Security Risk Specialist -LLM's

Location: London
Department: Security Risk Management
Reports to: Head of Security Risk Management & Assurance Inside IR35
Two Days in London

Must have LLM's

Overview

A leading technology‑driven organisation is seeking a Security Risk Specialist to support the design, implementation, and continuous improvement of its security risk management framework. This role will work across a variety of security risk activities, contributing directly to the organisation's overall security posture and the maturity of its risk function.

This position is well‑suited to a pragmatic, motivated individual with strong experience in security risk management and an interest in modern risk practices, automation, and responsible use of AI technologies.

---

Key Responsibilities

• Operate and enhance the organisation's security risk management framework in alignment with business objectives, industry standards, regulatory requirements, and stakeholder expectations
• Conduct security risk assessments and support the development of risk mitigation recommendations and tailored treatment strategies
• Analyse and optimise existing risk management processes, identifying gaps and opportunities for improvement, including automation and tooling
• Collaborate with cross‑functional teams to embed security risk management processes and advise on risks, controls, and best practices within relevant business contexts
• Produce, track, and improve security risk metrics and reporting to strengthen visibility and decision‑making
• Contribute to the development and refinement of security awareness and risk management training materials

---

Requirements

Candidates should have:

• Hands‑on experience in security risk management within a fast‑paced organisation, ideally within the technology or regulated sectors
• Experience designing, implementing, and improving processes and procedures for security risk management
• Experience conducting security risk assessments in cloud environments
• Understanding of technologies and operational practices used by modern agile organisations
• Experience defining, using, and enhancing security metrics and risk reporting
• Ability to engage effectively with both technical and non‑technical stakeholders across the business
• Familiarity with standards such as PCI‑DSS, NIST SP800‑53, NIST CSF, ISO 27001, and SOC 2
• Practical experience using Large Language Models (LLMs) inday‑to‑day security risk management activities, including:
  • Accelerating risk analysis and documentation
  • Supporting control gap analysis and evidence reviews
  • Assisting with the development of policies, standards, and procedures
  • Enhancing reporting, insights, and stakeholder communication
• Ability to identify opportunities to responsibly apply automation and AI/LLMs to improve efficiency, consistency, and scalability

---

Preferred

• A blend of consulting and in‑house industry experience
• Experience implementing enterprise‑grade integrated risk management or GRC solutions
• Professional certifications such as CISM, CRISC, CISA, CISSP

Please send me a copy of your CV if you meet the requirements