Defence Digital Cyber Risk Management Analyst
| Posting date: | 02 July 2025 |
|---|---|
| Salary: | £36,530 per year |
| Additional salary information: | A pension contribution of 28.97% based on the listed salary. |
| Hours: | Full time |
| Closing date: | 01 August 2025 |
| Location: | SW1A 2HB |
| Remote working: | Hybrid - work remotely up to 2 days per week |
| Company: | Ministry of Defence |
| Job type: | Permanent |
| Job reference: | 412873 |
Summary
As Cyber Risk Management Analyst, you’ll be responsible for assisting with the management and maintenance of the Defence Enterprise Cyber Risk portfolio, being pivotal in the collation and assurance of Defence’s cyber risks. You’ll support maturing the understanding of the cyber risks the Defence cyber community are carrying, including those that are cross cutting, helping to inform on cyber security and resilience failure.
You’ll support upward reporting and briefings through analysis, regarding cyber activity and resulting risk assessments, to enable senior leaders (all the way up to the Defence Board) to make informed investment decisions.
This position sits within the Cyber Risk Management team, a small, highly specialised team within Governance, Risk and Compliance (GRC) in our Cyber, Defence and Risk (CyDR) directorate. We develop and maintain a wider understanding of cyber risks, control environment and capabilities, across Defence’s complex and challenging environments and identify possible gaps and issues, to inform the Defence Enterprise Chief Information Security Officer (CISO) and key defence programmes on how to mitigate these and understand how the resulting activity will help to reduce risks.
Responsibilities
Work with risk owners and key stakeholders to develop and maintain the Defence CISO’s wider understanding of the cyber risks and capabilities, across Defence’s complex and challenging environments.
Monitor Defence cyber threat, vulnerability and risk assessment and mitigation effectiveness, including key Defensive cyber and dependent programmes, providing analysis and insight to support upward reporting and escalation.
Undertake collaborative and independent cyber security related risk assessments and other risk management and assurance activities, including the provision of tailored advice, ensuring consistency with applicable cyber security frameworks, policy standards and guidance.
Provide a secretariat function for the senior cyber management board.
Potential opportunity for line management responsibility.
Remote working within this role is something that can be discussed at interview stages or with your future line manager if you are found successful.
Please note, candidates will be redirected to the Civil Service Jobs website where you will need to submit your application form. Please note the closing date above is incorrect and cannot be amended so please check the closing date on Civil Service Jobs and allow enough time to submit your application form.
You’ll support upward reporting and briefings through analysis, regarding cyber activity and resulting risk assessments, to enable senior leaders (all the way up to the Defence Board) to make informed investment decisions.
This position sits within the Cyber Risk Management team, a small, highly specialised team within Governance, Risk and Compliance (GRC) in our Cyber, Defence and Risk (CyDR) directorate. We develop and maintain a wider understanding of cyber risks, control environment and capabilities, across Defence’s complex and challenging environments and identify possible gaps and issues, to inform the Defence Enterprise Chief Information Security Officer (CISO) and key defence programmes on how to mitigate these and understand how the resulting activity will help to reduce risks.
Responsibilities
Work with risk owners and key stakeholders to develop and maintain the Defence CISO’s wider understanding of the cyber risks and capabilities, across Defence’s complex and challenging environments.
Monitor Defence cyber threat, vulnerability and risk assessment and mitigation effectiveness, including key Defensive cyber and dependent programmes, providing analysis and insight to support upward reporting and escalation.
Undertake collaborative and independent cyber security related risk assessments and other risk management and assurance activities, including the provision of tailored advice, ensuring consistency with applicable cyber security frameworks, policy standards and guidance.
Provide a secretariat function for the senior cyber management board.
Potential opportunity for line management responsibility.
Remote working within this role is something that can be discussed at interview stages or with your future line manager if you are found successful.
Please note, candidates will be redirected to the Civil Service Jobs website where you will need to submit your application form. Please note the closing date above is incorrect and cannot be amended so please check the closing date on Civil Service Jobs and allow enough time to submit your application form.