+44 (0) 20 3119 3333 (8:30am - 6pm UK office hours)
Risk management is a large, wide-ranging profession, and is integral to a variety of cyber security industry sectors. The routes to gaining a risk management role will therefore vary according to the type of role you are interested in, and the business sector in which it is based.
First and foremost, however, there are some qualities which are generally desirable in any risk management professional. These include:
– The ability to analyse data of all kinds and spot trends or interesting irregularities
– Close attention to detail
– A talent for statistics
– Numeracy skills
– The ability to stay calm under pressure
– Excellent planning skills
– The ability to communicate complex technical matters in a straightforward manner
– High-class documentation skills
Applicants should also have great people skills – an ability to get on with employees at all levels of an organisation. They need to understand why you are there
Financial Sector Risk Management (including Insurance)
“identify and analyse the areas of potential risk threatening the assets, earning capacity or success of organisations in the industrial, commercial or public sector.”
In terms of education, an undergraduate degree or HND in a broadly technical subject would be a great starting point. Degrees in subjects such as Finance, Insurance, Mathematics, Statistics, and Risk Management itself are all worth considering.
Meanwhile, it might be possible to specialise in training on the job, in order to gain a certificate such as the widely recognised and highly respected CFA (Chartered Financial Analyst). The CFA curriculum is very thorough, but has a continuing emphasis on the tools and methods used by financial analysts, particularly regarding asset valuation.
IT risk management is an area which is inextricably linked with IT governance in its broadest sense, touching upon subjects such as data protection, business continuity, and disaster recovery. It also ensures adherence to international standards, particularly ISO 27005. Numerous qualifications and certifications may provide candidates with a good entry into a risk management vacancy. These could include, for example, a degree in computer science, with perhaps a Masters specialising in information security or risk management. However, one of the gold-standard certificates is undoubtedly the CRISC (Certified in Risk and Information Systems Control) from the ISACA Institute (Information Systems Audit and Control Association). The CRISC, it could be argued, is equivalent to a CISSP (Certified Information Systems Security Professional) in the IT security arena in terms of its attractiveness on a risk management CV.
Finally, there is another risk management area known as enterprise risk management (ERM), which is increasingly finding favour in corporations. ERM takes a more generic view of risk across multiple areas of an organisation (such as finance and insurance, health and safety, IT) and ties them together into one role, sometimes known as Chief Risk Officer. For this sort of senior role, it might be experience that wins the day – the demonstration of a broad knowledge of the risk arena, with plenty of examples of past achievements across a range of employers.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?
Log inWant to have an account with us?
RegisterWant to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.
