Job Description:
A Senior Cybersecurity Risk Analyst is needed to identify, assess, and manage information security risks across the organization. The ideal candidate will have a strong technical background, experience translating threats into business risks, and the ability to work effectively in fast-paced environments.
Key Responsibilities:
* Conduct security risk assessments of systems, applications, and infrastructure.
* Identify and evaluate risks, vulnerabilities, and control gaps.
* Translate technical threats into clear business risks.
* Maintain and update the Cybersecurity Risk Register.
* Produce risk assessment reports and present findings to stakeholders.
* Collaborate with IT, SOC, and business units to understand and mitigate risks.
* Provide technical escalation support, especially in coordination with the Security Operations Centre (SOC).
* Support compliance with standards such as ISO 27001, NIST, and UK GDPR.
* Review security aspects of tenders and conduct third-party/vendor risk assessments.
Required Skills and Qualifications:
* Experience in security risk assessments and threat modeling.
* Strong understanding of cybersecurity principles, including network, endpoint, and cloud security.
* Ability to communicate vulnerabilities in business terms.
* Experience working within or with a SOC.
* Familiarity with risk management frameworks like ISO 27005, NIST RMF.
* Excellent communication and reporting skills.
* Relevant certifications such as CISSP, CISM, CRISC, CEH.
* Experience with GRC tools and risk registers.
* Knowledge of regulatory requirements and data protection laws.
Benefits:
* This is a full-time temporary role.