DESCRIPTION

WTW are seeking a highly skilled and experienced Technology and Cyber Risk Analytics Subject Matter Expert (SME) to lead and support the development, execution, and continuous improvement of our risk and control analytics capabilities. This role is pivotal in enhancing our understanding of technology and cyber risks through data-driven insights, supporting risk identification, assessment, and treatment activities across the enterprise.
The ideal candidate will have expertise in risk and control environments, strong analytical acumen, and a solid understanding of technology and cyber security frameworks. You will work closely with global stakeholders to ensure that risk data is accurately captured, analyzed, and reported to support informed decision-making and effective risk management. This role is based in London and follows a hybrid work model, requiring travel to the London office when needed.

THE REQUIREMENTS:

Skills:

• Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments.
• Deep understanding of IT general controls, cyber security principles, and technology risk domains.
• Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools).
• Familiarity with GRC platforms and risk data management practices.
• Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment.
• Ability to interpret complex technical data and translate it into actionable business insights.
• Excellent communication and stakeholder engagement skills.
• Strong organizational skills and attention to detail.
• Ability to assess and manage information security risks effectively.
• Detail-oriented and capable of delivering at a high level of accuracy.
• Able to interpret & present data and information in the appropriate format for different audiences.

Qualifications:

• Educated to degree level or equivalent.
• Hold professional qualifications in a related subject for example, CRISC, CISSP, CISM, CISA
• Strong proven working experience in technology or cyber risk management role with a focus on analytics and controls
• Experience of working within a global financial organization.

Behaviors:

• Resourcefulness and organizational agility
• Global team player with good interpersonal and influencing skills.
• Conflict management resolution (options analysis)
• Customer focus, integrity and trust
• Personal learning & development

This role will support the ongoing operations of WTW Technology and Cyber Risk and Controls & Regulatory engagement function in:

• Lead the design and execution of analytics to support risk identification, assessment, and treatment across technology and cyber domains.
• Collaborate with risk and control owners to develop and maintain risk metrics, dashboards, and reporting tools.
• Analyze control effectiveness and risk trends to identify emerging threats and areas for control enhancement.
• Provide expert guidance on the interpretation of risk data and the development of remediation strategies.
• Support the execution of risk assessments (both planned and ad-hoc), leveraging data insights to inform outcomes.
• Develop and maintain strong relationships with stakeholders across all three lines of defense.
• Contribute to the evolution of the Technology and Cyber Risk and Control Framework through data-driven insights.
• Ensure alignment of analytics activities with regulatory expectations and internal governance standards.
• Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities.