Find your next tech and IT Job or contract Governance, risk and compliance (GRC)

Key Responsibilities Define and deliver BDUK’s Digital, Data and Technology (DDaT) strategy, aligning it with organisational priorities and advising senior leaders on opportunities, risks and investment decisions Lead the design, build and running of digital services and applications that power BDUK’s core programmes, and embed user-centred design, accessibility and continuous improvement Build on BDUK’s data capabilities, ensuring data is secure, well-governed and high quality, and drive the use of data, automation, AI and machine learning to generate insight and improve decisions Oversee the performance, reliability and security of core systems and platforms, ensuring robust operations, risk management and compliance with government standards Lead and develop a skilled, multidisciplinary DDaT workforce, fostering a culture of collaboration, innovation and continuous improvement Represent BDUK’s DDaT agenda across the organisation and the wider government community, championing excellence and capability building

AI Consultant – Assurance & Risk (SC/DV Cleared) Location: London + UK travel | Contract: Inside IR35 SC cleared (DV desirable) candidates only. Morela is supporting our client, seeking an experienced AI Consultant – Assurance & Risk to help embed trust, safety, and responsibility into AI adoption across high-security projects. Key Responsibilities: Implement AI risk management and assurance frameworks. Conduct testing, evaluation, and validation of AI/ML solutions. Advise Defence teams on ethical, regulatory, and operational compliance. Support safe deployment of AI systems and guide MLOps practices. What we’re looking for: Active SC clearance (DV desirable). Experience in AI assurance, risk management, or governance. Knowledge of standards such as ISO, NIST, FIPA . Strong communication skills for both technical and non-technical stakeholders. Why join: Work on Defence AI projects of national importance. Collaborate with industry leaders in AI ethics and safety. Shape the future of responsible AI in high-security environments. Please contact me for immeidate consaideraiton.

Job title: Data Governance and Management Lead Location: Frimley or Preston - We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: £60,000 depending on skills and experience What you'll be doing: Manage, on behalf of the Enterprise Data Owner, all or part of the People & Organisation data set on a day-to-day basis through the data lifecycle, including data governance processes Own relevant data management documentation and collateral, ensuring that regular review and update of these assets is completed on time and to a high standard, e.g. People & Organisation Data Standard Support the HR data community from data owner to data creator, by providing process, expertise and knowledge which supports excellent management of data across its lifecycle Support the HR business community to understand and adopt data capabilities, ensuring that the derived value and benefit can be tangibly communicated and reported upon, including Master Data Management (MDM), Data Quality Assurance and Data Cataloguing Establish and facilitate a People & Organisation Data Governance Working Group in conjunction with the Office of the Chief Information Officer Data Governance team Promote the importance and value of HR data across the organisation, seeking opportunities to reduce costs / risk and drive value through improved data management practices Your skills and experiences: Essential: Thorough knowledge & experience of the practical application and development of Data Governance Prior thorough knowledge & experience of associated Data Governance, Data Protection and HR toolset processes, including pan-system data management and international legislative considerations Hands-on experience within Master Data Management and/or Data Quality Assurance practices and toolsets Educated to degree level or equivalent experience Prior experience of the HR function, with specific regard to Data Governance and Master Data Management is required for this role Desirable: DAMA Certified Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Data Management team: Working alongside the Head of People Data Management and the Chief Technology and Information Office, the Data Governance and Management Lead will play a key, strategic role in the management and optimisation of our people data infrastructure by defining, embedding and advocating for robust and transparent data management, compliance and security frameworks across a broad range of data stewards and processors. This role requires a strategic thinker with strong analytical skills and a deep understanding of Data Governance, Quality Assurance, Metadata Management and Master Data Management. They should demonstrate a methodical approach to solving problems and confidence to challenge the status quo. Be a clear and effective communicator, with the ability to influence and persuade stakeholders at all levels. Will be highly motivated by driving change and embedding structure and process within a dynamic and evolving environment. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 9 September 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-DL1 #LI-Hybrid

Description Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,500 people across our London, Southampton, Cardiff and Manchester offices. We're looking for a Senior Conduct & Compliance Oversight Officer to provide second line of defence (2LoD) oversight over 1LoD (first line of defence) teams, so that they meet their regulatory obligations and effectively manage their regulatory compliance and conduct risks. Please note; this role is a 12 month fixed term contract. Key Responsibilities Deliver thematic Conduct & Compliance Oversight reviews as part of a high performing Oversight team, providing independent challenge to Starling Bank's first line of defence (1LoD) teams. Delivery of thematic Conduct & Compliance reviews with an initial focus on customer and control remediation. Ability to write up findings related to oversight reviews in a timely manner, clearly and accurately. Build strong relationships with 1LoD to deliver a collaborative working environment between Compliance and the business. Ability to support team members with the completion and delivery of compliance reviews and findings.

The key responsibilities and deliverables for this post are working with your UKEF colleagues and customers to ensure that UKEF is able to meet evolving customer demand using a secure, scalable and robust enterprise architecture blueprint. You will design and build data models to fulfil the strategic data needs of the organisation, as defined by the Enterprise Architect. You will design, support and provide guidance for the upgrade, management, decommission and archive of data in compliance with UKEF’s data policy. You will provide expert advice on data including the definition and maintenance of our data technology architecture, including metadata, integration, data dictionaries, business intelligence and our data reporting capability. The main activities of your role will be: Communicating between the technical and non-technical . You can communicate effectively across organisational, technical and political boundaries, understanding the context. You can make complex and technical information and language simple and accessible for non-technical audiences. You can advocate on behalf of a team and communicate what it does, to create trust and authenticity. You can successfully respond to challenges. Communicating data . You can use the most appropriate medium and tooling to visualise data, to tell compelling stories that are relevant to business goals and can be acted upon. You can present, communicate and disseminate data effectively, appropriately and with high impact. Data analysis and synthesis . You can translate data into valuable insights that inform decisions. You can effectively involve teams in analytics and synthesis to increase consensus and challenge assumptions. You can identify and use the most appropriate analytical techniques, and you have an understanding of analytical tools. You can demonstrate numeracy. You can show an awareness of advances in digital analytics tools and data manipulation products, and can keep up to date with them. You can collect, collate, cleanse, synthesise and interpret data to derive meaningful and actionable insights. Data governance . You can understand data governance, how this applies to data architecture and how it works in relation to other organisational governance structures. You can participate in or deliver the assurance of a service, project or programme. Data innovation . You can explore new, more efficient and effective ways of deriving value from data. You can optimise and design data to support business opportunities. Data modelling . You can produce data models and understand where to use different types. You can understand different tools and compare different data models. You can reverse-engineer a data model from a live system. You can understand industry-recognised data modelling patterns and standards. Data standards (data architect) . You can identify and establish data standards for an organisation. You can recognise published best practice and apply it effectively within government. You can communicate the business benefit of data standards, and champion and govern those standards across the organisation. Metadata management . You can understand metadata management and the tool options to support its delivery. You can design and maintain the appropriate metadata repositories to enable the organisation to understand its data assets. Problem management (data architect) . You can identify where data resolutions can contribute to resolving an organisation’s problems, and you can log, analyse, identify and implement the appropriate solutions. You can work collaboratively to ensure that risks and issues are managed, and take appropriate actions to ensure that a problem is fixed. Strategic thinking . You can take an overall perspective on business issues, events and activities, and discuss their wider implications and long-term impact. You can determine patterns, standards, policies, roadmaps and vision statements. You can effectively focus on outcomes rather than solutions and activities. Turning business problems into data design . You can work with business and technology stakeholders to translate business problems into data designs. You can create optimal designs through iterative processes, aligning the system requirements and organisational objectives with the user needs. These activities are linked to the Government Digital and Data Profession Capability Framework This list is not exhaustive, and you may be required to carry out additional duties according to business needs.

CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 300 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and Many more. At CGI you will get the opportunity to work across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve their overall security posture and maturity to ensure they feel reassured in the Security control, measures and systems we have put in place in line with their requirements. At CGI training and development is very important not only do we give you training to keep you up to date with the latest trends within an ever-changing landscape, but we also combine that training with your career ambitions, so we support you in taking your career anywhere you want it to go. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance.

CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 300 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and Many more. At CGI you will get the opportunity to work across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve their overall security posture and maturity to ensure they feel reassured in the Security control, measures and systems we have put in place in line with their requirements. At CGI training and development is very important not only do we give you training to keep you up to date with the latest trends within an ever-changing landscape, but we also combine that training with your career ambitions, so we support you in taking your career anywhere you want it to go. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance.

📅 Type de contrat : Freelance ou Portage Salarial (Affiliée au Peps) 🏢 Secteur : Finance / Gestion d'actifs Missions principales : Dans le cadre de la gestion des risques réglementaires et contractuels, vous serez en charge des activités suivantes : Suivi des alertes et des dépassements de limites : Surveillance des alertes et des dépassements des limites réglementaires, prospectus et contractuelles détectés par le serveur de contraintes (CharlesRiver), en mode pré-trade et post-trade (fonds et mandats institutionnels). Analyse des dépassements détectés par les asset servicers et réponse appropriée. Gestion des demandes de déblocage : Vérification des demandes de déblocage provenant du Front Office. Réalisation du déblocage lorsque cela est pertinent et conforme. Reporting et communication : Élaboration de rapports à destination des instances de gouvernance et des clients. Mise à jour régulière des listes de restrictions spécifiques aux clients. Profil recherché : Expérience dans le domaine de la conformité, du contrôle des risques ou de la gestion d'actifs. Bonne connaissance des outils de gestion des contraintes (idéalement CharlesRiver). Capacité d'analyse, rigueur et sens du détail. Maîtrise du français et de l'anglais (écrit et oral). Compétences techniques : Maîtrise de CharlesRiver (serveur de contraintes) Connaissances en conformité réglementaire et gestion des risques Certification ITIL Foundation Connaissances en AML / Compliance Compétences métiers : Expérience significative en finance et support aux activités de gestion Capacité à travailler dans un environnement structuré et exigeant Soft Skills : Rigueur méthodologique Esprit d'équipe Gestion du temps

Missions principales : Dans le cadre de la gestion des risques réglementaires et contractuels, vous serez en charge des activités suivantes : 🔍 Suivi des alertes et des dépassements de limites : Surveillance des alertes et des dépassements des limites réglementaires, prospectus et contractuelles détectés par le serveur de contraintes (CharlesRiver), en mode pré-trade et post-trade (fonds et mandats institutionnels). Analyse des dépassements détectés par les asset servicers et réponse appropriée. ✅ Gestion des demandes de déblocage : Vérification des demandes de déblocage provenant du Front Office. Réalisation du déblocage lorsque cela est pertinent et conforme. 📊 Reporting et communication : Élaboration de rapports à destination des instances de gouvernance et des clients. Mise à jour régulière des listes de restrictions spécifiques aux clients. Compétences techniques : Maîtrise de CharlesRiver (serveur de contraintes) Connaissances en conformité réglementaire et gestion des risques Certification ITIL Foundation Connaissances en AML / Compliance Compétences métiers : Expérience significative en finance et support aux activités de gestion Capacité à travailler dans un environnement structuré et exigeant Soft Skills : Rigueur méthodologique Esprit d'équipe Gestion du temps Profil recherché : Expérience dans le domaine de la conformité, du contrôle des risques ou de la gestion d'actifs. Bonne connaissance des outils de gestion des contraintes (idéalement CharlesRiver). Capacité d'analyse, rigueur et sens du détail. Maîtrise du français et de l'anglais (écrit et oral).

Dans le cadre de la gestion des risques réglementaires et contractuels, vous serez en charge des activités suivantes : 🔍 Suivi des alertes et des dépassements de limites : Surveillance des alertes et des dépassements des limites réglementaires, prospectus et contractuelles détectés par le serveur de contraintes (CharlesRiver), en mode pré-trade et post-trade (fonds et mandats institutionnels). Analyse des dépassements détectés par les asset servicers et réponse appropriée. ✅ Gestion des demandes de déblocage : Vérification des demandes de déblocage provenant du Front Office. Réalisation du déblocage lorsque cela est pertinent et conforme. Reporting et communication : Élaboration de rapports à destination des instances de gouvernance et des clients. Mise à jour régulière des listes de restrictions spécifiques aux clients. Compétences techniques : Maîtrise de CharlesRiver (serveur de contraintes) Connaissances en conformité réglementaire et gestion des risques Certification ITIL Foundation Connaissances en AML / Compliance Compétences métiers : Expérience significative en finance et support aux activités de gestion Capacité à travailler dans un environnement structuré et exigeant Soft Skills : Rigueur méthodologique Esprit d'équipe Gestion du temps Profil recherché : Expérience dans le domaine de la conformité, du contrôle des risques ou de la gestion d'actifs. Bonne connaissance des outils de gestion des contraintes (CharlesRiver). Capacité d'analyse, rigueur et sens du détail. Maîtrise du français et de l'anglais (écrit et oral).

Missions principales : Dans le cadre de la gestion des risques réglementaires et contractuels, vous serez en charge des activités suivantes : 🔍 Suivi des alertes et des dépassements de limites : Surveillance des alertes et des dépassements des limites réglementaires, prospectus et contractuelles détectés par le serveur de contraintes (CharlesRiver), en mode pré-trade et post-trade (fonds et mandats institutionnels). Analyse des dépassements détectés par les asset servicers et réponse appropriée. ✅ Gestion des demandes de déblocage : Vérification des demandes de déblocage provenant du Front Office. Réalisation du déblocage lorsque cela est pertinent et conforme. 📊 Reporting et communication : Élaboration de rapports à destination des instances de gouvernance et des clients. Mise à jour régulière des listes de restrictions spécifiques aux clients. Compétences techniques : Maîtrise de CharlesRiver (serveur de contraintes) Connaissances en conformité réglementaire et gestion des risques Certification ITIL Foundation Connaissances en AML / Compliance Compétences métiers : Expérience significative en finance et support aux activités de gestion Capacité à travailler dans un environnement structuré et exigeant Soft Skills : Rigueur méthodologique Esprit d'équipe Gestion du temps Profil recherché : Expérience dans le domaine de la conformité, du contrôle des risques ou de la gestion d'actifs. Bonne connaissance des outils de gestion des contraintes (idéalement CharlesRiver). Capacité d'analyse, rigueur et sens du détail. Maîtrise du français et de l'anglais (écrit et oral).

IT Security Manager Our Client is a large international organisation who are looking to recruit an IT Security Manager with at least 5 to 8 years proven expertise. Provide advice, support and guidance to all Company Corporate functions to assist them to maintain and improve their information security maturity. To work collaboratively with all areas of the Company Corporate and build networks and relationships to promote Information Security. Act as subject matter expert on for IT Security, including legal and regulatory compliance Advise Company Corporate functions on how to achieve the required controls and assist with solutions to support them. Eg Support in the development of standards and their application in line with Group security policies. Participate in Company BU’s Projects giving support, guidance, control validation and overall security assurance. This could also involve sitting on major project steering committees. Support and encourage the ethos and methodology of security by design. Aid GRC to build, implement and facilitate a mechanism to aid BU’s to assess and measure their security compliance to policies. Drive the development of BU/Divisional security roadmaps. Giving oversight of key non-conformities to feed into the CISO roadmap. Coach, train and educate the Company IT and Functions to up skill and increase the security maturity in BU’s. Be an active member of the Company’s IS Security community, contributing to and leveraging the experience and lessons learned from other BU’s Produce, implement and standardise protocol and guidance material to support Business unit activities – examples – Asset register templates, third party due-diligence. Facilitate and chair the security working group meetings Engage and manage third party relationships to support the Company and its affiliates Aid Procurement and the tendering process Raising the security baseline controls and standardising where it makes sense to do so. Understanding the different business requirements and aligning to their objectives Support Security operations to continuously improve information security awareness across the group, including phishing campaigns and associated reporting Experience Experience in an information security risk leadership role within a large organisation. Confident in presenting, discussing and championing ideas and concepts with senior stakeholders. Experience of running information security risk governance processes and structures Familiarity with relevant industry standards for information security (e.g. ISO27001, NIST CSF) Experience of creating, implementing and assessing against information security policies and standards Creativity Able to analyse complex, ambiguous problems and summarise clearly with a view to establishing practical solutions Able to “bridge the gap” between technologists and business-people, bringing to life information security risks to the business, while maintaining a pragmatic outlook on likelihood and impact of the risk and cost/complexity of the mitigation. Ensuring initiatives/programmes are anchored in best practice whilst still being highly practical/pragmatic. Ability to defuse situations and resolve conflict to a win-win outcome Influence others understand their views and agree ways of working that are acceptable to all parties. Business acumen to understand business risks and the information security implications Able to identify when information security risks need to be escalated to achieve the right level of management visibility. Able to prioritise security risks and controls, differentiating the essential from the “nice to have”. Able to judge how to communicate messages to people to maximise buy-in and/or understanding. Able to analyse data with rigour & reach sound conclusions Can assess when further data gathering, or analysis will bring diminishing returns. Can place appropriate weight on prevailing (sometimes conflicting) evidence. Support and manage budget Responsibility Responsibility of information security incident management Responsibility for security assessments and assurance activities (e.g. penetration testing) and when to use them. Oversee and management of security compliance management and reporting in relation to any relevant regulatory or legal requirements Operational responsibility of management of third parties Responsibility for managing change management around project and change leadership. Able to judge the political and other people aspects of a situation, and tailor messages and approach to bring people along. Able to work with others, setting challenging but realistic targets for team members, and through coaching and appropriate guidance, securing a successful outcome. A positive collegiate approach to developing relationships and networks at all levels across the Company and the gravitas to work persuasively with senior stakeholders. Is aware of different styles of stakeholders and can adjust own leadership style successfully to bridge any gaps. The Client and the role is based in Central London – and you will be required to be in the office at least 3 days week. The salary for this position will be £75K + £85K plus Benefits. Please do send your CV to us in Word format for this exciting new position along with your salary and availability.

IT Director Our Client is an established bank with offices in the City London. Position Summary: We are seeking a seasoned IT Director with extensive experience in software and application development within the investment and private banking sectors. The ideal candidate will have a proven track record of managing IT transformation projects, delivering solutions across multiple customer channels, and leading both software development and infrastructure technology teams. This role will report to the Board at the bank and involve collaborating with various stakeholders across the business, including HR, Finance, Treasury, Risk and Compliance, Data Governance, and Business Transformation. The Director of IT will be responsible for overseeing the day-to-day operations of the IT department, managing IT projects, implementing and maintaining network security measures, and developing IT strategies. Key Responsibilities: Oversee and manage the IT department, encompassing both software application development and infrastructure technology teams. Lead and execute software and application development projects from inception to deployment, ensuring high-quality and timely delivery. Drive IT transformation initiatives within the banking environment to enhance operational efficiency and customer satisfaction. Deliver IT solutions across multiple customer channels, including online banking, mobile apps, and in-branch systems. Develop and implement IT policies, procedures, and best practices. Collaborate with senior management and stakeholders, including HR, Finance, Treasury, Risk and Compliance, Data Governance, and Business Transformation, to identify IT needs and develop strategies to address them. Ensure compliance with industry regulations and standards. Manage IT budgets, resources, and vendor relationships. Report to the Board, on IT strategy, progress, and performance. Foster a culture of innovation and continuous improvement within the IT department. IT Management and Information Technology skills Experience in IT Operations and IT Strategy Knowledge of Network Security Strong leadership and project management abilities Excellent problem-solving and decision-making skills Qualifications: Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field. Minimum of 10 years of experience in IT management, with a strong background in software and application development. Extensive experience in leading IT transformation projects within investment and private banking environments. Proven success in delivering IT solutions across multiple customer channels. Strong understanding of banking operations, regulations, and compliance requirements. Demonstrated ability to manage both software development and infrastructure technology teams. Excellent leadership, communication, and project management skills. Ability to work effectively with various stakeholders, including HR, Finance, Treasury, Risk and Compliance, Data Governance, and Business Transformation. Strategic thinker with the ability to execute methodically. Experience with emerging technologies and digital banking trends. Preferred Skills: Experience with Agile and DevOps methodologies. Knowledge of cybersecurity best practices in the banking sector. Familiarity with cloud computing and data analytics. This is a hybrid position with at least 3 days in the office in London. The salary will be in the range £140K - £175K + Benefits. Do send your CV to us in Word format along with your salary and notice period, do include why you think you would be the right person for this position.

IT Security Manager Our Client is a large international organisation who are looking to recruit an IT Security Manager with at least 5 to 8 years proven expertise. Provide advice, support and guidance to all Company Corporate functions to assist them to maintain and improve their information security maturity. To work collaboratively with all areas of the Company Corporate and build networks and relationships to promote Information Security. Act as subject matter expert on for IT Security, including legal and regulatory compliance Advise Company Corporate functions on how to achieve the required controls and assist with solutions to support them. Eg Support in the development of standards and their application in line with Group security policies. Participate in Company BU’s Projects giving support, guidance, control validation and overall security assurance. This could also involve sitting on major project steering committees. Support and encourage the ethos and methodology of security by design. Aid GRC to build, implement and facilitate a mechanism to aid BU’s to assess and measure their security compliance to policies. Drive the development of BU/Divisional security roadmaps. Giving oversight of key non-conformities to feed into the CISO roadmap. Coach, train and educate the Company IT and Functions to up skill and increase the security maturity in BU’s. Be an active member of the Company’s IS Security community, contributing to and leveraging the experience and lessons learned from other BU’s Produce, implement and standardise protocol and guidance material to support Business unit activities – examples – Asset register templates, third party due-diligence. Facilitate and chair the security working group meetings Engage and manage third party relationships to support the Company and its affiliates Aid Procurement and the tendering process Raising the security baseline controls and standardising where it makes sense to do so. Understanding the different business requirements and aligning to their objectives Support Security operations to continuously improve information security awareness across the group, including phishing campaigns and associated reporting Experience Experience in an information security risk leadership role within a large organisation. Confident in presenting, discussing and championing ideas and concepts with senior stakeholders. Experience of running information security risk governance processes and structures Familiarity with relevant industry standards for information security (e.g. ISO27001, NIST CSF) Experience of creating, implementing and assessing against information security policies and standards Creativity Able to analyse complex, ambiguous problems and summarise clearly with a view to establishing practical solutions Able to “bridge the gap” between technologists and business-people, bringing to life information security risks to the business, while maintaining a pragmatic outlook on likelihood and impact of the risk and cost/complexity of the mitigation. Ensuring initiatives/programmes are anchored in best practice whilst still being highly practical/pragmatic. Ability to defuse situations and resolve conflict to a win-win outcome Influence others understand their views and agree ways of working that are acceptable to all parties. Business acumen to understand business risks and the information security implications Able to identify when information security risks need to be escalated to achieve the right level of management visibility. Able to prioritise security risks and controls, differentiating the essential from the “nice to have”. Able to judge how to communicate messages to people to maximise buy-in and/or understanding. Able to analyse data with rigour & reach sound conclusions Can assess when further data gathering, or analysis will bring diminishing returns. Can place appropriate weight on prevailing (sometimes conflicting) evidence. Support and manage budget Responsibility Responsibility of information security incident management Responsibility for security assessments and assurance activities (e.g. penetration testing) and when to use them. Oversee and management of security compliance management and reporting in relation to any relevant regulatory or legal requirements Operational responsibility of management of third parties Responsibility for managing change management around project and change leadership. Able to judge the political and other people aspects of a situation, and tailor messages and approach to bring people along. Able to work with others, setting challenging but realistic targets for team members, and through coaching and appropriate guidance, securing a successful outcome. A positive collegiate approach to developing relationships and networks at all levels across the Company and the gravitas to work persuasively with senior stakeholders. Is aware of different styles of stakeholders and can adjust own leadership style successfully to bridge any gaps. The Client and the role is based in Central London – and you will be required to be in the office at least 3 days week. The salary for this position will be £75K + £85K plus Benefits. Please do send your CV to us in Word format for this exciting new position along with your salary and availability.

Kajenthi@RED Global – Recherche d'un consultant fonctionnel RTR – Paris – 3 mois + - Freelance RED Global recherche activement un consultant fonctionnel RTR pour un projet RUN – Freelance – Contrat initial de 3 mois – ASAP En tant qu'expert métier RTR, vous jouerez un rôle clé dans le soutien à nos filiales, en collaboration avec l'équipe Core Model et le département informatique. Vous garantirez l'adoption et l'évolution optimales des processus RTR dans le cadre du modèle SAP S/4HANA Core. __________ Responsabilités principales : • Agir en tant qu'analyste commercial (AMOA) pour les utilisateurs clés et les utilisateurs finaux après la phase d'hypercare. • Servir d'expert en processus RTR et de point de référence pour les filiales et les futurs sites industriels. • Promouvoir et faciliter l'adoption du modèle RTR Core au sein des filiales/sites. • Aider à la rédaction des demandes de changement, les remettre en question si nécessaire et coordonner leur mise en œuvre avec le DDSI, conformément à la gouvernance du modèle Core. • Soutenir le déploiement des mesures de contrôle interne clés définies par l'équipe de contrôle interne. • Identifier et déployer des améliorations liées aux indicateurs RTR de la RSE. • Participer aux activités de gestion du changement et d'adoption par les utilisateurs. • Co-développer des outils de suivi et de reporting des performances avec l'équipe (composée de 7 autres experts métier). __________ Compétences et qualifications requises : • Solide expérience avec SAP FI-CO S/4HANA • Bonne compréhension des outils de Business Intelligence. • La connaissance des modules SAP DRC (Document and Reporting Compliance) et GRC (Governance, Risk and Compliance) est un plus. • Une participation antérieure à un projet de mise en œuvre de SAP S/4HANA est fortement souhaitable. • Esprit d'équipe et volonté d'amélioration continue. • Maîtrise du français, de l'anglais et de l'espagnol (obligatoire).

Job title: Cyber Security Assurance Specialist Location: Various - Glascoed/Radway Green/Washington Salary: Up to £42,320 (dependent on skills and experience) What you'll be doing: Deliver cyber assurance services for the Maritime and Land Sector, covering Enterprise Systems, Operational Technologies services and Cloud Identification of risk and appropriate mitigations, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulations Deliver documentation to demonstrate compliance to internal and external stakeholders Assessment and provision of control effectiveness in managing Cyber security risk Provide security architecture / technical input into the development of secure solutions Support development of strategy and continual service improvement for the Cyber Assurance function Act as a subject matter expert regarding Cyber Assurance activities for the wider organisation Your skills and experiences: Industry knowledge of cyber security standards or knowledge of government standards Cyber Assurance / Auditing experience of IT Systems Knowledge of application, infrastructure and security technologies Benefits: As well as a competitive pension scheme, BAE Systems also offers share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The BAE Systems Maritime and Land Sector Cyber Assurance Team: This is an excellent opportunity for you to join a dynamic team and take ownership and be responsible for driving activity through the business, gaining further exposure, and developing your skill sets. You will be responsible for the delivery of Cyber Security assurance activities to ensure 'secure by design' and 'effective in operation' for systems and services in scope, as well as managing the delivery of penetration tests and vulnerability analysis in support of risk mitigation strategies and engaging with stakeholders to promote a mind-set of developing secure systems and transfer knowledge of security standards and processes Closing Date: 15 October 2025