Data Security Risk Consultant

Job Title: Cyber & Data Security Risk Consultant

Contract Type: Permanent

Location: Edinburgh / Alderley Park  

Working style: Hybrid 50% home/office based

Closing date: 29th April 2025

About the Role:

Are you passionate about cyber security and data protection? Do you have a knack for identifying and managing risks? If so, we have the perfect opportunity for you! As a Cyber & Data Security Risk Consultant, you will play a crucial role in advising the Board and senior management on strategic planning and decision-making. You will independently oversee and challenge the Group’s strategic and business risk profiles, provide formal independent opinions on significant risks, and monitor Group-wide risk exposures compared to risk appetite. This role operates within the 2nd line of defence in GR&C, focusing on risk management and compliance. While 2nd line experience is not essential, a background in risk management is highly beneficial.

Your responsibilities will include:

• Conducting risk-based independent assurance, facilitating risk management activities, promoting strong risk culture and behaviours, and supporting risk-related communication and management information flows across the Group
• You will also oversee processes and mechanisms to identify, record, assess, manage, and report Information and Cyber Security related risks.

About You:

• We are looking for someone with a solid understanding or willingness to gain of the Royal London Group business vision, values, and strategy, as well as the wider industry.
• Ideally a degree in Computer Science, Information Technology, or a related field.
• Experience in cybersecurity, preferably within financial services.
• You should have relevant professional certifications such as CISSP, CISM, CDPSE, CDMP, CRISC, CompTIA Security+ and GIAC Security Essentials
• Strong technical skills in cybersecurity domains such as IAM, Application and Endpoint Security, Security Operations and Incident Response.
• Experience in Data Security and Data Privacy, including knowledge of data protection regulations (e.g., GDPR, CCPA), data encryption, secure data storage, and privacy impact assessments.
• You should also have a deep understanding of Information Risk Management processes to protect information assets, maintain regulatory compliance, meet operational resilience objectives, and deliver outcomes for customers, regulators, and the business.
• Ability to work independently and as part of a team

About Royal London

We’re the UK’s largest mutual life, pensions and investment company, offering protection, long-term savings and asset management products and services.   

Our People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values; Empowered, Trustworthy, Collaborate, Achieve. 

We've always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme, Income protection and private medical insurance. You can see all our benefits here - Our Benefits  

Inclusion, diversity and belonging 

We’re an Inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected – whatever their background.