Cybersecurity Risk Specialist
We are seeking an experienced Cybersecurity Risk Manager to join a dynamic risk and assurance function within a large, complex organisation. This position plays a key role in evaluating and strengthening cybersecurity governance, risk management practices and internal control frameworks across the business.
You will work closely with senior stakeholders to provide independent oversight, identify emerging technology risks and deliver meaningful insights that support informed decision-making at leadership level.
Key Responsibilities- Provide expert guidance and oversight on cybersecurity and technology risk matters across the organisation.
- Plan and execute assurance reviews and risk assessments covering cybersecurity, IT controls and operational resilience.
- Assess the effectiveness of governance frameworks, policies and control environments relating to cyber and technology risk.
- Prepare clear, concise reports outlining key findings, risk exposures and practical recommendations for improvement.
- Partner with senior business and technology leaders to challenge risk management practices and promote continuous improvement.
- Support the development of risk-based audit and assurance strategies aligned to organisational priorities and regulatory expectations.
- Monitor evolving cybersecurity threats, industry trends and regulatory developments to help inform assurance activities.
Preferred Experience
Experience in any of the following areas would be advantageous:
- Cloud technologies and security governance
- Data protection and privacy risk
- Third-party or supplier risk oversight
- Technology transformation or programme risk
- IT assurance, operational resilience or payments environments
Qualifications
Candidates should hold, or be working toward, a recognised professional certification such as:
- Certified Information Systems Auditor (CISA)
- Certified Internal Auditor (CIA)
- CISSP or equivalent cybersecurity qualification
- Professional accounting or risk qualification
Candidate Profile
The ideal candidate will have strong experience in cybersecurity risk management, technology assurance or internal audit within a regulated or large-scale corporate environment. You should be confident engaging with senior leadership teams and capable of translating complex technical issues into commercially focused business insights.
You will also demonstrate:
- Strong stakeholder management and influencing skills
- Excellent analytical and problem-solving abilities
- Effective written and verbal communication skills
- Sound understanding of cybersecurity frameworks, controls and governance principles
- The ability to manage multiple priorities in a fast-paced environment
- A proactive and collaborative approach to risk management