Lead Cyber Security Risk Manager

Posting date:	13 June 2025
Salary:	£60,300 to £70,730 per year
Additional salary information:	National Min £60,300 - Max £66,330 London Min £64,300 - Max £70,730 New entrants to the Civil Service will start their role on the salary band minimum: £60,300 for National Roles. £64,300 for London Roles. You may be eligible for an additional non-pensio
Hours:	Full time
Closing date:	25 June 2025
Location:	Liverpool
Company:	Government Recruitment Service
Job type:	Permanent
Job reference:	410123/3

Summary

Are you ready to join an expert team of cyber professionals, committed to reducing the exposure to cyber-attack of new and existing digital systems?

Will you join us to help embed robust governance, risk management and compliance practices across the Home Office?

As a Lead Cyber Security Risk Manager you will identify, understand and mitigate cyber-related risks. You will evaluate security risks to information, systems and processes owned by the organisation, and proactively provide appropriate advice, drawing on a wide variety of sources, to stakeholders across the organisation and at a variety of levels. You will also provide risk or service owners with advice to help them make well informed risk-based decisions.

As the Lead Cyber Security Risk Manager, your main day to day responsibilities will be: The support, planning, development, implementation and management of organisation-wide processes and procedures for the management of risks to the success, confidentiality, integrity and availability of the business, especially those arising from the use of information technology, hardware or data. Providing tailored expert cyber security support and advice that highlights cyber security related risks to a range of stakeholders, projects, business teams and/or service owners on how to remedy identified risks. Helping them to make well-informed and auditable decisions, by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise. Independently and impartially undertaking risk management activities within a given area of practice or expertise, usually within established security and risk management governance structures and frameworks. Leading the independent analysis and derivation of business-supporting security needs, undertake cyber security related risk assessments, conduct tailored threat assessments and other risk management activities. Communicating effectively with senior stakeholders to ensure they recognise the importance of security considerations and respond accordingly to changes in policy and procedure. Managing risk management processes across the organisation, reviewing their efficiency and effectiveness, leading recommendations for continuous improvement. Reviewing risk statements, risk controls, mitigating actions and all related risk management activities. Following any security breach, providing advice on how to remediate any vulnerabilities discovered. Agreeing and overseeing remedial solutions, controls and safeguards that are the most appropriate and beneficial for the organisation. Assessing reviews and risk assessments and ensuring all identified risks are managed in accordance with Home Office risk management policies. Communicating outcomes effectively to relevant senior stakeholders across a variety of teams in ways that support effective security, risk management and decision-making, and advising senior stakeholders on their approach to risk assessment in the context of their organisational outcomes. Note: An employee may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training. Due to the requirements of the role, the successful candidates will be required to work full-time (37 hours per week). Hybrid Working DDaT is geographically spread across multiple locations with most staff working in line with the Department’s hybrid working arrangements (a minimum of 60% of time in an office location, with the remainder working from home). You will need to agree a base location of either Cardiff, Croydon, Manchester, Liverpool or Sheffield and there will be a requirement for occasional travel to other locations.

Proud member of the Disability Confident employer scheme

About Disability Confident

A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.