×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant

Information Security Consultant

Job in City of Westminster, Central London, Greater London, England, UK
Listing for: European Bank for Reconstruction and Development
Full Time position
Listed on 2026-03-11
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: City of Westminster

Supporting the AD, Senior Risk Officer, Information Security, in the management and technical aspects of Information Security (IS) across the EBRD; the Information Security Consultant will be responsible for helping to deliver key IS (and Cybersecurity) projects and performing risk identification and mitigation activities.

Responsibilities
  • Identify, mitigate and manage IS and Cybersecurity risks posed to the EBRD and its clients.
  • Provide independent IS and Cybersecurity oversight, technical assessment and consultancy in accordance with good practice, including:
    • Data Leakage
    • Training and Awareness
    • Ethical Hacking
    • Third Party Risk Management
  • Assess and advise on technical risk mitigation measures, review identified risks, analyse security incidents and communicate risk mitigation actions, plans and activities to management and peers for strategic decision‑making.
  • Act as the primary Subject Matter Expert (SME) for Risk Management on Cybersecurity oversight and assurance, supporting senior management to take informed decisions around IS risks.
  • Work closely with the IT Department on technical aspects of IS and Cybersecurity risk, providing challenge and solution/remediation design contributions.
  • Pro‑actively encourage "good" IS practice across the Bank, as embodied in ISO
    27001 and NIST.
  • Author IS policies and procedures.
Background

This role sits within the Operational Risk Management (ORM) team, with ORM within the wider Risk Management department. They are the "second line of defence" within a three‑line of defence model. ORM consists of three pillars, of which IS and Personal Data Protection is one pillar (OpRisk and Internal Controls Framework (ICF) being the other two). ORM is responsible for managing key operational risks, including IS and ensuring these risks are identified, assessed, and remediated effectively.

This includes performing risk assessments and reporting the risks (and remediation plans) to the EBRD's Risk and Executive Committees. The IS element of ORM is the Bank's second line of defence, and is responsible for the independent identification, reporting and mitigation of operational IS risks. The Information Security Consultant supports the AD, Senior Risk Officer and ORM Director in Bank‑wide risk mitigation and provides support and advice to departments across the Bank, MD Risk Management, the CRO and Risk Com.

Facts

/ Scale
  • Bank‑wide – The scope covers all key areas of the Bank and all management levels; engagement with key stakeholders and departments including Information Technology (where they leverage IT resources – technical experts, project managers and application specialists), Legal, Compliance, Human Resources as well as key front‑line business areas.
  • Building and maintaining relationships with key contacts Bank‑wide and all levels. Maintaining relationship with suppliers, external consultancies and consultants that provide specialist and BAU services to the Bank.
  • No direct reports but will be required to manage external resources and staff (consultants, consultancies and suppliers) to deliver IS projects; has use of Senior Officer for some support.
Accountabilities & Responsibilities
  • Project manage elements of the Bank's Business‑As‑Usual (BAU) activities including but not limited to:
    • Cybersecurity Programme Assurance
    • Red and Purple Team Assessments
    • Social Engineering and Training and Awareness
    • Information Classification
    • Dark‑Web and Disinformation
  • Perform detailed risk assessments of the Bank's information assets and IT Facilities using industry accepted methodologies.
  • Design and undertake risk assessments related to the Bank's Cybersecurity Resilience Programme.
  • Be familiar with security frameworks, compliance requirements and security operations.
  • Undertake Business Impact Assessments and Information Security risk assessments across the business, identifying risks, deficiencies, improvements and requirements in technical controls, with regulatory, statutory and contractual compliance requirements.
  • Be accountable for compliance to regulatory, statutory and contractual Information Security requirements to internationally recognised standards.
  • Track risk mitigation actions, in accordance…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search