Cyber Risk Analyst - OT - ISO27005 - Risk Assessements
Posted 1 day ago by Tria Recruitment
£600 Per day
Inside
Hybrid
London, UK
Summary: The Cyber Risk Analyst role involves supporting the Governance, Risk, and Compliance (GRC) function by identifying and mitigating cyber and information security risks. The position requires collaboration with various stakeholders to ensure compliance with regulatory requirements and industry best practices. The contract is for a duration of 6 months with potential extensions, and the role is classified as inside IR35. The ideal candidate will have a strong background in cyber risk assessment and information security principles.
Key Responsibilities:
- Identify, assess, and mitigate Cyber, Information Security, and OT security risks.
- Collaborate with IT, compliance, security assurance, and business stakeholders.
- Ensure alignment of the organisation's cyber risk posture with regulatory requirements.
- Maintain compliance documentation aligned to industry standards and regulations.
Key Skills:
- 3-5 years' experience in Information Security or Cyber Risk assessment.
- Ability to articulate Cyber Risk to technical and non-technical audiences.
- Hands-on experience with Cyber Risk management frameworks (e.g., ISO 27005).
- Strong understanding of Information Security principles and Governance practices.
- Experience with compliance documentation for industry standards (e.g., NIS Directive, ISO/IEC 27001).
- Experience in regulated or Critical National Infrastructure environments (desirable).
- Familiarity with OT and ICS security risk (desirable).
- Strong stakeholder engagement and communication skills (desirable).
Salary (Rate): £600 daily
City: London
Country: UK
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Detailed Description From Employer:
Cyber Risk Analyst (Contract)
Location: London/Southeast - Hybrid/Remote working
Duration: 6months + (12months + programme of work)
Day Rate: Up to £600 a day DOE (Inside IR35)
Start date: ASAP.
Overview
We are seeking a skilled, proactive, and analytical Cyber Risk Analyst to support the Governance, Risk and Compliance (GRC) function of my client. You will be responsible for identifying, assessing, and helping to mitigate Cyber, Information Security, and OT security risks across the organisation.
You will work closely with IT, compliance, security assurance, and business stakeholders to ensure the organisation's cyber risk posture aligns with regulatory requirements and recognised industry best practices.
Essential skills and Experience
- 3-5 years' experience in an Information Security or Cyber Risk assessment role.
- Ability to clearly articulate Cyber Risk to both technical and non-technical audiences.
- Hands-on experience working with recognised Cyber Risk management frameworks and methodologies such as:
- ISO 27005
- Or other structured cyber risk quantification approaches
- Strong understanding of Information Security principles, Governance, and Risk Management practices.
- Proven experience maintaining compliance documentation aligned to industry standards, regulations, and legislative requirements, including but not limited to:
- NIS Directive - Cyber Assessment Framework (CAF)
- ISO/IEC 27001 and ISO/IEC 27002
- NIST Cybersecurity Framework (CSF) 2.0
- IEC 62443
- GDPR and the Data Protection Act
Desirable Skills
- Experience working in regulated or Critical National Infrastructure environments.
- Familiarity with OT and Industrial control system (ICS) security risk.
- Strong stakeholder engagement and communication skills.
The rate is dependent on skills and experience, and the contract is inside IR35.
For further information, please apply online and I will contact you to discuss the role in more detail.