, product marketing, partners, and professional services
+ Proven soft skills relating to effective presentation of content, working collaboratively in a team or partnership and personal drive to improve current skillsets or expand into new areas
+ Territory management skills, including pipeline building and working with Sales counterpart to guide execution excellence
+ The ability to travel, as necessary. Offices are in Staines and London where regular attendance is expected
+ Fluency in English
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.
At ServiceNow, we lead with flexibility and trust in our distributed world of work. Click here ( to learn about our work personas: flexible, remote and required-in-office.
If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at for assistance.
For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.
Please Note: Fraudulent job postings/job scams are increasingly common. Click here ( to learn what to watch out for and how to protect yourself. All genuine ServiceNow job postings can be found through the ServiceNow Careers site ( .
From Fortune. © 2022 Fortune Media IP Limited All rights reserved. Used under license.
Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, ServiceNow.
Senior Commercial Underwriter - Cyber Risk
Posted 3 days ago
Job Viewed