Description
Location: Remote – UK Wide or London 1-2 days per week
Contract Details:
- Inside IR 35
- £650 per day
- Initial 6 months contract
Company Overview:
Our client, a leading global FinTech, are seeking experienced Technical Security Risk Analyst’s to join their cyber security risk team, a pivotal role in strengthening the organization’s security posture during a large-scale cyber business change programme.
Role Overview:
This position involves conducting advanced threat-led technical security risk assessments and collaborating with technical teams to secure project deliverables against a broad range of threats and vulnerabilities. Be part of a team at the forefront of IT security, shaping strategies to combat cutting-edge threats, ensuring that cyber security is a key enabler of innovation and transformation across the organization.
Key Responsibilities:
- Perform detailed technical security risk assessments to identify vulnerabilities across IT systems, applications, and infrastructure.
- Develop and refine technical security risk management strategies, aligned with industry-leading frameworks.
- Work with project stakeholders to conduct threat modelling and assess security risks for project deliverables.
- Monitor and interpret security metrics to identify trends, anomalies, and emerging risks.
- Drive the integration of security risk management processes into system development lifecycles and business processes.
- Stay current with emerging threats, security trends, and advancements in cybersecurity technology.
- Provide expert guidance to internal teams on risk assessment techniques, controls implementation, and remediation strategies.
- Collaborate with external auditors, vendors, and regulatory bodies to ensure compliance with security standards.
- Prepare in-depth technical reports and deliver presentations on risk analysis, mitigation plans, and key metrics to senior leadership.
Skills & Experience:
- Proficiency in quantitative risk models like FAIR and conducting advanced threat-led security assessments.
- Deep understanding of network security, application security, and cloud security best practices.
- Experience in implementing technical controls and designing secure architectures.
- Strong technical communication skills to convey complex security risks to technical and non-technical audiences.
- Hands-on experience with security frameworks including ISO 27001, NIST Cybersecurity Framework,
CIS Controls,
and Cloud Controls Matrix.
- Proven ability to prioritize tasks
and deliver in high-pressure,
fast-paced environments.
- Relevant certifications such as CISSP,
CRISC,
CISM,
ISO 27001 Lead Auditor.