Salary
Salary: £45,272 to £56,844 Per Annum (Dependent on Skills & Experience)
Hours
Hours: Full Time (Flexible Working)
Contract Type
Contract Type: Open Ended (Compressed Hours & Flexible Working Available)
Location
Location: Keyworth, Nottingham or Polaris House, Swindon (Hybrid Working)
Band
Band: UKRI Band E
Closing Date
Closing Date: Sunday 26 October 2025
Step into the world where cutting-edge science meets robust information security. Protect the technology that powers groundbreaking discoveries and be part of the team that safeguards the future of Big Science. You will collaborate with leading engineers, researchers, and technologists to tackle the most pressing security challenges in a fast-paced, innovative environment. Every day offers the chance to defend vital data and systems, ensuring that the pursuit of scientific excellence continues securely and seamlessly.
Discover the difference you can make when you bring your expertise in information security to an organisation at the forefront of global research—working alongside some of the brightest minds and most advanced facilities in the world.
Security
As a minimum, due to the nature of this role, candidates must be eligible for clearance in line with UK National vetting guidelines and willing to undertake the process. Please indicate eligibility in the written submission. Candidates not meeting this level of clearance will not be considered.
The level of clearance required is security check.
Job Overview
The UKRI CIO Group plays a pivotal role in managing and optimising the organisation’s critical enterprise technical services that underpin and enable UKRI’s business capabilities. Within the group a team of Information Security Professionals support the delivery of modern, secure, resilient and scalable services across a larger federated team of Digital, Data and Technology professionals to deliver impact across the organisation and the wider UK research and innovation system.
Join us for this rare opportunity to apply your expertise in information security in a dynamic, fast-paced security operational and strategic role in an organisation at the heart of research and innovation in the UK. Working as part of a team of technical specialists, your broad remit is to ensure the security and integrity of the organisation's IT infrastructure. You will work closely with development, operations, architecture and security teams to implement and maintain secure systems and protocols, monitor for security threats, respond to incidents, and continuously improve the security posture.
Key Responsibilities
* Work collaboratively across the organisation to identify, assess, and mitigate risks, ensuring security policies and processes align with organisational objectives and regulatory requirements.
* Advise stakeholders and implement effective security solutions, providing oversight for vulnerability assessments, remediation activities, and technical control evaluations.
* Promote a culture of security by participating in awareness programs, supporting internal and external audits, and assisting in the development of policy, standards, and procedures.
* Lead the collection, analysis, and presentation of InfoSec performance metrics, and prepare briefings for senior leaders on studies and plans.
* Analyse data from security assessment tools and systems, identify process inefficiencies, and contribute innovative solutions to improve security and efficiency across projects and initiatives.
Personal Specification
The below criteria will be scored during Shortlisting (S), Interview (I) or both (S&I).
Essential
* A professional certification (e.g., CISM, CISSP, CompTIA Security+, CCSP or AWS certification).
* Degree in a related subject or relevant comparable education.
* Solid experience with risk assessment methodologies and vulnerability management processes, including relevant tooling. (S&I)
* Excellent analytical, problem-solving, and decision-making skills, with strong attention to detail. (I)
* Proficient in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I)
* Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I)
* Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I)
* Comprehensive understanding of information security management concepts. (S&I)
Desirable
* Demonstratable success in security service contracting and supplier management (S&I)
* Demonstratable leadership and mentoring experience in managing security professionals, with proven people management skills and potential for further development. (S&I)
* Effective management of security projects and initiatives. (S&I)
* Proficient in cloud platform security and knowledgeable in IT networking principles. (S&I)
* Strong understanding of security architecture principles and processes. (S&I)
Application Guidance
You are encouraged to use the STAR method (Situation, Task, Action, Result) in the cover letter to evidence your ability to meet the ‘person specification’ criteria in the job description. Cover letters should be no more than two sides of A4 (minimum font size 11).
For examples of the STAR method, please visit the STAR method resources (information not provided in this description).
Behaviours
We’ll assess you against these behaviours during the selection process:
* Managing a quality service
* Changing and improving
* Delivering at pace
* Seeing the Big Picture
Selection Process Details
Stage 0 – Pre-Application If you would like to find out more about the role we encourage prospective applicants to get in touch to discuss the opportunity.
Stage 1 – Written Submission
Candidates will need to submit a written application which consists of 2 parts:
* A CV – this should contain your work experience and any skills, qualifications and accomplishments relevant to the jobs you have completed based on the shortlisting criteria.
* A personal statement (max. 1000 words) - this statement should be used to provide examples of how you meet the essential criteria listed in the shortlisting criteria.
Applications will be reviewed for suitability and shortlisted against the criteria detailed in the shortlisting criteria section of the job description.
Stage 2 – Interview
Applicants who are successful at stage 1 will be invited to interview. The interview will generally be 1 hour in length. The interview will consist of competency-based questions. A presentation will be required.
Stage 3 – Outcome
The panel outcome is decided and the successful candidate will be offered verbally first, followed by a formal offer letter.
Benefits
We recognise and value our employees as individuals and aim to provide a favourable pay and rewards package. We are committed to supporting employees' development and promote a culture of continuous learning.
A list of benefits below:
* An outstanding defined benefit pension scheme
* 30 days' annual leave in addition to 10.5 public and privilege days (full time equivalent)
* Employee discounts and offers on retail and leisure activities
* Employee assistance programme, providing confidential help and advice
* Flexible working options
Plus many more benefits and wellbeing initiatives that enable our employees to have a great work life balance. For further information on our benefits please see the benefits overview (text omitted in this description).
Note: Sponsorship information is provided for applicants who require it; see the Home Office guidance for details.
UKRI is an Equal Opportunity & Disability Confident Employer. Please apply online, to whom issues arise please contact recruitment@ukri.org
#J-18808-Ljbffr