Head of Insider Risk / Insider Risk Consultant - Inside IR35 - Primarily remote - 12 months initial contract
My client, on of the largest producers of ZERO CARBON energy, are seeking a senior Head of Insider Risk to provide strategic leadership and ownership of the organisation's insider risk and insider threat capability. This role is accountable for setting the vision, policy, governance, and operating model for insider risk, ensuring full compliance with HMG requirements and alignment with industry best practice.
The role operates at a senior level, influencing across personnel security, cyber security, HR, legal, and operational leadership, and ensuring insider risk is managed holistically across multiple business units or licensees.
Key Responsibilities-
Strategic Leadership -
Own the organisation's Insider Risk strategy and long-term roadmap
Act as executive sponsor for insider risk governance and decision-making
Provide authoritative advice to senior leadership and boards on insider risk exposure
Policy & Governance -
Set and maintain Insider Risk policy aligned to:
Cabinet Office Personnel Security Policy
NPSA Insider Risk Mitigation Framework
Establish and oversee Insider Threat Mitigation Groups and governance forums
Define escalation, triage, and accountability models
Enterprise Integration -
Ensure joined-up delivery across:
Personnel Security
Cyber Security
HR
Legal and Compliance
Embed insider risk into enterprise risk management and assurance processes -
Assurance & Compliance -
Ensure compliance with HMG and regulatory expectations
Oversee assurance activity and readiness for audit or regulatory scrutiny
Monitor programme effectiveness and continuous improvement
Leadership & Culture -
Build a strong insider risk capability and risk-aware culture
Mentor specialist staff and analysts
Champion proportionate, ethical, and defensible insider risk practices
Skills & Experience -
Essential -
Senior leadership experience in insider risk, security risk, or protective security
Strong knowledge of Cabinet Office and NPSA guidance
Proven experience operating in regulated or HMG-aligned environments
Excellent stakeholder management at executive level
Desirable -
Experience in CNI, nuclear, defence, or highly regulated sectors.
Background in personnel security, intelligence, or enterprise risk