Senior Cyber Security Risk Specialist

Senior Cyber Security Risk Specialist – Make This Role Your Own!

3 days a week on-site in London or Crawley

Circa £75K + up to 15% bonus + 10% pension + guaranteed annual salary increases

Are you passionate about Cyber Security Risk and ready to play a key role in shaping a GRC function from the ground up?

If so, this is a brilliant opportunity to join a business that’s right at the beginning of its cyber journey. With offices in both London and Crawley, they’re looking to build a best-in-class cyber security function and you’ll be right at the heart of that transformation.

This isn’t a tick-box auditing role. It’s hands-on, it’s strategic, and it’s a chance to truly influence how cyber risk is approached across the business. Working closely with the GRC Manager, you’ll be instrumental in embedding risk awareness into the business and ensuring technology and threat considerations are front and centre.

The best part? This role has space to be shaped by you. There are, of course, some core responsibilities, including:

What You’ll Be Doing:

Risk Management: Carry out cyber security risk assessments using the company’s risk framework, identifying key issues and tracking remediation actions. Communicate risks and treatments clearly to internal and external stakeholders.
Reporting & Metrics: Create meaningful MI on risk and control health. Help define KPIs and KRI metrics across IS teams, prepare regulatory submissions, and track compliance.
ISMS Support: Maintain the Information Security Management System (ISMS) in line with ISO 27001/27002. Manage governance forums, minutes, and documentation.
Policies & Standards: Develop GRC policies, standards, and procedures. Track exceptions, monitor risk, and report on performance and compliance.
Controls Framework: Strengthen the IT controls environment. Understand technical risks and support control improvement initiatives.
What You’ll Need:

Strong experience in technology risk or cyber risk roles.
A proactive approach to identifying threats and making smart, independent decisions.
A working knowledge of ISO 27001 and aligning businesses to compliance frameworks.
Confidence presenting to senior internal/external stakeholders.
Excellent communication skills and a collaborative mindset. Culture fit really matters here.
What’s In It For You?

Freedom to shape the role. Real autonomy to define the GRC roadmap alongside the manager.
Ongoing investment in you. The team is already completing certs like CISM, CRISC, OT & Cloud, ISO Lead Implementer, and more.
Award-winning employer. Recognised for diversity, digital transformation, and consistently ranked among the UK’s top employers.
Real cyber focus. Not just ticking compliance boxes. Cyber is a business priority.
If you want to be part of something from the ground up where your input is valued, your growth is supported, and your work makes a real impact, let’s have a chat