Cyber Risk Modelling Specialist
Posted 4 days ago by i-confidential
£90 Per hour
Inside
Undetermined
United Kingdom
Summary: The Cyber Risk Modelling Specialist role involves joining a financial services organization to contribute to the development of its Risk outlook and landscape during a significant growth phase. The ideal candidate will possess expertise in Cyber Risk Quantification, Risk Modelling, and FAIR methodology, along with a strong technical background and commercial awareness. This position requires effective communication of technical risk concepts to stakeholders and managing deliverables across teams. The role is classified as inside IR35 and is open to applicants based in the UK.
Key Responsibilities:
- Contribute to the creation of the Risk outlook and landscape for a financial services organization.
- Utilize Cyber Risk Quantification and Risk Modelling techniques, including FAIR methodology.
- Translate technical risk concepts into business-relevant language for effective stakeholder communication.
- Manage timelines, dependencies, and deliverables across various stakeholders and teams.
Key Skills:
- Understanding of Cyber threats, Vulnerabilities, and Controls.
- Familiarity with control frameworks (NIST CSF, ISO 27001).
- Knowledge of cyber-attack methodologies (MITRE ATT&CK).
- Experience with risk quantification methodologies - FAIR.
- Ability to conduct Loss Event Modelling, Scenario Analysis, and Stress Testing.
- Proficiency in data sourcing, cleansing, and validation.
- Strong data analysis skills, preferably with tools like Python or SAS.
- Experience with data visualization tools (e.g., PowerBI) is advantageous.
Salary (Rate): £90.00/hr
City: undetermined
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: Other
We are currently looking for a Cyber Risk Modeller to join an existing team with one of our key clients.This would be ideal for someone with a background in Cyber Risk Quantification, Risk Modelling and FAIR methodology (or equivalent). This is an excellent opportunity to join a financial services organisation in the process of creating its Risk outlook and landscape during a key period of growth and maturity. Applicants will have a technical background and outlook alongside a commercial awareness and understanding of the real-world consequences and implications of Cyber Risk for large-scale organisations.
Key Skills and Experience
- Cyber threats, Vulnerabilities and Controls
- Control frameworks (NIST CSF, ISO 27001)
- Cyber-attack methodologies (MITRE ATT&CK)
- Risk quantification methodologies - FAIR (Factor Analysis of Information Risk)
- Loss Event Modelling, Scenario Analysis and Stress Testing
- Cyber incident data, loss data, and control effectiveness metrics
- Risk management principles
- Data and information sourcing, cleansing, and validation
- Ability to translate technical risk concepts into business-relevant language and effectively communicate and influence stakeholders
- Able to manage timelines, dependencies, and deliverables across stakeholders and teams
- A background in data analysis tools (e.g, Python, SAS) and data visualization tools (e.g. PowerBI) would be an advantage but not mandatory.
Contract will be inside IR35. Applicants must be based in the UK