SonicJobs Logo
Login
Left arrow iconBack to search
  1. Home
  2. Edinburgh, City of Edinburgh
  3. Ict security manager
  4. Cyber Security Risk Manager

Cyber Security Risk Manager

Cathcart Technology
Posted a day ago, valid for 21 days
Location

Edinburgh, City of Edinburgh EH13EG, Scotland

Salary

£70,000 per annum

Contract type

Full Time

By applying, a CV-Library account will be created for you. CV-Library's Terms & Conditions and Privacy Policy will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • A Cyber Security Risk Manager is needed for a leading SaaS company in Edinburgh to oversee the governance, risk, and compliance (GRC) function while shaping the cyber security strategy.
  • The role requires a minimum of 5 years of experience in cybersecurity risk management, ideally within a technology or SaaS environment.
  • Key responsibilities include managing the enterprise risk register, driving SOC 2 readiness, and translating technical risks into business decisions for senior leadership.
  • Candidates should have hands-on experience with NIST CSF, NIST 800 53, and SOC 2, as well as knowledge of enterprise GRC tools like ServiceNow or Archer.
  • The position offers a competitive salary of up to £70,000, along with bonuses and a comprehensive benefits package, including flexible hybrid working arrangements.

Cyber Security Risk Manager required to join a globally recognised SaaS company in Edinburgh, leading the governance, risk, and compliance (GRC) function and helping shape cyber security strategy in a cutting edge environment.

The Company

This is a modern, globally recognised SaaS company operating at the forefront of data analytics. Their datasets are relied upon by clients to make very high stakes decisions, making security critical both for the business and the clients it serves. With a strong focus on innovation, they deliver high value insights that enable fast, confident decision making in complex markets.

Security is integral to the company's operations, safeguarding platforms, data, and users against evolving cyber threats. The business is currently enhancing its risk management program, providing a unique opportunity to shape processes, influence strategy, and drive tangible results. You'll join a collaborative and transparent team that values open communication, shared success, and measurable impact.

The Role

As Cyber Risk Manager, you will lead the maturity and execution of the governance, risk, and compliance (GRC) function. You will ensure the business has clear visibility of its cyber risk exposure and the processes in place to respond effectively.

You will oversee the enterprise risk register, manage the risk exception process, and drive SOC 2 readiness initiatives. Partnering with IT, architecture, SRE, and procurement teams, you'll translate complex technical risks into actionable business decisions and provide senior leaders with clear, data driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity.

What You'll Be Doing

** Lead and continuously improve the cyber risk management program, including oversight of the enterprise risk register.

** Manage risk exceptions and ensure timely review, tracking, and remediation of risks.

** Drive SOC 2 readiness activities and collaborate with auditors and internal stakeholders to ensure compliance.

** Develop and enforce cybersecurity governance policies, standards, and procedures aligned with industry frameworks.

** Work with IT, SRE, Architecture, and Procurement teams to identify, assess, and mitigate technology and third party risks.

** Provide clear, actionable reporting and metrics to senior leadership, translating technical risks into business impact.

** Act as a trusted advisor to business leaders, balancing security requirements with operational objectives.

What We're Looking For

We're seeking a proactive cyber professional with proven experience in risk management ideally within a SaaS or technology environment. You'll be confident managing enterprise risk registers, internal audits, and exception processes, with a strong ability to influence stakeholders across IT and the business.

You'll bring:

** 5+ years in cybersecurity risk management, GRC, or equivalent senior role.

** Hands on experience with NIST CSF, NIST 800 53, SOC 2, and risk frameworks.

** Experience in SOC 2 audit readiness and execution.

** Knowledge of enterprise GRC tools such as ServiceNow, Archer, or Purview Compliance Manager.

** Strong analytical skills with the ability to turn data into actionable insights.

** Excellent communication skills, able to engage technical teams and senior business leaders.

** A collaborative, transparent, and solutions focused mindset.

The Offer

You'll receive a competitive salary of up to 70,000, plus bonus opportunity and a comprehensive benefits package including private healthcare, enhanced pension, generous leave, and wellness support.

The role offers flexible hybrid working, with just two days per week onsite in a modern, Edinburgh city centre office.

If this sounds of interest, please apply or reach out to Murray Simpson.

Apply now in a few quick clicks

By applying, a CV-Library account will be created for you. CV-Library's Terms & Conditions and Privacy Policy will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs