Overview
The organisation is strengthening security capability across the business. This role forms part of a growing Cyber function, embedding and maintaining an assurance and response function to protect services and customer data. It supports the Data Strategy to make the Agency evidence-based and data-driven while ensuring appropriate security of services and data. You will work with the wider Security function and Service Owners, and with multi-disciplinary teams to ensure security is built into the service development lifecycle and strategic planning. You will provide the consolidated risk picture for the Products within the Service and recommend risk acceptance in line with defined risk appetites. You will lead a small service group of security professionals supporting assurance and engaging with Enterprise Architecture processes to influence pattern adoption.
Location: Birmingham, Bristol, Leeds, Newcastle-upon-Tyne, Nottingham, Oldham, Swansea
Salary: Up to £80,400 per annum
Vacancy Type: Permanent
Closing Date: 21st September 2025
Responsibilities
* Lead and undertake risk management activities against complex or novel scenarios, applying fundamental risk management principles and leading regulatory or legislative compliance activities.
* Guide and direct specialist activities, promote development in applicable skills, provide leadership to other risk managers, and share best practice across government, the public sector, and industry.
* Lead the analysis and derivation of complex security needs.
* Lead Cyber Security related risk assessments and other expert risk management activities, including guidance on establishing governance arrangements.
* Provide guidance to ensure ongoing confidence that fundamental organisational security needs are met, integrating a range of assurance approaches to give continued confidence to risk, service or system owners.
* Shape leadership decision-making through: effective reporting and communication on security processes, providing recommendations to complex problems, and acting as an SME for complex cyber risk management concerns.
Qualifications/Licenses
* A Chartered Cyber Professional or be willing to work towards becoming Chartered.
* Demonstrate experience in cloud security across at least one platform of AWS or Azure and be willing to undertake formal training and certifications in this area.
Required experience
As a Principal Cyber Risk Manager you are inquisitive and understand the context of the full service and product suite you support. You work in a matrix team with roles such as developers, user experience and service design, business analysis to bring a rounded approach to a Service. You are skilled at making evidenced-based recommendations to Service Owners and Senior Security Leadership around the level of security risk managed within each Product. You enjoy learning about new technology. You are part of a wider Security profession and support its development through a leadership role, bringing strategic influence to local Services and Products.
Benefits
* Employer pension contribution of 28.97% of your salary.
* 25 days annual leave, increasing by 1 day per year of service (up to 30 days).
* 8 Bank Holidays plus an additional Privilege Day for the King’s birthday.
* Access to the staff discount portal.
* Career development opportunities and potential to undertake professional qualifications paid for by the department, such as CIPD, Prince2, apprenticeships, etc.
* Joining a diverse and inclusive workforce with staff communities to support colleagues.
* 24-hour Employee Assistance Programme with free confidential help and advice.
* Flexible working options supporting work-life balance.
To Apply
If you are a suitable candidate, please click apply to be redirected to the organisation’s website to complete your application.
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Finance and Sales
Industries
* Advertising Services
#J-18808-Ljbffr