Technology Cyber Risk & Controls SME - Legal Entities

Technology Cyber Risk & Controls - Legal Entities - Insurance

We are currently recruiting for a Technology Cyber Risk & Controls SME with strong Legal entity reporting and regulatory experience to join one of our Global Insurance clients on a 6 month contract.

Please note the role is Inside IR35 and mostly remote working.

Responsibilities:

• Assess existing technology and cyber controls for design effectiveness, risk alignment, and regulatory compliance.
• Rewrite and standardise controls to be clear, testable, risk‑aligned, and regulator‑ready.
• Map controls to material technology and cyber risks, risk appetite, and tolerances.
• Work directly with control owners to agree ownership, embed controls, and clarify evidence expectations.
• Rationalise controls to remove duplication and address gaps.
• Support legal entity level control views, reporting, and regulatory attestations.
• Deliver control enhancements aligned to DORA and operational resilience requirements.
• Support control testing, issue remediation, and audit/regulatory engagement.

Experience required:

• Frameworks: NIST, ISO 27001, COBIT (practical application).
• Strong understanding of risk‑to‑control mapping.
• Experience working with GRC tools.
• Strong experience delivering technology and cyber control improvement or remediation programmes.
• Proven hands‑on background in Technology & cyber risk management, Control design, rewrite, and assessment and IT General Controls and cyber security domains.
• Experience working in regulated or financial services environments.
• Demonstrable exposure to legal entity reporting and regulatory obligations.
• Practical experience supporting DORA or equivalent ICT/operational resilience regulation.

If this role is of interest to you and would like to know more, please apply now!

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.