Public Sector Organisation – Risk Function
Permanent | Full-time
Locations: Multiple UK locations (including London, North West, North East, and Scotland)
Hybrid working: Approximately 40% office-based per month
About the Organisation
This public sector organisation is one of the UK’s largest savings and financial services providers, supporting millions of customers and managing over £200bn in customer investments. It operates at national scale, delivering critical services with a strong public purpose.
The organisation offers flexible working, a supportive culture, and excellent opportunities for professional development.
The Role
We are seeking an experienced Cyber Security Manager to join the Risk function. The role supports senior cyber leadership by providing assurance that third-party service providers operate effective cyber security control environments.
You will act as the primary cyber security contact for key suppliers, working closely with senior stakeholders to ensure cyber risks are identified, managed, and reduced to acceptable levels.
Key Responsibilities
* Provide cyber security assurance over third‑party and outsourced service providers
* Hold suppliers to account through governance, performance reporting, and assurance activity
* Conduct cyber security risk assessments and develop mitigation plans aligned to business objectives
* Review evidence against recognised standards such as NIST CSF and ISO27001
* Oversee security incident response, vulnerability management, and post‑incident analysis
* Communicate complex cyber risks clearly to senior technical and non‑technical stakeholders
* Extensive experience in cyber security assurance, risk management, and supplier oversight
* Strong understanding of cloud environments and modern security architectures
* Experience with enterprise security tooling (e.g. SIEM, SOAR, IAM, DLP, vulnerability management)
* Proven ability to present cyber risk and assurance findings to senior stakeholders
* Essential certification: CISSP or CISM
* Ability to obtain Security Check (SC) clearance
* Security architecture or application security assurance
* SOC design or assurance oversight
* Penetration testing and vulnerability remediation management
* Threat intelligence and threat modelling
#J-18808-Ljbffr