Senior Cyber Security Risk Manager

The Cyber Security Risk Management drives first line risk management across DWP Digital, providing a clear, consistent, and proportionate view of cyber security risk across digital services, enabling informed risk-based decision making and secure delivery. The role identifies, assesses, and supports the treatment of cyber security risks through a controls driven approach aligned to organisational standards, frameworks and ever evolving threat landscape.

Working collaboratively with delivery teams, technical specialists, and senior stakeholders, cyber security risk managers undertake analysis on control effectiveness, translates technical vulnerabilities and gaps into meaningful risk insight, and ensures risks are understood within the context of the business delivery. It supports delivery teams in meeting security requirements, particularly around design, testing, and monitoring, while providing constructive challenge where solutions do not align with strategic direction or reusable components. The role underpins effective governance, remediation, supporting proportionate, risk informed decisions across products, programmes, and operational services.

The Cyber security Risk Manager role provides effective security risk expertise, advice and support for business managers, Senior Risk Owners, and the Executive Team within DWP., * Using evidence, knowledge, and experience to support accurate, expert decisions and advice. Carefully consider alternative options, implications, and risks of decisions. Enabling the prioritisation and delivery of solutions with appropriate security controls to mitigate Cyber Security Risks through a structured risk management process.

• To ensure proportionate, risk-informed decisions about current and future security investments to protect the Department's assets and improve the Department's security risk posture.
• Manage and support Digital's Cybersecurity risk management lifecycle through the delivery 1st line risk identification, assessment, remediation, and treatment of risks.
• Identify controls and make recommendations to address security vulnerabilities and control weaknesses in products, projects, and programmes, working with product owners and Subject Matter Experts to enable them to make well informed risk-based decisions whilst leading and influencing the management of tactical and strategic risks.
• Work closely with Security & Data Protection and other internal and external stakeholders, to ensure Cyber Security threats, vulnerabilities, and opportunities with the potential to impact or improve resilience of Digital IT Infrastructure are identified; or reported appropriately.
• Research and evaluate business processes in alignment to known/emerging security risks and controls to ensure expert advice is provided.

Are you a Cyber Security Risk Analyst with hands on technical experience working in a large-scale organisation?, Disability Confident About Disability Confident A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to .