Cyber Security Risk Associate

Dyddiad hysbysebu:	29 Medi 2025
Cyflog:	£35,367 i £41,494 bob blwyddyn
Gwybodaeth ychwanegol am y cyflog:	London- £39,377 - £41,494. National - £35,367 - £37,497. Your salary will be determined by your skills and capability as assessed at interview.
Oriau:	Llawn Amser
Dyddiad cau:	10 Hydref 2025
Lleoliad:	Birmingham
Cwmni:	Government Recruitment Service
Math o swydd:	Parhaol
Cyfeirnod swydd:	430513/2

Crynodeb

The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways.   

Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.  

Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements. 

Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.  

The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated four times in a row for ‘Best Public Sector Employer’ at the Women in Tech awards! 

As a Cyber Security Risk Associate, you will work to identify and mitigate Cyber related risks. You will provide risk or service owners with advice to help them make well informed risk-based decisions. Taking on expertise from the wider Cyber, Technology and other professions across the Department.   

As part of the team responsible for the Cyber Risk and Compliance aspect of Cyber Security within The Department for Business and Trade (DBT) you will report to the Cyber Leads and will collaborate closely with the wider Cyber team and DDaT (Digital Data and Technology), as well as Government Security Profession.   

The Governance Risk and Compliance (GRC) team is responsible for cyber risk management, maintaining in-house system security assurance, running internal cyber security training, setting standards for compliance, and devising policies, and enabling audit management and response.   

As a member of the GRC team you will demonstrate the Civil Service Values by working with integrity and honesty to enable a more secure posture in the Department and enable appropriate acceptance of risk by Senior decision makers.  

You will have strong collaboration skills, working with other professions and a significant number of non-technical colleagues to support them in delivering the GRC mission, which is to protect and promote a governed, Cyber risk aware and compliant DBT.  

The Cyber team prioritise the wellbeing and careers of our people.  We will support you to improve and grow, offering amazing learning and development opportunities, through internal training, shadowing, and external courses.   

If you are someone who wants to develop further or are looking for a career change and you have transferrable skills, we want to hear from you.  

About You

You will:

• Have the ability to manage workload and prioritise in a fast-paced environment. 
• Have the ability to communicate technical ideas to a non-technical audience.
• Be a keen learner with a desire to expand your knowledge of cyber security. 
• Demonstrate high integrity and good ethics when handling sensitive and confidential information.
• Be a self-motivated individual and a key integral team member as part of the wider Cyber team.
• Be able to see the bigger picture rather than focusing on just completing tasks.

Main responsibilities  

You will: 

• Support the Cyber Leads to conduct Cyber Security related risk assessments that follow DBT’s Information Risk Assurance Process (IRAP).   
• Research suppliers, technologies, and contracts, gathering documentation to support and evidence risk-based decisions.   
• Support the Cyber Leads to provide tailored advice to a range of stakeholders on how to mitigate identified risks by proportionately applying security controls, using best practise and standards.    
• Undertake risk management activities within established security and risk management frameworks.  
• Carry out project and IRAP case management activities.  
• Support culture and awareness training activities and incident management activities, and other Cyber and Information Security tasks as required to support the wider team. 

Aelod balch o'r cynllun cyflogwyr Hyderus o ran Anabledd

Gwybodaeth am Hyderus o ran Anabledd

Yn gyffredinol, bydd cyflogwr Hyderus o ran Anabledd yn cynnig cyfweliad i unrhyw ymgeisydd sy'n datgan eu bod yn anabl ac yn bodloni'r meini prawf lleiaf ar gyfer y swydd fel y diffinnir gan y cyflogwr. Mae'n bwysig nodi, mewn rhai sefyllfaoedd recriwtio fel nifer fawr o ymgeiswyr, cyfnod tymhorol ac amseroedd prysur iawn, efallai y bydd y cyflogwr am gyfyngu ar y niferoedd cyffredinol o gyfweliadau a gynigir i bobl anabl a phobl nad ydynt yn anabl. Am fwy o fanylion ewch i Hyderus o ran Anabledd.