We are seeking an experienced Security Risk Specialist to ensure that the security posture remains within organisational tolerance levels. You will be supporting the implementation of cybersecurity risk assessment framework and related processes, working with the wider Governance, Risk & Compliance team to embed cybersecurity risk assessment practices into the business and technology change activities. You will also support the creation of risk statements and scenarios, helping business stakeholders assess and understand the impact of security risk. KEY ACCOUNTABILITIES & RESPONSIBILITIES Delivery new cybersecurity risk assessment framework and supporting processes to ensure protection of the organisations systems and data underpinning key business processes. This will also include supporting the review of risk appetite statements. Implement vendor tooling to support new cybersecurity risk assessment framework. Draft comprehensive cybersecurity risk reports for governance forums that provide insights into M&S risk posture and top cybersecurity risks. Support the creation of training on the identification and mitigation of cybersecurity risks. Coach and mentor Cyber Risk Analysts and Associates, helping them progress against their personal development plans. ESSENTIAL Knowledge of Cybersecurity Risk Management, supported by high-level knowledge across cybersecurity governance domains. Experience in working with industry-recognised frameworks (e.g., NIST CSF). Proactive interest in attacker tactics, techniques, and procedures. 3 years relevant experience, preferably across a range of sectors (e.g. Retail, Financial Services). Time management and organisational skills to manage a variety of stakeholders and meet deadlines. Ability to break a problem down into its component parts to identify and diagnose root causes. Build capability in processes, methods, and tools, ensuring that they are adopted consistently and used effectively.
Job Title
Cyber Security Risk Specialist