Risk and compliance roles have always been crucial to business operations. But this back-office function has risen - along with cybersecurity - to become one of the fastest-growing and rapidly evolving functions in business.
A surge in new roles and demand has created a wealth of opportunities for professionals to rise to the top of their fields and increase their value. Our recruitment experts share insights based on new field data.
Why risk and compliance are more vital than ever
In 2025, Marks & Spencer, Co-op, and Jaguar Land Rover were targeted by cyberattacks, proving that even well-resourced businesses are vulnerable. The losses weren’t just financial—they’re reputational and point to operational failures. With the proliferation of AI comes a new era of sophisticated cyber threats that businesses and their people simply aren’t equipped to handle.
Read more: Top 6 takeaways from Cybersecurity Awareness Month
The response in the hiring market has been immediate. Employers are now scrambling to invest in risk, compliance, and security talent, prompting salary premiums, the expansion and invention of roles, and a rapid rise in demand. Tech adoption has intertwined IT and cyber roles with risk and compliance, creating a symbiotic partnership now essential to business resilience. A good working knowledge of both will serve professionals in either realm.
Recruitment trends in risk and compliance for 2026
Tech and IT
According to new data gathered for Robert Half, cybersecurity is the main functional area in IT and technology that UK businesses are likely to hire for in H1 of 2026.
At 44%, it far outstrips any other area in the sector, further proving the idea that cybersecurity is now a strategic priority rather than a ‘nice to have.’
According to the Robert Half 2026 Salary Guide, cybersecurity ranked among the top five skills that professionals are actively trying to improve, and it ranked as the top skill employers are prepared to pay a premium for when hiring or negotiating pay.
Read: 2026 Robert Half Salary Guide
Legal
The top functional areas UK businesses are likely to hire for in 2026 within the legal sector are risk management/enterprise risk management (33%), followed by data privacy and data protection (28%), and compliance (27%).
IT/technology law (27%) also ranked within the top five functional areas for the year, further supporting the idea that employers have turned their full attention to business resilience.
Emerging risk and compliance jobs
An evolving threat landscape, combined with rapid tech adoption and increased regulatory pressure, has reshaped hiring in risk and compliance. Alongside more traditional roles, we’re now seeing an influx of demand for professionals who sit closer to operations, front-of-office, and technology functions.
Demand for third-party risk management is rising as organisations attempt to mitigate regulators’ heightened focus on operational resilience, exit strategies, and dependency mapping. As reliance on external providers increases, organisations will want support from professionals who are adept at designing and embedding robust TPRM frameworks, running resilience testing, and safeguarding critical services. First line of defence (1LOD) risk and control roles are also emerging to support improved process design and enhanced control environments.
Financial crime remains a major hiring priority, with strong demand for roles focused on sanctions compliance, KYC uplift programmes, transaction monitoring, and onboarding automation. We’re also seeing an uptick in organisations recruiting for semi-independent 1.5-line-of-defence functions to strengthen oversight while maintaining operational efficiency.
The uptick in intelligent automation has created new AI and data-led transformation roles aimed at reducing manual intervention and improving governance over automated decision-making. Finally, increased trading volumes and regulatory scrutiny are now driving demand for front-office trade compliance professionals to address alert backlogs and real-time surveillance across asset classes.
Exploring the salary premiums on offer
UK employers have begun offering above‑market salary premiums for governance, threat intelligence, security architecture, and compliance jobs to attract core talent and fill gaps in today’s competitive hiring market. No other region showcases this remuneration trend more clearly than London.
Operational Risk Manager salaries have increased by 11.1% in London, rising from £75,375 to £83,750 year on year. The increases in legal salaries are aggressive, yet nothing compared to those in cybersecurity. According to our data, salaries for Chief Information Security Officers increased by 14.2%, climbing from an average of £150,250 in 2025 to £171,625 in 2026.
The driving force behind many of these aggressive salary increases in London is the need to build a strong foundation of trust amid a tighter regulatory landscape and geopolitical risks. With demand for talent outstripping supply, especially for leadership positions, top performers in risk, compliance, and cybersecurity can command higher salaries and better benefits in this highly competitive market.
