Risk Specialist

WPP is the trusted growth partner for the world’s leading brands. 

We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. 
 
We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.
 
Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. 
 
For more information, visit WPP.com.
 

Why we're hiring:

We are looking to hire an individual that will own the identification, assessment, documentation and monitoring of digital and information security risks across WPP, ensuring risks are clearly articulated, consistently assessed and effectively tracked.

What you'll be doing

Risk Assessment & Management

• Conduct enterprise and operational security risk assessments.
• Ensure risk statements, impact and likelihood justifications are clear and defensible.
• Maintain accurate and current risk records within approved GRC tooling.

Risk Management

• Conduct organisational-level, third-party or product risk assessments to identify technical, process and/or procedural vulnerabilities and recommend mitigation strategies.
• Support the implementation of WPP’s Digital Security risk management framework, ensuring alignment with organisational goals.
• Monitor and report on Key Risk Indicators (KRIs) to provide insights into WPP’s cybersecurity posture.

Risk Treatment & Monitoring

• Support risk owners in defining proportionate mitigation actions.
• Track remediation progress and reassess residual risk.
• Escalate material risk changes or overdue actions.

What you'll need:

Essential:

• Fluent English (reading, writing, and conversation).
• Bachelor’s degree in Information Security, Risk Management, or equivalent
• Experience in cybersecurity governance, GRC, or risk support roles.
• Strong understanding of cybersecurity policies, standards, and frameworks (e.g. ISO 27001, NIST CSF).
• Ability to work with governance, assurance, and technical teams to maintain clear and usable frameworks.
• Strong written communication skills, with high attention to accuracy and consistency.
• Foundational understanding of cloud computing models (IaaS, PaaS, SaaS) and associated security risks.
• Awareness of common cyber risk scenarios related to cloud platforms, SaaS environments, identity, and third-party integrations.
• Exposure to emerging technology risks, such as AI-enabled systems, automation, and digital transformation initiatives.
• Ability to assess risks across modern, distributed technology environments.
• Foundational understanding of DevSecOps principles and secure-by-design approaches within modern software development lifecycles.
• Ability to elevate the role to value-driven cyber risk management

Nice - to- have

• Certifications such as CISSP, CISM, or CRISC.
• Familiarity with GRC tools and risk management platforms.
• Working knowledge of agile methodologies.
• Experience in multinational, multicultural and matrixed companies.

Key Behaviours  & Competencies

• Proactive Problem-Solving: Anticipates challenges in governance and compliance activities and develops effective solutions.
• Collaborative: Builds strong relationships across teams (e.g., Legal, Enterprise Technology) to ensure alignment and efficiency.
• Detail-Oriented: Ensures accuracy and consistency in governance documentation, role definitions, and standards.
• Adaptable: Thrives in a fast-paced environment and adjusts quickly to changing priorities or regulatory requirements.
• Ethical Integrity: Maintains high ethical standards, ensuring compliance with policies and safeguarding WPP’s reputation.
• Analytical Thinking: Demonstrates strong analytical skills to interpret complex data and identify actionable insights.
• Communication Skills: Clearly articulates findings, recommendations, and technical concepts to non-technical stakeholders.
• Structured & Methodical: Applies a disciplined approach to governance maintenance and change control.
• Collaborative: Works effectively with Strategy & Risk, TSG, Assurance, and Legal to support the governance lifecycle.

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

What we'll give you:

Passionate, inspired people – We aim to create a culture in which people can do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?

#LI-Hybrid 

We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.

WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.

Please read our Privacy Notice (https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment) for more information on how we process the information you provide.