Cyber & Data Security Risk Consultant

Edinburgh - Hybrid 50%

Salary: Around £55,000 with an up to 14% employer matching pension scheme

What you’ll do:

• Lead independent, risk-based assurance and oversight of cyber and data security risk.

• Provide insight and challenge across key domains like IAM, endpoint security, incident response and more.

• Support enterprise-wide risk communication and reporting to drive good decisions and strong risk culture.

• Oversee frameworks for identifying, assessing, and reporting cyber and information risks..

What you’ll bring:

• A solid grounding in cybersecurity (ideally in financial services), with exposure to key regulatory frameworks like GDPR or CCPA.

• Understanding of risk management principles, ideally within a 2nd line or governance function.

• Relevant industry certifications such as CISSP, CISM, CRISC, CDPSE, CompTIA Security+ or similar.

• Strong technical awareness across areas like application security, incident response, and data privacy.

• Excellent stakeholder engagement skills—you’ll work closely with leaders across the business.

£50,000 – 60,000 plus excellent benefits

Hybrid working in Edinburgh

Join a leading financial services organisation in Edinburgh. This is a newly created role within the Technology and Security Risk Team.

Your expertise in Technology Change and Systems Development Risk will be crucial as you:

• Advise the Board and senior management on strategic planning and decision-making.
• Provide formal independent opinions on significant risks.
• Monitor and report on Group-wide risk exposures ensuring the 1st Line of Defence effectively implements the risk management framework.
• Conduct risk-based independent assurance reviews and informative advisory reviews.
• Facilitate risk management activities across the Group.
• Overseeing the resolution of service and technology incidents.

Should you have the following skills and experiences –

• A deep understanding of technology risk management practices.
• Experience with IT governance frameworks.
• Hold certifications such as CRISC, CISSP, CGEIT, CISM, Prince2 or ITIL.
• Skilled in systems development methodologies such as Agile, DevOps, Hybrid or Waterfall

To find out more call Alasdair Walker from Be-IT or apply online.