24 jobs found

Job Title: Third Party Cyber Risk Lead Reporting to: Cyber Governance Manager Direct Reports: None Position Type: Permanent Why Standing still is not an option in the current world of Insurance. TMHCC is one of the world's leading Specialty Insurers. With deep expertise in our chosen lines of business, our unparalleled track record and a solid balance sheet, TMHCC evaluates and manages risk like no one else in the industry. Looking beyond profit, empowering our people and delivering on our commitments are at the core of our customer values, along with a desire to grow and provide creative and innovative solutions to our clients. About Operations Operations sits at the heart of TMHCC, we ensure the smooth running of all business processes - from policy administration and claims handling to data, technology, and delivery. We focus on driving efficiency which enables our teams across the business to deliver exceptional results every day. Our value statement: Ops makes it happen. Operations is made up of 7 functions, this role sits within: IT We are the foundation for TMHCC's success - enabling the business to grow, compete, and innovate through technology, security, and solution design. From shaping strategy to delivering resilient operations, we ensure every capability is aligned to business value. Our inclusive and collaborative culture empowers everyone to explore ideas, solve meaningful challenges, and build fulfilling careers that make a real impact. Job Purpose: Reporting to the Cyber Governance Manager in the Business Information Security Office you will own and mature TMHCC International's third-party cyber risk management processes, streamlining processes as the vendor landscape grows. You will partner with internal teams such as Procurement and Legal to prioritise risk, remediate issues and deliver clear management information on cyber risk across the third-party portfolio. Key Responsibilities: Own, manage, and evolve the third-party security due diligence process for TMHCC International vendors, including onboarding and continuous monitoring. Establish and maintain a vendor criticality assessment process; Ensure the appropriate vendor due diligence and monitoring activities take place in accordance with vendor criticality. Own and maintain ongoing due diligence requirements for critical and high-risk suppliers in line with regulatory expectations, including DORA, NIS2, PRA and FCA requirements etc. Build MI and dashboards to showcase security due diligence and third-party risk management efforts for senior IT stakeholders and executives. Collaborate with IT, Procurement, and Legal teams to embed third party security risk management controls into the overall vendor risk management process. Ensure compliance with relevant industry regulations and standards (e.g., DORA, NIS2, CIS Controls, NIST, GDPR). Provide security guidance on third party due diligence, contract reviews, and other ad-hoc vendor security risk management queries. Create and maintain vendor security risk management documentation (including process documentation) and training materials. Stay current on emerging vendor security trends, tools, and technologies. Support the Cyber Governance Manager by providing metrics to the Divisional IT Risk Reporting and Dashboards. Escalate significant cyber risks and issues as they emerge to the Cyber Governance Manager and BISO for action or information. Performance Objectives: Develop a strong understanding on TMHCC's third party landscape and current organisational controls used within the vendor risk management process and take on responsibility for cyber third-party risk management. Identify gaps and improvement areas within the cyber third-party risk processes, develop plans to further mature cyber security controls within this area, and own the implementation of these plans going forward. Skills and Experience Specification: Essential: Experience in cyber/information security risk roles with a focus on third-party/vendor risk management. Bachelor's degree in information security, Technology Risk Management or a related field. Relevant professional certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Lead Auditor. Experience in regulated industries, implementing relevant regulations and expectations for third-party security risk management. Proven experience designing, running, and improving vendor security due diligence processes. Strong knowledge of security assurance certifications and assessments maintained by vendors (e.g., ISO 27001, SOC 2, CSA STAR/CAIQ, vendor security questionnaires) Deep understanding of and ability to articulate the risk associated with vendor risk posture to both technical and non-technical stakeholders. Ability to coordinate and chair regular meetings and workshops with multiple stakeholders to provide guidance, collaboration and oversight of third-party security risk management initiatives. Confidence in presenting information and acting as a source of SME knowledge and guidance. Analytical, conceptual thinking, planning and execution skills. Ability to drive improvements and take charge of initiatives, backed with excellent coordination strength as well as assertiveness. Results-orientated and able to manage to measurable targets and desired outcomes. A passion to champion a cyber security culture and continuous learning of latest cyber threat trends. Strong communication skills with the ability to explain complex security issues to non-technical stakeholders. Desirable: Experience with third party risk management platforms or GRC tooling. Capability and experience in building actionable MI and dashboards (e.g. using Power BI) and turning data into clear decisions and narratives. Experience of the Specialty and Lloyd's/Companies market insurance industry. What We Offer The Tokio Marine HCC Group of Companies offers a competitive salary and employee benefit package. We are a successful, dynamic organization experiencing rapid growth and are seeking energetic and confident individuals to join our team of professionals.The Tokio Marine HCC Group of companies is an equal opportunity employer. Please visit for more information about our companies.

GRC Specialist page is loaded GRC Specialistremote type: Hybridlocations: Edinburgh, GBtime type: Full timeposted on: Posted Todayjob requisition id: JR2722Wood Mackenzie is the global leader in analytics, insights and proprietary data across the entire energy and natural resources landscape.For over 50 years our work has guided the decisions of the world's most influential energy producers, utilities companies, financial institutions and governments.Now, with the world's energy system more complex and interconnected than ever before, sector-specific views are no longer enough. That's why we've redefined what's possible with Intelligence Connected.By fusing our unparalleled proprietary data with the sharpest analytical minds, all supercharged by Synoptic AI, we deliver a clear, interconnected view of the entire value chain. Our trusted team of 2,700 experts across 30 countries breaks siloes and connects industries, markets and regions across the globe.This empowers our customers to identify risk sooner, spot opportunities faster and recalibrate strategy with confidence - whether planning days, weeks, months or decades ahead.Wood Mackenzie Intelligence Connected Wood Mackenzie Values Inclusive - we succeed together Trusting - we choose to trust each other Customer committed - we put customers at the heart of our decisions Future Focused - we accelerate change Curious - we turn knowledge into action Job Description The role of the GRC Specialist is responsible for the day-to-day execution of governance, risk, and compliance (GRC) activities. This includes preparing for SOC and other audits, collecting and organizing evidence, responding to client/vendor security questionnaires, and maintaining the accuracy of the cyber risk register.The role works closely with IT, Security Engineering, and business stakeholders to ensure audit requests and client inquiries are addressed promptly and consistently. The Specialist ensures that risks, exceptions, and remediation actions are logged and tracked to completion, providing a strong operational foundation for the Risk & Compliance program. Key Responsibilities Audit & Assurance Support: Collect and organize evidence for SOC2 and other internal audits. Track remediation items from audits, ensuring timely closure with responsible teams. Maintain a repository of reusable audit evidence to streamline future cycles. Support the Risk & Compliance Lead in responding to auditor and assessor queries. Client & Vendor Security Questionnaires. Coordinate responses to customer and third-party security questionnaires. Collaborate with technical owners (Engineering, IT, Product) to provide accurate answers. Maintain a knowledge base of pre-approved responses to accelerate RFPs and renewals. Ensure responses are consistent with SOC2 reports and company policy.Risk Register & Exception Management: Update and maintain the cyber risk register in coordination with the Risk & Compliance Lead. Record new risks, assign owners, and track remediation/progress. Document Policy Exception Risk Acceptance (PERA) approvals and expirations. Ensure risk data is kept current for reporting cycles.Reporting & Metrics: Contribute data for quarterly risk and compliance dashboards. Provide metrics on questionnaire volumes, audit findings, and remediation timelines. Highlight overdue risks, audit items, or exceptions to the Risk & Compliance Lead. Experience & Skills Experience in IT audit, compliance, or GRC operations. Familiarity with audit frameworks (SOC2, ISO 27001, GDPR). Strong organizational skills for evidence collection and tracking. Ability to manage multiple concurrent requests and deadlines. Clear written communication for client questionnaires and reports. Experience in SaaS, data analytics, or regulated industries. Exposure to vendor/supplier risk assessments. Experience using GRC platforms (ServiceNow GRC, Archer, or equivalent). Equal Opportunities We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex, national origin, disability or protected veteran status. You can find out more about your rights under the law at If you are applying for a role and have a physical or mental disability, we will support you with your application or through the hiring process.

Internal Audit Senior Manager Department: Assurance & Risk Employment Type: Permanent Location: Belfast Description The Internal Audit Manager / Senior Manager will be responsible for managing the delivery of internal audit plans and assignments for clients from planning through to completion and reporting. They will oversee and review the work of junior and senior internal auditors, contribute to team training and staff development and work with the management group in contributing to the development of the Internal Audit Team, as required. Key Responsibilities Strategic Internal Audit Planning: Develop and execute internal audit strategies and plans for clients based on risk assessments and organisational objectives. Assignment Planning: Meet with client staff to discuss areas under review and developing Terms of Reference for each audit assignment. Ensure that sufficient internal audit resource is allocated to all internal audit assignments. Audit Execution: Oversee internal audit fieldwork for a range of financial, compliance and operational internal audit assignments in accordance with internal audit standards and practices. Review and completion: Review the work of the internal audit team on each assignment and hold close out meetings with client management to discuss internal audit review findings. Reporting: Prepare/review clear and concise draft internal audit reports for Partner / Head of Internal Audit review with findings, conclusions, and actionable recommendations. Present internal audit reports to client management and Audit Committees. Compliance: Assist with the implementation of the Global Internal Audit Standards during 2025 and ensure all internal audit services are delivered in line with the new standards. Collaboration: Work closely with clients to build relationships and ensure a thorough understanding of their organisation and processes. Quality: Foster a culture of continuous improvement to ensure that high standards of quality are maintained in the delivery of internal audit services including KPI monitoring. Training and Development: Maintain knowledge of internal audit standards and guidance and provide guidance, training, and mentorship to internal auditors and other staff members as required. Special Projects: Participate in special projects and investigations for clients as required. Departmental management: Undertake a key role in managing the Internal Audit Department including recruitment activities, objective setting, resource planning, budget setting and internal audit workflow management. Business development: Preparation of high quality tender documentation in response to opportunities for the delivery of internal audit services to new and existing clients. Skills, Knowledge and Expertise Education: A bachelor's degree at 2.1 or above and a qualified member of either: Chartered Internal Auditor (Chartered Institute of Internal Auditors); or full membership of a CCAB recognised accountancy body (i.e. Chartered Accountants Ireland; Institute of Chartered Accountants in England and Wales; Association of Chartered Certified Accountants; Chartered Institute of Public Finance and Accountancy; or Institute of Chartered Accountants of Scotland). Equivalence to be demonstrated Demonstrable experience in public internal auditing with a sound knowledge of internal audit methodology including at least 3 years at management level. Technical Skills: Proficient in audit software and tools, as well as Microsoft Office Suite (Excel, Word, PowerPoint). Knowledge of internal audit standards, principles, and practices. Analytical Skills: Excellent analytical, critical thinking and problem-solving skills. Communication Skills: Strong written and verbal communication skills, with the ability to present findings and recommendations clearly and concisely to various stakeholders including client management and Audit Committees. Professional Development: Commitment to ongoing professional development and staying current with internal audit standards and best practice. Travel: Willing and able to travel across the UK and Republic of Ireland as required to conduct internal audit assignments and attend meetings at various client locations.

Senior Consultant, Process & Controls (Internal Audit, Internal Controls, SOX) Belfast or Derry Location: Belfast Other locations: Primary Location Only Date: 28 Feb 2026 Requisition ID: At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. General Information Location:Belfast or Derry, Londonderry Available for Visa Sponsorship:No Business Area: Risk Consulting Contract Type: Full-Time - Permanent The Team and the opportunity We are seeking a risk professional to join our Risk Consulting practice, within the Process and Controls team. Risk Consulting is an integral part of our Consulting Services business, focused on providing high value, independent and trusted advice to clients. Working in our Process and Controls team, you will have the opportunity to work with a variety of global and local clients to provide practical risk management, internal controls and process improvement solutions, gaining valuable experience. You will work within different sized, multi-disciplinary teams and play a key role in ensuring high quality outputs and service to our clients. The role involves developing knowledge and implementing new solutions to meet the ever-changing needs of our clients. We have ambitious plans to continue strengthening and growing our offering within Risk Consulting and are looking for a dynamic individual to help us support this area of the practice, to form part of our existing team and to help us deliver our ambitious growth targets in this area. Your key responsibilities As a Senior Consultant in our Risk Consulting practice, you will be responsible for delivering to a broad portfolio of clients and engagements simultaneously, collaborating with a sizeable team and supporting the growth of our business. You will be a key member of the Process and Controls Team reporting directly to the Engagement Managers. You will have responsibility for. • Supporting a portfolio of engagements with our clients. • Collaborating with clients to agree, scope and plan the delivery phase of engagements. • Delivering the fieldwork phase of engagement and drafting reportable findings for management review. • Working as part of a team to deliver projects, with the ability to lead teams and manage more junior members of staff. • Support management on the presentation of our reports and findings to Audit Committees. • Contributing to developing the market for Internal Audit and Internal Controls services. • Supporting the development of our junior team members and acting as mentor and coach. Skills and attributes for success To qualify for the role, you must have: A strong track record in the delivery of Internal Audit, Internal Controls / SOX Services Demonstrated experience in the areas above. You will be a motivated self-starter, with the ambition to drive a team and support continued growth. You will have experience in supporting business development activities. You will be experienced in presenting to Engagement Management teams and have demonstrable business acumen and risk and controls knowledge. Excellence in oral and written communication and reporting writing are essential. We would expect candidates to have knowledge and experience in: Internal audit, in both financial and operational processes. Internal Controls / SOX Utilising core risk and controls skills in a broad range of projects both in traditional internal audit and in advisory projects aimed at assisting in the implementation of controls / improvements. Project Management. Ideally, you will also have Background in professional services environment where you have gained extensive experience in practice management. Ideally you will hold a relevant professional qualification e.g. qualified Accountant or Internal Auditor (ACA, CIMA, ACCA or IIA). We are particularly interested in people with experience in Government and Public Sector, Transport, TMT, Life Sciences, Consumer Products, Advanced Manufacturing and Power & Utilities Sectors. What we look for Highly motivated, good communicators and able to establish personal credibility with clients. You will need to convey technical content in business language with client management. You will also need to be a team player who is not only looking to enhance their own career but recognises the value in developing others and strengthening the team. What working at EY offers We offer a competitive remuneration package. Our comprehensive benefits package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs: covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: Support and coaching from some of the most engaging colleagues around. Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that's right for you. All our employees are given a benefits package which they can tailor to suit their individual preferences. Our range of benefits include: Hybrid Working Pension/Discounted Health Insurance Web Doctor Purchase of Additional Annual Leave Free Gym Membership Travel Pass Maternity & Paternity Leave Bike to Work Scheme Referral Bonuses & Recognition Awards Tech MBA paid by EY EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. When you join EY, you will be supported to ensure that you are enhancing your skills from day one. Continuous learning, where you can develop the mindset and skills to navigate whatever comes next. As you grow and develop here, you'll discover opportunities to help customise your career journey, so that it's as unique as you are - success is defined by you, we will provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership, we will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture, you will be embraced for who you are and empowered to use your voice to help others find theirs. We have embraced Hybrid working at EY adding greater flexibility and autonomy to the roles of our employees. About EY As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Inclusion & Diversity We hold a collective commitment to foster an environment where all differences are valued and respected, practices are equitable and everyone experiences a sense of belonging: Inclusion, diversity, and equity are part of who we are at EY. We believe that the highest-performing teams maximize the power of different perspectives and backgrounds. These teams are both diverse and inclusive and are willing to invite and learn from other perspectives. Our ability to include various viewpoints into our mindsets, behaviours and operations is fundamental to driving innovation, building strong relationships, and delivering the best solutions for our clients. We recognise the strength that comes from having a diverse workforce and building a culture where we support all our people to achieve their potential. You'll be embraced for who you are and empowered to use your voice to help others find theirs. As an equal opportunities' employer, we welcome applications from people of all backgrounds. Reasonable accommodations are offered at every stage of our recruitment process. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world.That's Why, EY. Apply now. IMPORTANT: Where Agency assistance is required, our Talent Team will engage directly with suppliers. CVs / Profiles should not be shared directly with Hiring Managers. Unsolicited CVs / Profiles supplied to EY by Recruitment Agencies will not be accepted for this role. EY Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance . click apply for full job details

Quality Inspector required for an industry leading, precision engineering company in the Huddersfield area. 4 day working week, 33 days holiday and an extensive benefits package are all available to the successful candidate. The core purpose of the quality inspector/technician is to protect the business from quality concerns by providing measurements and control of components and finished product. Benefits: Take a look at the extremely competitive benefits offering! Starting salary of £35,000 per annum DOE Flexible Work Schedule - Enjoy a 4-day working week with compressed hours (Monday-Thursday or Tuesday-Friday), giving you more time for life outside work. Receive 33 days of annual leave including Bank Holidays (pro rata), with the option to buy up to 5 extra days through our Holiday Buy Scheme. Benefit from up to 8% employer contributions to your pension, Enhanced Company Sick Pay, and Life Assurance of 2x salary (or 4x if enrolled in the pension scheme). Health & Wellbeing Support - Access a Health Cash Back Plan (covering GP, dental, physiotherapy, and more), free DSE eye test vouchers, and mental health resources including trained Mental Health First Aiders. Employee Assistance Programme - Confidential support including face-to-face counselling and the Wisdom App by Health Assured for mental health, nutrition, and general wellbeing. Enjoy discounts, cashback, and special offers on major high street stores, travel, gyms, cinema, show tickets, and more. Free car parking (worth £1,500-£2,500 annually), a Cycle to Work Scheme, and access to Costco membership for just the annual fee. Key Responsibilities of the Quality Inspector will include: Carry out dimensional and visual inspection of components and assemblies Assist in the general operation of the Quality Control department Provide technical assistance and problem resolution on customer, auditors and 3rd party internal quality control issues For the role of Quality Inspector, we are keen to receive applications from individuals who have: Time-served apprentice with a Quality / Manufacturing background. Valve / process industry experience is an advantage. Hands-on experience in a shop-floor environment. Experience in the use of Quality Tools. Experienced user of CMMs, including Faro Arm, Fixed CMMs, and in particular, Aberlink and PC-DMis software. Knowledge of alloys, casting, NDT, welding, and coating processes would be advantageous. To apply for the Quality Inspector position, please click "Apply Now" and attach an updated copy of your CV. Alternatively, please contact Conor Wood at E3 Recruitment for more information.

Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future. Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet. We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Predominantly focused on the public sector, Methods is now building a significant private sector client portfolio. Methods was acquired by the Alten Group in early 2022. Role Overview Methods is a leading digital transformation consultancy, partnering with public and private sector organisations to deliver innovative and secure solutions. With a strong focus on governance, risk, and compliance (GRC), we help businesses navigate complex security landscapes while ensuring regulatory and operational resilience. Principal Cyber Security Risk & Audit Consultant This role is ideal for a professional with a strong background in cyber security, risk management, and internal audit. The ideal candidate will have experience across both the public and private sectors, with exposure to or experience in management consultancy. Strong team building and leadership experience is highly desirable. Lead and execute cyber security audits, ensuring compliance with regulatory and industry standards. Develop and maintain risk management frameworks, aligning with best practices such as ISO 27001, NIST, and GDPR. Collaborate with stakeholders to identify and mitigate cyber risks across digital and operational infrastructures. Provide expert guidance on cyber risk governance, resilience, and assurance strategies. Assess third party risk management practices and conduct security audits on suppliers and partners. Work closely with CISOs, IT, and compliance teams to drive a proactive security culture. Report findings and recommendations to senior leadership, ensuring risk mitigation strategies are effectively implemented. Essential Skills & Qualifications Candidates must have one of the following qualifications or be willing to work towards them: ChCSP in the Audit and Assurance (specialism) - Chartered status with the UK Cyber Security Council (CSC) PriCSP in the Audit and Assurance (specialism) - Principal level with the CSC, with a commitment to attaining Chartered status CMIIA - Chartered Member of the Institute of Internal Auditors, with willingness to work towards ChCSP CISA - ISACA Certified Information Systems Auditor, with willingness to work towards ChCSP QiCA - Institute of Internal Auditors Qualification in Computer Auditing, with willingness to work towards ChCSP Additional professional certifications of interest include IRM Chartered Risk Manager certification ISACA certifications such as CISM, CRISC, CGEIT CISSP (Certified Information Systems Security Professional) Other essential skills Proven experience in cyber security risk management and audit, ideally within regulated industries Strong knowledge of security frameworks, including ISO 27001, NIST, CIS Controls, and GDPR compliance Ability to conduct security assessments, risk analyses, and internal audits Familiarity with security tooling and governance platforms (e.g., SIEM, GRC platforms) Excellent communication skills with the ability to influence senior stakeholders A proactive mindset with the ability to work independently and as part of a team This role will require you hold or achieve Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected - Details of this will be discussed with you at interview Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy. By joining us you can expect Autonomy to develop and grow your skills and experience Be part of exciting project work that is making a difference in society Strong, inspiring and thought-provoking leadership A supportive and collaborative environment Development - access to LinkedIn Learning, a management development programme, and training Wellness - 24/7 confidential employee assistance programme Flexible Working - including home working and part time Social - office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes Time Off - 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year Volunteering - 2 paid days per year to volunteer in our local communities or within a charity organisation Pension - Salary Exchange Scheme with 4% employer contribution and 5% employee contribution Discretionary Company Bonus - based on company and individual performance Life Assurance - of 4 times base salary Private Medical Insurance - which is non contributory (spouse and dependants included) Worldwide Travel Insurance - which is non contributory (spouse and dependants included) Enhanced Maternity and Paternity Pay Travel - season ticket loan, cycle to work scheme For a full list of benefits please visit our website ()