As the Cyber Security Risk Manager within HMRC’s Enterprise Cloud Services (ECS), you’ll be a central figure in driving security excellence. Acting as the first point of contact for all internal ECS security queries, advice, and guidance, you’ll also lead vulnerability assessments across ECS products, ensuring risks are identified, communicated, and addressed effectively.
You’ll play a hands-on role in shaping ECS security policies, supporting penetration testing, and guiding teams on secure service delivery. With a deep understanding of security and risk management, you’ll use evidence, data, and experience to make well-informed decisions that protect HMRC’s cloud infrastructure.
Key Responsibilities:
• Serve as the primary contact for ECS security advice, guidance, and support.
• Lead the review, assessment, and reporting of vulnerabilities in ECS products.
• Support penetration testing activities and advise on ECS service request risks.
• Develop and maintain ECS-specific security policies and procedures.
• Monitor compliance with governance controls and produce Risk Treatment Plans.
• Report and manage security incidents in line with HMRC and ECS procedures.
• Support internal and external audits
Person specification
We’re looking for a motivated self-starter who thrives both independently and as part of a small team. You’ll have a strong technical background in security and be able to mentor others, translating complex security concepts into clear guidance for a range of stakeholders.
#J-18808-Ljbffr