CrawlJobs Logo
Whitehall Resources Ltd Logo Whitehall Resources Ltd · IT - Administration

Cyber Risk Analyst

United Kingdom, Cheshire · Job Posted March 21, 2026
Apply Position
Job Link Share

Job Description

The Cyber Risk Analysts will work under the guidance of the Lead Consultant to execute the detailed risk assessments and analysis of End-of-Life technologies. In this role, you will collect and analyse data on EOL systems, evaluate cyber risks using the defined methodology, and support the implementation of remediation plans. The analysts serve as the backbone of the risk assessment, performing hands-on evaluation of assets and vulnerabilities and ensuring that risk documentation and tracking are maintained. Two Analyst positions are open, and both will collaborate closely with the Lead and with various technology teams. This role requires strong analytical skills, attention to detail, and a proactive approach to managing cyber risks across a range of legacy technologies.

Job Responsibility

  • Perform Risk Assessments: Conduct in-depth cyber risk assessments for identified EOL systems and technologies
  • Apply Risk Methodology: Use the new cyber risk rating methodology to calculate risk scores or levels for each EOL asset or vulnerability
  • Identify Mitigations: Work with the team to identify risk mitigation options for each high-risk finding
  • Remediation Support: Support the prioritization and remediation of EOL risks by coordinating with technical teams
  • Monitor & Report: Continuously monitor risk treatment plans and ensure that remediation steps are completed or on track
  • Stakeholder Collaboration: Engage with various stakeholders at a working level
  • Process Improvement: Contribute to developing templates, checklists, or process improvements as the project progresses

Requirements

  • Strong analytical and problem-solving skills
  • Attention to detail
  • Good understanding of foundational cybersecurity principles (confidentiality, integrity, availability)
  • Familiarity with common vulnerabilities and exploits affecting older systems
  • Knowledge of cyber risk frameworks and standards (such as NIST, ISO27001)
  • Ability to work with various technology inventories and tools
  • Comfort with spreadsheets, databases, or GRC tools
  • Solid written and verbal communication skills
  • Collaborative mindset
  • Good organizational skills
  • Adaptability
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
  • Equivalent experience in cyber risk or IT security roles can be considered in lieu of a formal degree

Nice to have

  • Relevant industry certifications (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), GIAC/GSEC, CRISC, Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor/Implementer)
  • Any training or courses in cyber risk analysis, enterprise risk management, or IT audit
  • Knowledge of internal risk systems or financial industry compliance standards
  • Some experience with vulnerability scanning tools or reading vulnerability advisories
Whitehall Resources Ltd - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Risk Analyst

8 matching positions

Cyber Risk Senior Analyst

The Cyber Risk Senior Analyst is a developing professional who stays abreast of ...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience
  • Knowledge of Cyber Risk, AI Tools, rules, regulations, risks and typologies
  • Excellent written and verbal communication skills
  • Must be a self-starter, flexible, innovative and adaptive
  • Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization
  • Work collaboratively with regional and global partners in other functional units
  • ability to navigate a complex organization
  • Excellent project management and organizational skills and capability to handle multiple projects at one time
  • Proficient in MS Office applications (Excel, Word, PowerPoint)
  • Bachelor’s/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Establish and oversee the application of operational cyber risk policies, technology and AI tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks
  • Participate in the design, development, delivery and maintenance of best-in-class Cyber Risk, Technology Risk, programs, policies and practices for Risk
  • Analyze comparative data, prepare and present regional and global reports related to cyber risk assessments, and monitor cyber and Technology related issues
  • Identify and address potential Cyber and Technology risks
  • Knowledge & experience working with AI tools within Financial Services
  • Identify & assess risks associated with AI systems, including model risk, data risk, bias and fairness, explainability, robustness, privacy, security & third party risk
  • Investigate and respond to operational risks
  • Investigate regulatory inquiries, prepare required documentation, make recommendations to senior management on how to proceed, and prepare responses for the regulatory inquiries
  • Monitor adherence to Citi’s Cyber Risk Policies and relevant procedures
  • Prepare, edit and maintain Cyber and Technology Risk program related materials
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

InfoSec Risk Senior Analyst / Analyst

Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of experience for the Senior Analyst and 2 years of experience for the Analyst in the banking sector and information security field, including the following background: Risk assessment, identification and mitigation
  • Security controls, security baseline, technology best practices
  • Has an integration knowledge across different security technologies and systems
  • Security control enforcement, measure of effectiveness and proposing compensating controls
  • CBE regulations
Job Responsibility
Job Responsibility
  • Review & maintain the Risk profile according to the bank's Cyber Security Risk appetite
  • Identify information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assess information security risks for IT assets and propose appropriate measures to eliminate/reduce risk
  • Coordinate with Information Security teams to manage the risk assessment activities
  • Engage InfoSec Teams in all new initiatives and projects to handle InfoSec risk assessment for new projects/technologies with concerned stakeholders
  • Follow up on Audit reports along with audit Findings/Recommendations by Internal Audit/External Audit, CBE and ensure remediation with the related parties
  • Ensure maintaining Global InfoSec Risk Register for all assessed IT assets & follow up on open risks until closure
  • Review the cases performed by the InfoSec Governance & Compliance Teams from risk perspective side
  • Participate in the Change Advisory Board (CAB) meeting
  • Work on standard and ad-hoc threats providing InfoSec risk assessment as needed
Read More
Arrow Right

Senior Business Analyst (Cyber Security)

Our banking client is seeking an experienced Senior Business Analyst to support ...
Location
Location
Canada , Ottawa
Salary
Salary:
Not provided
myticas.com Logo
Myticas Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in IT and/or cyber security environments
  • 5+ years as a Business Analyst supporting complex projects
  • Strong experience with requirements gathering, documentation, and validation
  • Experience producing structured BA deliverables (BRDs, use cases, process flows, etc.)
  • Experience working in Agile, SCRUM, and/or hybrid delivery environments
  • Strong communication skills across technical and business audiences
  • Ability to manage multiple priorities in complex environments
Job Responsibility
Job Responsibility
  • Elicit, document, and manage business, functional, and technical requirements
  • Develop key BA artifacts (BRDs, functional specs, process flows, use cases, traceability matrices)
  • Translate business and cyber security needs into actionable requirements
  • Support project planning, scope definition, and documentation
  • Contribute to risk identification, impact analysis, and mitigation planning
  • Manage requirement changes and support project decision-making
  • Support Agile/SCRUM delivery (backlogs, user stories, sprint planning)
  • Act as liaison between business stakeholders, cyber teams, and technical leads
  • Support UAT, testing, and validation of deliverables
  • Assist with transition-to-operations planning and documentation
Read More
Arrow Right

Lead Cyber Risk Consultant

Whitehall Resources are currently looking for a Cyber Risk Consultant based in C...
Location
Location
United Kingdom , Cheshire
Salary
Salary:
Not provided
whitehallresources.com Logo
Whitehall Resources Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Approximately 8-10+ years of experience in cybersecurity
  • Significant experience in cyber risk management or security consulting roles
  • Prior experience leading risk assessment projects or large-scale security consulting engagements
  • Deep knowledge of cyber risk management practices, including risk assessment methodologies and frameworks (e.g. NIST CSF, ISO 27005, FAIR)
  • Ability to identify, classify, and prioritize cybersecurity risks in a large enterprise environment
  • Strong understanding of IT infrastructure and applications, especially the challenges posed by End-of-Life technologies
  • Advanced analytical skills (“cyber analytics”), including proficiency with risk analysis tools or GRC platforms
  • Proven ability to lead a team or project in a cybersecurity context
  • Excellent organizational skills to manage multiple parallel workstreams
  • Exceptional communication skills, both written and verbal
Job Responsibility
Job Responsibility
  • Lead Risk Assessments: Plan and conduct a full stock assessment of EOL technologies within the bank
  • Risk Rating & Analysis: Oversee the analysis of identified vulnerabilities and weaknesses and produce risk ratings and reports
  • Residual Risk Reduction: Identify and recommend risk mitigation opportunities to reduce residual risk in legacy platforms and applications
  • Remediation Planning: Collaborate closely with technology owners and engineering teams to develop remediation plans and prioritize fixes or upgrades for EOL systems
  • Project Leadership & Coordination: Coordinate the efforts of the Cyber Risk Analysts, assigning tasks and monitoring progress
  • Stakeholder Engagement: Serve as the primary point of contact for stakeholders
  • Communicate risk findings and status updates
  • Transition to BAU: Ensure that remediation activities and improved risk practices are handed over smoothly to the permanent operational teams
Read More
Arrow Right

Senior IT Risk Analyst

Berkshire Hathaway Specialty Insurance (BHSI) has an exciting opportunity for a ...
Location
Location
United States , Boston
Salary
Salary:
95000.00 - 125000.00 USD / Year
bhspecialty.com Logo
Berkshire Hathaway Specialty Insurance
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in IT risk, IT audit/compliance, or cyber GRC
  • Experience running RCSAs, defining KRIs/KPIs, and presenting risk insights to senior stakeholders
  • Strong documentation skills, including writing risk narratives, control designs, control matrices, testing procedures, and remediation plans
  • Effective communication and partnership skills
  • able to challenge constructively and receive challenge professionally
  • Experience conducting vendor risk reviews, including SOC 2 analysis, control gap identification, and remediation follow‑up
  • Solid background knowledge of major risk and control frameworks (Technology, Cyber, Enterprise), such as NIST CSF, COSO ERM, COBIT, etc.
  • Working knowledge of U.S. IT regulations (e.g., SOX, CCPA/CPRA, PCI, NY‑DFS) is recommended
  • Ability to work in a team-based environment and communicate effectively and efficiently with others domestically and globally
Job Responsibility
Job Responsibility
  • Lead risk identification, risk assessment, and ongoing monitoring
  • maintain the IT risk register and ensure risks map to business objectives and risk appetite/tolerances
  • Drive Risk and Control Self‑Assessments (RCAs) with different risk and control owners
  • advise on control design for identity & access, change/release, resiliency/DR, cloud security, data protection, and vulnerability management
  • Define and socialize KRIs/KPIs, risk dashboards, trends, and heat maps
  • deliver clear status to Technology leadership, and key stakeholders
  • Partner with Vendor Risk Management Team to evaluate critical vendors (including AI‑enabled services), review SOC reports/certifications, assess control gaps, and track remediation/compensating controls through closure
  • Track risk issues, action plans, and target dates
  • validate remediation and retest where needed
  • participate in lessons‑learned and scenario exercises
What we offer
What we offer
  • Comprehensive Health, Dental and Vision benefits
  • Disability Insurance (both short-term and long-term)
  • Life Insurance (for you and your family)
  • Accidental Death & Dismemberment Insurance (for you and your family)
  • Flexible Spending Accounts
  • Health Reimbursement Account
  • Employee Assistance Program
  • Retirement Savings 401(k) Plan with Company Match
  • Generous holiday and Paid Time Off
  • Tuition Reimbursement
  • Fulltime
Read More
Arrow Right

Senior Analyst, Cyber Security

The Senior Analyst, Cyber Security supports the Manager, Cybersecurity & Network...
Location
Location
Canada , Vancouver
Salary
Salary:
90300.00 - 129000.00 USD / Year
canfor.com Logo
Canfor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree or diploma in IT or related field
  • 5+ years enterprise experience across multi-site environments
  • Professional-level Security certifications preferred
  • Strong troubleshooting, documentation, and communication skills
  • Hands‑on experience with Microsoft Defender, Sentinel, Purview, or equivalent
  • Experience managing cloud security for Azure/M365/SaaS
  • Demonstrated ability to collaborate with MDR/SOC teams
  • Experience with privacy legislation (PIPEDA, BC PIPA)
  • Experience developing or maintaining incident response playbooks
  • Threat-informed defense (MITRE ATT&CK familiarity)
Job Responsibility
Job Responsibility
  • Plan, design, and implement enterprise security solutions
  • Resolve Tier 3 incidents and outages
  • Execute security projects and coordinate vendors
  • Maintain accurate documentation, runbooks, and inventories
  • Support for Zero Trust architecture, including network segmentation, identity hardening, and continuous monitoring
  • Responsibilities related to cloud security across Azure, M365, SaaS, and hybrid workloads
  • Oversight of third‑party risk, recognizing increased vendor dependence
  • Work with MDR (Managed Detection & Response) providers such as Arctic Wolf to improve detection, triage, and response maturity
  • Responsibilities related to governance frameworks (NIST CSF 2.0, CIS Controls v8)
  • Integration with privacy compliance (PIPEDA, BC PIPA) and corporate policy governance
What we offer
What we offer
  • performance-based incentive plans
  • recognition programs
  • benefits
  • paid leaves
  • pension plans with base and matching contributions
  • savings options
  • robust health & well-being initiatives
  • development of our talent
  • value proposition that promotes diversity, equity and inclusion
  • Fulltime
Read More
Arrow Right

Bdo Digital Senior Cyber Analyst

We’re BDO. An accountancy and business advisory firm, providing the advice and s...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
bdo.co.uk Logo
BDO UK LLP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in IT security domains
  • Experience in performing IT security audits and/ or control gap assessments against CIS Benchmarks and NIST
  • Certification, such as CISA preferred
  • Demostrable interest, training, experience or certification (e.g. Security+, Network +, SSCP, CISSP) in cybersecurity is highly beneficial
  • Strong technical foundation to support the understanding of controls
  • Experience in cybersecurity, IT risk (consultancy experience) or regulatory landscape
  • Ability to meet project deadlines and manage multiple engagements
  • Strong analytical and problem-solving skills, with the ability to present information in a clear and concise manner
  • Ability to build strong relationships with clients
Job Responsibility
Job Responsibility
  • Manage risk for our clients to make them stronger for the future
  • Performing assessments of cybersecurity controls to guide clients on their level of cyber risk
  • Support technical engagement managers on cyber advisory services
  • Support the Cyber Management team as they look to develop the proposition and grow the business
  • Delivery of cyber engagements to help clients assess their cyber risk and support technical engagements
What we offer
What we offer
  • Agile working
  • Programmes, resources, and frameworks that provide clarity and structure around career development
  • Informal success conversations to formal mentoring and coaching
  • State-of-the-art collaboration spaces in our offices
  • Multidisciplinary events and dedicated resources
Read More
Arrow Right

Senior Risk Analyst

Join us as a Senior Risk Analyst and play a pivotal role in shaping the future o...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
tmgm.com Logo
TMGM
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years' experience across enterprise risk, operational risk, cyber security risk or internal audit, preferably within financial services
  • Demonstrated exposure to the design and implementation of effective risk management frameworks, and a sound working knowledge of ASIC requirements
  • Tertiary qualification in a related discipline (e.g., Finance, Business, Commerce, Risk, IT, Audit, or a related discipline)
  • Professional certifications such as FRM, CISA, CA, CPA, CIA, or equivalent are desirable
  • Prior exposure to Forex and CFD trading (or financial services) risk environment is preferred
  • Prior exposure to ICT, cybersecurity or IT Audit will be a plus
  • Excellent interpersonal and stakeholder engagement skills
  • Structured thinker with strong written and verbal communication skills
  • High attention to detail with strong analytical and reporting capabilities
  • Highly adaptable and able to manage multiple priorities in a demanding environment
Job Responsibility
Job Responsibility
  • Contribute to distinct types of risk identification, assessments, mitigation strategies, reporting, and monitoring across our businesses in alignment with our Enterprise Risk Management Framework
  • Proactively monitor emerging risks, trends, and systemic issues, escalating risks through appropriate channels, and supporting resolution as required
  • Manage Incidents and Breaches via Jira, including registering incidents in incident register and risk register, updating incident status, replying to customers, and notifying assessments and evaluations results to customers
  • Participate in cross-functional incident reviews, including CEO risk meetings, supporting timely resolution and comprehensive post-incident risk reporting
  • Support both short- and long-term initiatives stemming from incidents, helping embed risk management practices into core business operations
  • Help to drive improvements in risk reporting, analytics, and visualization to support decision-making
  • Promote a culture of continuous improvement by driving lessons-learned reviews and supporting the implementation of preventative measures
  • Assist in the delivery of assurance activities including RCSA, walkthroughs and control testing
  • Leverage data insights to identify control weaknesses and improvement opportunities, collaborating with control owners to implement effective enhancements
  • Help to prepare and update Business Continuity Plan (BCP) and the implementation of business continuity testing
What we offer
What we offer
  • Competitive salary and performance-based bonuses
  • Opportunities for career growth and development within a global company
  • Collaborative and inclusive work environment with exposure to cross-region operations
  • Health and wellness benefits
  • Flexible working arrangements
  • Fulltime
Read More
Arrow Right