Senior Risk Analyst 1634MG

Hinkley Point C, Somerset

PAYE £386.74 or Umbrella £539.18

Job Purpose / Overview

The role of Senior Risk Analyst is to act as an expert of the Risk team across the parts of HPC project following the Risk strategy uniformly across the project. They will act as a technical lead for the Risk team ensuring the implementation of Risk specific processes and framework. They will follow all governance arrangements for the Risk team providing effective reporting of Risk and Opportunity information in a timely and accurate manner, supporting others to achieve the same results. They will manage the delivery of specific contracts which range in value from £10m to £500m. The Senior Risk Analyst will be required to direct workload and provide guidance to the Risk Analysts or Trainee Risk Analysts on a day-to-day basis to enable them to support the Risk and project controls activities on the project.

Principal Accountabilities

• The Senior Risk Analyst will be the face of Risk management in their nominated Programme/Area in the Project, bringing confidence to stakeholders that they are performing the right steps to identify, analyse, respond to and manage their Risk Outputs.
• Providing assurance of the maintenance of all Risk and Opportunity data for the Programme/Area within the Risk software system e.g. ARM.
• Assurance of the delivery of Risk and Opportunity reports to a defined reporting cycle, including commentary on key time-related drivers and performance issues ensuring the quality of the output
• The Senior Risk Analyst will support the Programme/Area Directors implement Risk management by:
• Reviewing and challenging the significant issues that may impact programme/area objectives
• Supporting issue and opportunities reviews and workshops and specialist risk focussed sessions (i.e. scenario planning).
• Analysis of risk data and the connection of this data across the Project, in conjunction with the project controls managers and risk leads;Challenging the uncertainties of risk data over time to allow prioritisation and decision making.
• Ensuring a comprehensive risk portfolio is maintained and reflective of the current project position.
• Working with colleagues in IPC to ensure that the Project schedule and cost estimates are informed by high quality risk information (at delivery and portfolio levels).
• Work with the PCM’s to support the programme/area teams and where appropriate Tier 1 Contractors to assess contractor-held Risk and their views on Programme-held risks and opportunities that impact upon them.
• Identify and support the implementation of enhancements to integrated risk management procedure, process, reporting and tools.
• Accountable for the production and presentation of accurate, insightful project controls information at the Programme Reviews and Board Meetings, ROTCs, Portfolio Risk Review as required.
• Responsible for the management and verification of information within the PowerBI dashboards and providing proposals for improvement from the Programme/Area teams.
• Lead Risk management and Risk software specific training to the Programme/Area team, PM community and apprentices and provide recommendations of additional training requirements, or improvements to existing training.

Knowledge, Skills, Qualifications & Experience

• Able to deliver accurate and concise Risk insights to drive evidence-based decision making, utilising commercial and technical information, to influence project decisions and support the management of risks/opportunities.
• Understanding and/or practical experience of wider project controls disciplines enabling Risk management to be integrated with cost, schedule and change, and provide assurance that risk and opportunity reporting and outputs of risk analysis aligns with other project data.
• Excellent analytical, critical thinking and problem-solving skills.
• Proven ability to facilitate risk conversations with colleagues at all levels, including Executive and Director leadership.
• Effectively communicates complex issues and concepts (unique insights) in simple ways, to both technical and non-technical senior audiences.
• Strong organisational and time management skills, with the ability to prioritise and delegate tasks to other team members.
• Possesses high work standards and sets ambitious, yet attainable goals. Constantly drives to streamline and simplify to deliver business value.
• Ability to effectively collaborate with colleagues within and across organisational boundaries to achieve mutually successful outcomes.
• Ability to assure the quality of others work supporting them in developing to effectively deliver outputs.
• Ability to expertly use and guide others in the use of Risk management software;
• Ability to draw from best practice across industry to implement changes for improved performance

Qualifications & Experience

• Desirable degree level or equivalent qualification in project management, project controls, engineering, or another related field
• Industry recognised project controls and/or risk management qualifications, such as Management of Risk Practitioner and/or APM Risk Level 2.
• Demonstrable experience of working as an expert in risk management and expert knowledge of risk/project controls including the tools, and a variety of techniques used to deliver project insight and assess performance
• Experience of working in a project management environment and desirable construction experience
• Experience of working in the Nuclear Industry or other highly regulated industry
• Tools and Software
• The jobholder will be expected to have expertise in the use and supporting training of others, of the following (or similar equivalent) software tools:
• Microsoft Office software (Excel, Word, PowerPoint, Access);
• ARM (Risks, Opportunities).
• Safran (QSRA).
• Power BI (Business Intelligence Analytics).

Vulnerability Analyst – SC Cleared

Gloucester, UK hybrid

£inside I35

Contract: 6 Months

Active SC Clearance Required

We are seeking an experienced Vulnerability Analyst (SC Cleared) to join a high-profile IT Infrastructure environment in Gloucester. This role is critical in identifying, analysing, and managing security vulnerabilities to protect enterprise systems and ensure regulatory compliance.

The Role

You will be responsible for vulnerability management across enterprise infrastructure using Tenable One, ensuring risks are identified, assessed, tracked, and remediated effectively.

You will work closely with internal technical teams, partners, and vendors to ensure vulnerabilities are resolved within agreed timelines and reported clearly to stakeholders.

Key Responsibilities

* Perform vulnerability scanning, analysis, and reporting using Tenable One

* Track and assess vulnerabilities using CVE and CVSS frameworks

* Manage the full vulnerability lifecycle from identification through remediation

* Produce clear, actionable reports translating technical findings into business impact

* Maintain accurate tracking and documentation of remediation activities

* Collaborate with cross-functional teams, vendors, and offshore teams

* Ensure compliance with regulatory and security standards

* Provide regular updates to senior stakeholders

Essential Skills & Experience

* Active, transferable SC Clearance (minimum 3 months validity remaining)

* Strong hands-on experience with Tenable One

* Solid understanding of CVE & CVSS scoring methodologies

* Proven experience in vulnerability lifecycle management

* Excellent reporting and stakeholder communication skills

* Strong analytical and problem-solving capability

* Experience working in regulated or security-focused environments

Desirable

* Reporting experience using ServiceNow

* Certifications such as CISSP, CISM, or equivalent

* Knowledge of recognised security frameworks and best practices

Person Profile

* Strong communicator who provides clear and informative updates

* Analytical thinker who probes beyond the obvious

* Quick learner with strong technical adaptability

* Collaborative team player with excellent stakeholder engagement skills

QDC Subject Matter Expert - Hybrid

Must have an Active SC Clearance

An opportunity has arisen for a QDC Subject Matter Expert to support Defence and National Security programmes focused on Qualifying Defence Contracts and Single Source Contract Regulations. This role suits a specialist with strong post award contract management experience who understands the regulatory, commercial, and governance requirements of QDC and QSC delivery.

About the Role - QDC Subject Matter Expert

• As a QDC Subject Matter Expert, you will provide specialist support across post award contract management, compliance, and risk management for QDC and QSC engagements.
• You will support contract administration, stakeholder engagement, and dispute resolution in line with SSRO regulations.
• The role involves working closely with commercial and delivery teams to ensure correct application of pricing, allowable costs, and statutory reporting.
• You will liaise with MOD commercial teams and the SSRO to ensure regulatory guidance is applied accurately and consistently.

What We’re Looking For - QDC Subject Matter Expert

• Strong knowledge of the Defence Reform Act 2014 and Single Source Contract Regulations 2014.
• Experience with contract pricing methods, allowable cost assessments, and risk and incentive mechanisms.
• Proven ability to manage statutory reporting and regulatory compliance for QDC and QSC contracts.
• Excellent communication and stakeholder management skills.
• Experience in contract negotiation and business risk management.
• Single UK national with active SC clearance and willingness to progress to higher clearance if required.

Support secure Defence delivery and provide trusted commercial expertise as a QDC Subject Matter Expert.

To apply, please send your CV by pressing the apply button.

Role Details

• Job Title: Vulnerability Analyst SC Cleared
• Location: Gloucester, UK ( onsite)
• Special Working Conditions
• Mandatory training and pre joining checks must be completed. The contract will be awarded upon successful completion of all required checks.
• Candidate must hold an active, transferable SC clearance with a minimum of 3 months validity remaining.
• Valid Active SC is mandatory.

Job Purpose and Primary Objectives

• The Vulnerability Analyst will be responsible for identifying, analyzing, and managing security vulnerabilities within the organization’s IT infrastructure using the Tenable One platform.
• The role is essential in mitigating security risks, ensuring compliance, and protecting the organization’s assets by working closely with internal teams, vendors, and partners.
• The analyst will provide clear, actionable reports and recommendations to support the timely remediation of vulnerabilities.

Key Responsibilities

• Analyze and manage vulnerabilities using Tenable One platform, working closely with internal teams, partners, and vendors.
• Generate and deliver vulnerability reports, ensuring they are clear and actionable, based on data from Tenable One.
• CVE & CVSS Tracking: Monitor vulnerabilities using CVE (Common Vulnerabilities and Exposures) and assess risk levels using the CVSS (Common Vulnerability Scoring System).
• Collaboration: Work cross-functionally with partners and vendors to manage and remediate vulnerabilities, ensuring timely resolution.
• Tracking & Documentation: Maintain a complete tracking system for all vulnerabilities and remediation activities, providing regular updates and reports to stakeholders.
• Compliance: Ensure all vulnerability management practices meet regulatory and security compliance requirements.

Key Skills / Knowledge / Experience

• SC Clearance (Active).
• Proficiency in using Tenable One for vulnerability scanning, tracking, and reporting.
• Strong knowledge of CVE and CVSS frameworks.
• Experience with vulnerability lifecycle management from identification to remediation.
• Excellent report-writing skills with the ability to translate technical findings into business impact.
• Strong collaboration skills for working with vendors, partners, and internal teams.
• Understanding of compliance standards and best practices in Vulnerability Management.

Additional Remarks

• Good to be:
  • Reporting experience in Service Now Tool.
  • Certifications such as CISSP, CISM, or equivalent are a plus.
  • Knowledge of security frameworks.

Person SpecificationInforming

• Provides the information people need to know to do their jobs and to feel good about being part of the team, unit, and/or the organization.
• Is able to provide informative and quantifiable information so that accurate decision making can be taken in a timely manner.

Problem Solving

• Uses rigorous logic and methods to solve difficult problems with effective solutions and probes all fruitful sources for answers.
• Can see hidden problems and is excellent at detailed analysis by looking beyond the obvious and doesn’t stop at the first answer.

Technical Learning

• Able to learn new skills quickly and is adept at learning new industry skills and competencies via various methods, including research and attendance at technical courses and seminars etc.

Key Relationships & ContactsWith Client

• Establish and maintain excellent relationship with customer stakeholders and develop processes to improve efficiency and effectiveness for the client as an on-going basis.

With Line Manager / Senior Stakeholders

• Maintain regular contact with Line Manager / Senior Stakeholders to update and appraise them on critical business issues and data points.

With Offshore Teams

• Maintain regular contact with required Offshore teams as and when required to update them on current issues and decisions, seeking support for issues that affect the success of the contracts on-going deliverables as and when required.

With Peers

• Develop and maintain positive relationships with other business partners, both internal and external, ensuring best practice advice is shared and maximum efficiency achieved.

With Others

• Effectively and professionally, communicate regularly with all functional teams and other parts of the company as required in the proper performance of such duties by regularly sharing information and building positive relationships to help achieve business goals and objectives within the account.
• Building positive relationships with external contacts to maximize efficiency and to always represent the business in a professional manner.

Local Authority | South West (Wiltshire area)

A large local authority in the South West is seeking an experienced Compliance Programme Manager to lead the end-to-end delivery and recovery of a critical electrical safety compliance programme across a substantial housing portfolio.

This is a senior interim opportunity for a proven programme leader with strong housing compliance, contractor management, and governance experience, operating within a local authority or housing association environment.

Assignment Details

• Contract Length: 9 months (ongoing)
• Pay Rate: £60.77 per hour Umbrella (negotiable for the right individual)
• Hours: 35 hours per week
• Working Pattern: Hybrid - 2 days office / 3 days remote
• Location: Civic offices in the Swindon area
• Interviews: Online
• Closing Date: 27 February 2026

The Role

You will take full accountability for the Electrical Installation Condition Report (EICR) programme, ensuring timely inspections, remedial works, and robust compliance evidence. The role requires strong leadership across contractors, internal services, and senior stakeholders, embedding a safety-first, risk-based, and data-led approach.

Key Responsibilities

• Own and deliver the full programme plan, milestones, and recovery strategies
• Lead contractor performance management through KPIs, SLAs, and improvement plans
• Chair weekly operational meetings and monthly programme boards
• Oversee procurement activity and contract management in line with public sector requirements
• Manage programme budgets, forecasts, and financial controls
• Ensure accurate, auditable compliance records and reporting
• Lead tenant-focused communications and access/recovery strategies
• Produce dashboards and reports for senior leaders and Members
• Maintain risk registers, escalation routes, and continuous improvement actions

Essential Experience

• Significant programme management experience within housing compliance or asset services
• Local authority, council, or housing association background (essential)
• Strong contract and supplier performance management capability
• Confident governance, assurance, and senior-level reporting skills
• Data-driven approach to performance, risk, and recovery planning
• Knowledge of electrical compliance in social housing (policy and programme level)

Desirable

• PRINCE2 Practitioner, APM PMQ, or equivalent
• Public sector procurement and NEC/JCT contract knowledge
• Electrical compliance knowledge within social housing

Apply now for a confidential discussion and further details.

Linsco is acting as an Employment Business in relation to this vacancy.

Network Business Analyst
Based in Cheshire
Hybrid - 3 days in the office
10+ month Contract

Hiring for a Network Business Analyst to operate at the intersection of business risk, network/security controls, and technical change within a regulated Financial Services environment. This role focuses on bridging business objectives with technical remediation, ensuring requirements are traceable, measurable, and aligned to risk reduction outcomes.

Responsibilities include:
Elicit and document user journeys, process maps, and control requirements
Maintain traceability to NIST CSF categories and regulatory obligations
Write clear user stories with measurable acceptance criteria
Lead UAT coordination and evidence pack preparation
Map as-is / to-be processes across incident, problem, change, and vulnerability
management
Support CAB documentation and stakeholder communications
Quantify risk reduction, SLA improvements, and user impact
Maintain reporting dashboards demonstrating measurable value

Skills and Experience:
5+ years’ Business Analyst experience within FSI, network, or security programmes
Strong knowledge of ITIL practices and ServiceNow workflows
Strong data literacy with ability to convert qualitative risk into measurable
outcomes
Excellent stakeholder engagement and facilitation skills
Cisco / Splunk / Zscaler experience would be desirable.

Please apply for immediate interview!

CBSbutler is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. CBSbutler is an Equal Opportunities employer and we encourage applicants from all backgrounds.

Contract until end of 2027
Remote with some travel to site (England, Ireland or Poland based)
(Apply online only) per day (IR35 status dependent on location of role)

My client, in the Fintech industry are looking for an experienced Vendor Onboarding / Third Party Risk Management Consultant to join a fast-paced, global organisation supporting vendor onboarding and risk assessment activities.

You?ll play a key role in ensuring vendors are onboarded efficiently, risk assessed appropriately, and fully compliant with internal governance and regulatory requirements. This is a long-term contract offering stability and the opportunity to work within a mature, structured vendor risk environment.

Responsibilities on the role
Managing end-to-end vendor onboarding, from initial request through to approval
Maintaining accurate vendor records and documentation in internal systems
Supporting third party risk assessments and due diligence activities
Working closely with procurement, risk, compliance, legal, and business teams
Tracking onboarding progress and ensuring timelines are met
Helping ensure vendors meet internal risk, compliance, and governance standards

Experience required for the role
Experience in vendor onboarding, third party risk management, procurement operations, or similar
Experience working in a regulated environment (financial services, fintech, insurance, etc.) is highly desirable
Strong attention to detail and ability to manage multiple onboarding activities
Experience working with vendor management systems or enterprise workflow tools
Confident working with stakeholders across different teams
Strong organisational and communication skills

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited (“ARM”). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.

Location: Hybrid 60% office-40% Knutsford
Duration: 18/12/2026
Rate to SSC (including supplier charge): 527

MUST BE PAYE THROUGH UMBRELLA

Role Description:
Bridge business/risk objectives and technical change. Capture requirements, map them to controls, maintain traceability and prove value delivered by remediation.
Responsibilities

• Requirements & analysis: elicit and document user journeys, process maps and control requirements; maintain traceability to NIST CSF categories and regulatory obligations.
• Story writing and acceptance: write clear user stories with measurable acceptance criteria; orchestrate UAT and evidence packs.
• Service process alignment: map as?is/to?be across incident, problem, change and vulnerability management; support CAB documentation and communication.
• Benefits and reporting: quantify risk reduction, SLA improvements and user impact; maintain dashboards for stakeholders.

Must?Have Skills & Experience

• 5+ years’ BA experience in FSI/network/security programmes; proficient with ITIL practices and ServiceNow workflows.
• Strong data literacy and stakeholder facilitation; able to turn qualitative risk into measurable outcomes.

Preferred Certifications

• BCS BA; ITIL 4 Foundation; vendor fundamentals (e.g., Cisco/Zscaler/Fortinet/Splunk) desirable.

KPIs

• Requirements?to?controls traceability coverage; cycle time from story ready ? accepted; % first?time pass; measurable benefit realisation.

GRC Analyst 3-month contract Fully Remote

My Customer is looking for an experienced GRC Analyst to join the organisation to strengthen governance, risk, and compliance practices and will lead the delivery of ISO 27001 certification within the next 12 months.

The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation to contracts and vendor relationships is essential.

Key Skills & Experience from the GRC Analyst:

• Proven experience in a GRC, security risk, or compliance role
• Certifications for ISO 27001 (Lead Implementer/Auditor), would be required
• Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS, and data protection standards
• Onboarding/vendor risk management experience
• Hands-on experience supporting or leading ISO 27001 certification activities
• Solid understanding of risk assessment, control design, and audit processes
• Experience working with GRC tooling, evidence management, and reporting
• Experience/Knowledge around high volume data process would be beneficial
• Strong documentation, communication, and organisational skills
• Experience operating in regulated or security-conscious environments
• Experience in the Finance Sector would be beneficial

Key Responsibilities of the GRC Analyst:

• Develop and maintain security policies, standards, and procedures aligned to recognised frameworks
• Lead ISO 27001 readiness and certification activities, including ISMS support and audit coordination
• Conduct risk assessments across systems, processes, and third parties, tracking remediation actions
• PoC for legal department - onboarding/vendor/contract risk management
• Act as the primary liaison for internal stakeholders and external auditors
• Design, test, and monitor security and compliance controls, ensuring evidence is audit-ready
• Manage GRC tools and reporting to provide clear insight into risk and compliance posture
• Embed security and risk considerations into projects, suppliers, and business initiatives
• Monitor regulatory and standards changes and advise on required organisational updates

The GRC Analyst can work fully remote for the duration of the contract.

Apply now to speak with VIQU IT in confidence. Or reach out to Connor Smal via the VIQU IT website.

Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply).

For more exciting roles and opportunities like this, please follow us on IT Recruitment.