About the Role
We are seeking a skilled and motivated Cyber Security Risk & Assurance Analyst to support the development and continuous improvement of our cyber and information security framework. This role plays a key part in identifying, assessing, and managing security risks while ensuring compliance with internal policies and external standards.
You will work closely with cross-functional teams to strengthen security controls, support assurance activities, and provide meaningful insights to support informed decision-making.
Key Responsibilities
- Support the development, implementation, and continuous improvement of cyber and information security risk frameworks, policies, and procedures
- Conduct security risk assessments across business units and projects, identifying vulnerabilities and recommending mitigation strategies
- Maintain and update the information security risk and controls register
- Monitor compliance with internal policies and external regulatory requirements, supporting audits and reviews
- Perform risk and control assessments, including control effectiveness reviews and assurance activities
- Prepare clear and concise reports and dashboards on risks, compliance status, and emerging threats
- Develop and refine cyber security metrics and performance indicators for reporting
- Collaborate with stakeholders to integrate security risk practices into business processes and project delivery
- Support cyber security awareness initiatives through training and communication
- Stay up to date with emerging cyber threats, regulatory obligations, and industry best practices
Key Requirements
- Demonstrated experience in cyber security risk management, assurance, or compliance functions within a complex organisation
- Experience conducting security audits, including planning, execution, and reporting
- Knowledge and experience with VPDSS frameworks
- Working knowledge of security frameworks and standards such as ISO 27001, NIST, or similar
- Ability to perform risk assessments, evaluate control effectiveness, and recommend improvements
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills, with the ability to engage both technical and non-technical stakeholders
Desirable Skills & Experience
- Experience in a public sector or highly regulated environment
- Familiarity with risk management tools and reporting dashboards
Qualifications
- Bachelor’s degree or higher in Information Technology, Business, or a related discipline (or equivalent experience)
Please apply with current resume in Microsoft Word format only (.doc or .docx). If you would like to have a confidential discussion, please contact Krunal Patel on Krunal.Patel@davidsonwp.com, quoting reference JN -052026-43203. Want to know more about Davidson? Visit us at www.davidsonwp.com
