Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security governance and risk management to protect vital information assets.
- Company: Join a leading financial services organisation committed to robust cybersecurity.
- Benefits: Enjoy a hybrid work model with competitive salary and annual bonuses.
- Why this job: Make a real impact on cybersecurity while collaborating with talented professionals.
- Qualifications: 5+ years in Cyber Security Risk Management, preferably in finance; strong communication skills required.
- Other info: Must be within commuting distance of London HQ; RSA Archer experience preferred.
The predicted salary is between 85000 - 115000 £ per year.
Docklands, London (Hybrid) £100,000 - £110,000 per annum + annual discretionary bonus
On behalf of a leading financial services organisation, I am seeking a highly experienced Cyber Security Risk Specialist at VP level. The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisation's security posture is robust, compliant against the security policy, standards and controls. In particular, I am seeking someone with an extensive background in managing Security Control testing. The company operates a hybrid work policy and therefore you must be willing to commit to 2 days per week and must be within commutable distance of their London HQ.
Responsibilities:
- Maintain security policy, standards, procedures and frameworks.
- Ensure alignment with security industry standards such as NIST CSF and NIST 800-53.
- Act as an advisor to colleagues across the organisation on best security practice.
- Conduct regular risk assessments and maintain risk register in RSA Archer.
- Identify, assess and prioritize security risk across the organisation's information assets and environments.
- Understand security gaps and provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level.
- Support Cybersecurity Risk Management strategies based on security findings and observations.
- Profile and assign asset security criticality and prioritize risk assessments.
- Monitor improvements against the baselined risk to evidence and report where security risk is being reduced to an acceptable level across security functions.
- Run lessons learned forums and recommend improvements to security controls.
- Represent security on audits and assessments, ensuring compliance with internal and external requirements.
- Provide assurance to stakeholders through detailed reporting and metrics.
Experience/Skills required:
- Minimum of 5 years' experience in a Cyber Security Risk Management capacity.
- Experience of the testing of Security controls is essential.
- Financial and/or Banking industry experience essential.
- Experience in managing security risk across 3rd party, assets and systems.
- Ability to collaborate effectively with others to drive forward key security objectives.
- Expert in technical writing reports and documenting risk assessment findings and mitigation plans clearly and accurately.
- Meticulous attention to detail to ensure data accuracy and integrity and ensure thorough and accurate risk assessment.
- Problem solving ability to grasp security issues that impact multiple entities and troubleshoot with proposing and consulting with colleagues on effective solutions to mitigate risks.
- Excellent verbal and written communication skills to convey complex technical information clearly and effectively.
- Strong understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level.
- Knowledge of vulnerability management and incident management practices.
- Experience with GRC tools and best practices. RSA Archer is preferred.
Professional Certifications:
- Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills.
- Proficiency in security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2).
Cyber Security Risk Specialist - VP employer: Spencer Rose
Contact Detail:
Spencer Rose Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Risk Specialist - VP
✨Tip Number 1
Network with professionals in the cyber security field, especially those who have experience in financial services. Attend industry events or webinars to connect with potential colleagues and learn about the latest trends and challenges in cyber security risk management.
✨Tip Number 2
Familiarise yourself with the specific security frameworks mentioned in the job description, such as NIST CSF and ISO 27001. Being able to discuss these frameworks confidently during interviews will demonstrate your expertise and alignment with the company's needs.
✨Tip Number 3
Prepare to discuss your experience with security control testing in detail. Be ready to provide examples of how you've identified and mitigated risks in previous roles, particularly in a financial or banking context, as this is crucial for the position.
✨Tip Number 4
Showcase your ability to communicate complex technical information clearly. Practice explaining your past projects and findings to non-technical stakeholders, as this skill is essential for the role and will set you apart from other candidates.
We think you need these skills to ace Cyber Security Risk Specialist - VP
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in Cyber Security Risk Management, particularly focusing on your background in managing security control testing and your familiarity with frameworks like NIST CSF and ISO 27001.
Craft a Compelling Cover Letter: In your cover letter, emphasise your ability to collaborate effectively and your problem-solving skills. Mention specific examples of how you've successfully managed security risks in previous roles, especially in the financial or banking industry.
Highlight Relevant Certifications: List any relevant certifications such as CISA, CRISC, or CISM prominently in your application. If you have an MSc in Information Security, make sure it stands out as well, as this is highly regarded for this position.
Showcase Technical Writing Skills: Since the role requires expert technical writing, include samples of reports or documentation you've created in the past. This will demonstrate your ability to convey complex information clearly and accurately to both technical and non-technical stakeholders.
How to prepare for a job interview at Spencer Rose
✨Showcase Your Experience
Make sure to highlight your minimum of 5 years' experience in Cyber Security Risk Management. Be prepared to discuss specific examples of how you've managed security control testing and risk assessments in previous roles, especially within the financial or banking industry.
✨Demonstrate Technical Knowledge
Familiarise yourself with security frameworks like NIST CSF and ISO 27001. During the interview, be ready to explain how you have applied these standards in your past work, particularly in maintaining security policies and procedures.
✨Communicate Clearly
Since excellent verbal and written communication skills are essential for this role, practice explaining complex technical concepts in simple terms. Prepare to present data insights and risk assessment findings clearly, as you will need to convey this information to non-technical stakeholders.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving abilities. Think about past experiences where you identified security gaps and how you proposed effective solutions. Be ready to discuss your approach to prioritising risks and monitoring improvements.
