The Senior Security Policy and Standards Manager will play a pivotal role in shaping, governing, and enabling security across DWP.
Operating in a dynamic, highly reactive environment, the role ensures that security policy keeps pace with organisational priorities and supports the DWP 2030 strategy, while maintaining proportionate, risk‑based controls that protect the department’s people, services, and data.
This is a role that requires effective decision‑making skills, confident interpretation of complex issues, and the ability to respond at speed to new policy demands, emerging risks, and operational challenges. As a senior manager, you will lead the development, maintenance, and continuous improvement of security policies and standards, ensuring they remain relevant and adaptable in a rapidly changing technology and threat landscape.
A key part of the role is providing clear, authoritative advice to senior leaders, programme teams, and operational colleagues. You will act as a strategic partner—translating security needs into practical, proportionate requirements, and ensuring that work within DWP can progress quickly and confidently.
Collaboration and an ability to influence are essential. You will work closely with architects, cyber‑security specialists, operational colleagues, and senior stakeholders to embed a shared understanding of risk and secure‑by‑design principles.
Ultimately, the Senior Security Policy and Standards Manager ensures that DWP can move at pace—innovating, transforming, and preparing for 2030—while maintaining a strong and evidence‑based security posture.
* Develop, deliver and maintain a framework of security policies and standards that support DWP objectives.
* Develop and manage the security policy and standards governance process to ensure the policy and standards portfolio continues to meet current and emerging business needs, priorities and best practice, and are updated as threats evolve based on horizon scanning.
* Working with subject matter experts and domains, such as security architects and security assurance teams to ensure policies and standards accurately reflect known threats.
* Developing and drafting new security policies and standards as and when required.
* Ensure the Departmental security policy portfolio complies with security obligations, statutory requirements, industry developments, best practice and standards, as well as legal obligations such as the Data Protection Act, Computer Misuse Act, and Freedom of Information Act, and ISO27001/2, NIST CSF, HMG Policy Framework (SPF), HMG Functional Standards and Cabinet Office Directives.
* Provide advice and support to the business on security policy matters.
* Managing individuals within the team, supporting their development and capability within the security profession.
#J-18808-Ljbffr