VP, IT Security Risk - RSA Archer, NIST, GRC - London - Hybrid
VP, IT Security Risk - RSA Archer, NIST, GRC - London - Hybrid
A strategic opportunity for a VP-level Information & Cyber Security professional to join a growing security governance and risk team. Drive enterprise-level cyber risk management, compliance, and security posture enhancement in a highly regulated environment.
Key Responsibilities:
-
Own and maintain security policies, standards, procedures, and governance frameworks
-
Align risk management with NIST CSF, NIST 800-53, and industry regulations
-
Act as a trusted security advisor to business and technical stakeholders
-
Lead and conduct detailed risk assessments, maintaining the risk register in RSA Archer
-
Identify and evaluate information security risks; support remediation and treatment strategies
-
Track and monitor risk remediation through life cycle to acceptable closure
-
Contribute to organization-wide cybersecurity risk strategies and control improvements
-
Run post-incident/assessment lessons learned forums and influence control evolution
-
Represent security in internal/external audits and assessments
-
Deliver detailed risk reporting and metrics to key stakeholders
Key Skills & Experience:
-
5+ years in Information/Cyber Security, with 2+ years focused on security risk
-
Strong background in GRC tools - RSA Archer strongly preferred
-
Deep understanding of security risk management, taxonomy, and control frameworks
-
Strong attention to detail with expert-level documentation and reporting ability
-
Ability to communicate complex security issues clearly to technical and non-technical audiences
-
Familiarity with vulnerability and incident management processes
-
Effective collaboration across compliance, tech, audit, and ops teams
-
Experience in financial services or banking environments preferred
Desirable Certifications:
-
MSc in Information Security, CISM, CRISC, CISA, or similar credentials
-
Knowledge of frameworks including ISO 27001, SOC 1 & 2
-
Certifications in Prince2, MSP, or APMQ a bonus
Location & Working Model:
-
Based in London
-
Hybrid model - 2 days onsite per week
Reference: 2970592930
VP, IT Security Risk - RSA Archer, NIST, GRC - London - Hybrid
Posted on Jun 25, 2025 by Scope AT Limited
VP, IT Security Risk - RSA Archer, NIST, GRC - London - Hybrid
A strategic opportunity for a VP-level Information & Cyber Security professional to join a growing security governance and risk team. Drive enterprise-level cyber risk management, compliance, and security posture enhancement in a highly regulated environment.
Key Responsibilities:
-
Own and maintain security policies, standards, procedures, and governance frameworks
-
Align risk management with NIST CSF, NIST 800-53, and industry regulations
-
Act as a trusted security advisor to business and technical stakeholders
-
Lead and conduct detailed risk assessments, maintaining the risk register in RSA Archer
-
Identify and evaluate information security risks; support remediation and treatment strategies
-
Track and monitor risk remediation through life cycle to acceptable closure
-
Contribute to organization-wide cybersecurity risk strategies and control improvements
-
Run post-incident/assessment lessons learned forums and influence control evolution
-
Represent security in internal/external audits and assessments
-
Deliver detailed risk reporting and metrics to key stakeholders
Key Skills & Experience:
-
5+ years in Information/Cyber Security, with 2+ years focused on security risk
-
Strong background in GRC tools - RSA Archer strongly preferred
-
Deep understanding of security risk management, taxonomy, and control frameworks
-
Strong attention to detail with expert-level documentation and reporting ability
-
Ability to communicate complex security issues clearly to technical and non-technical audiences
-
Familiarity with vulnerability and incident management processes
-
Effective collaboration across compliance, tech, audit, and ops teams
-
Experience in financial services or banking environments preferred
Desirable Certifications:
-
MSc in Information Security, CISM, CRISC, CISA, or similar credentials
-
Knowledge of frameworks including ISO 27001, SOC 1 & 2
-
Certifications in Prince2, MSP, or APMQ a bonus
Location & Working Model:
-
Based in London
-
Hybrid model - 2 days onsite per week
Reference: 2970592930
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog