Skip to main content

This job has expired

You will need to login before you can apply for a job.

Cyber Security Risk Manager

Wood Mackenzie
Edinburgh, City of Edinburgh, United Kingdom
Closing date
17 Jun 2024

View more

In the middle of the energy transition, businesses and governments are faced with significant challenges. But the pace and scale of change mean every decision is made under mounting pressure. Now, more than ever, companies need reliable data, analytics and actionable insight.

Wood Mackenzie is the leading global provider of data and analytics solutions for the renewables, energy and natural resources sectors.

Wood Mackenzie's services include data, analytics, insight, events and consultancy. A trusted partner for over 50 years, Wood Mackenzie's team has over 2,300 experts across more than 30 global locations who cover the entire supply chain.

Wood Mackenzie Values
  • Inclusive - we succeed together
  • Trusting - we choose to trust each other
  • Customer committed - we put customers at the heart of our decisions
  • Future Focused - we accelerate change
  • Curious - we turn knowledge into action

Company Description

Wood Mackenzie are the global research, analytics, and consultancy business powering the natural resources industry. For 50 years, we have been providing the quality data, analytics, and insights our customers rely on to inspire their decision making.

Our dedicated oil, gas & LNG, power & renewables, chemicals, metals & mining sector teams are located around the world and deliver a variety of projects based on our assessment and valuation of thousands of individual assets, companies, and economic indicators such as market supply, demand, and price trends.

Job Description

We are seeking a highly skilled and strategic-minded Cyber Security Risk Manager to join our dynamic team. In this role, you will play a key part in identifying, assessing, and mitigating cyber security risks to protect our organization's assets and information.

As a Cyber Security Risk Manager, you will be responsible for developing and implementing an effective cyber security risk management program. This includes identifying and evaluating potential threats, assessing vulnerabilities, and implementing strategies to minimize risk exposure. The ideal candidate will have a strong background in cyber security, risk management methodologies, and the ability to collaborate with various teams to ensure a robust security posture.

Key Responsibilities:
  • Develop and implement a comprehensive cyber security risk management program to identify, assess, and prioritize cyber threats and vulnerabilities
  • Conduct regular risk assessments and vulnerability assessments, considering emerging cyber threats and industry best practices.
  • Collaborate with cross-functional teams to establish risk tolerance levels and ensure alignment with organizational objectives.
  • Analyze and interpret cyber security data to provide insights into potential risks and recommend appropriate mitigation strategies.
  • Develop and maintain risk assessment documentation, including risk registers, impact analyses, and risk treatment plans.
  • Communicate effectively with stakeholders, including executives, to present risk findings, potential impacts, and recommended risk mitigation strategies.
  • Stay current with industry trends, emerging threats, and best practices in cyber security and risk management.
  • Lead the development of key risk indicators (KRIs) and key performance indicators (KPIs) to monitor and measure the effectiveness of the risk management program.
  • Provide guidance to project teams to integrate risk management practices into the project life cycle.
  • Collaborate with internal and external partners to enhance the organization's cyber resilience and incident response capabilities.


  • Bachelor's degree in Cyber Security, Information Technology, or a related field. Advanced certifications (CRISC, CISM, CISSP) are highly desirable.
  • Proven experience (5+ years) in a cyber security risk management role, demonstrating a strong understanding of risk assessment methodologies.
  • Experience with ServiceNow GRC is a plus.
  • In-depth knowledge of cyber security principles, frameworks, and best practices.
  • Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks.
  • Strong communication and interpersonal skills to effectively convey complex technical concepts to non-technical stakeholders.
  • Experience with risk assessment tools and methodologies.
  • Familiarity with relevant regulations and compliance standards (ISO 27001, SOC2, NIST, GDPR, etc.).

Additional Information

  • We are a hybrid working company and the successful applicant will be expected to be physically present in the office at least 2 days per week to foster and contribute to a collaborative environment, but this may be subject to change in the future
  • Due to the global nature of the team, a degree of flexible working will be required to accommodate different time zones

Wood Mackenzie Values
  • Inclusive - we succeed together
  • Trusting - we choose to trust each other
  • Customer committed - we put customers at the heart of our decisions
  • Future Focused - we accelerate change
  • Curious - we turn knowledge into action

Equal Opportunities

We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex, national origin, disability or protected veteran status. You can find out more about your rights under the law at

If you are applying for a role and have a physical or mental disability, we will support you with your application or through the hiring process.

Find out more at

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert