Head of Security Risk

Dyddiad hysbysebu:	06 Mawrth 2026
Cyflog:	£75,026 i £80,267 bob blwyddyn
Gwybodaeth ychwanegol am y cyflog:	This post currently attracts an additional Recruitment & Retention Allowance of £7,000 per annum. This is reviewed on an annual basis.
Oriau:	Llawn Amser
Dyddiad cau:	25 Mawrth 2026
Lleoliad:	Blackpool
Cwmni:	Government Recruitment Service
Math o swydd:	Parhaol
Cyfeirnod swydd:	450345/2

Crynodeb

This is a rare opportunity to shape security risk at national scale, influencing decisions that directly protect millions of citizens and the UK’s most critical public services.

The Head of Security Risk leads DWP’s strategic security risk function, operating at Enterprise scale across all security domains: Information, Cyber, Personnel, Physical and Supply Chain Security. In this role you will provide authoritative, organisation‑wide security risk insight to senior leaders, enabling them to make confident, well‑informed decisions that protect delivery of departmental objectives, services and UK citizens.

This is a role with national significance, given DWP’s scale: circa 90,000 staff, £292bn in annual payments, personal data on every living UK citizen, and a threat landscape spanning everything from frontline operational incidents, insiders, organised crime groups and state‑sponsored cyber actors. The Head of Security Risk shapes how DWP identifies, understands and responds to these risks, protecting safe execution of the business strategy.

The Head of Security Risk leads a team of approximately 15 staff and is responsible for strengthening DWP’s security risk capability, embedding high‑quality analytical standards, modern methodologies and clear strategic reporting. It also provides expert security risk support to core business functions that do not have their own dedicated security risk capability.

The Head of Enterprise Security & Risk Management, under which this post sits and the current post holder will be delivering engagement sessions on Wednesday 11 March at 09:30 and Monday 16 March at 13:30 where you can find out more about this unique role and pose any questions you may have about it.

To book your place on an event please use either of the following links:

Head of Security Risk Engagement Session Tickets, Wed 11 Mar 2026 at 09:30 | Eventbrite

Head of Security Risk Engagement Session Tickets, Mon 16 Mar 2026 at 13:30 | Eventbrite

These sessions will not be recorded.

Strategic Leadership & Direction

• Own and lead DWP’s Enterprise‑level Security Risk function, setting strategy direction, standards and methodology for how the department conducts security risk analysis.
• Define, maintain and continually improve the security risk framework, including structured analytical techniques and consistent reporting approaches.

Production of Strategic Security Risk Assessments

• Lead the creation and maintenance of DWP’s strategic security risk assessments, covering all security domains.
• Produce risk insights for Director Generals, the Executive Team and the Departmental Audit & Risk Assurance Committee (DARAC).
• Provide regular (monthly/quarterly) senior‑level briefings on Enterprise level risks.

Influencing and Senior Stakeholder Engagement

• Act as a trusted advisor to Director General level decision‑makers, articulating complex technical risks in plain English, with clear implications for departmental objectives.
• Provide actionable, board‑ready narratives, recommendations and insights.

Supporting Security Policy & Standards

• Deliver bespoke risk assessments to inform security policy, standards and strategic direction for the department.

On‑Demand Risk Support Across DWP

• Provide expert risk support to parts of the organisation without their own embedded capability.

Transforming and Professionalising the Function

• Build a modern, credible risk profession aligned with cross‑government analytical standards and industry‑recognised frameworks.

Cross‑organisation Leadership and Collaboration

• Strengthen cross‑government collaboration on security risk, supporting initiatives such as the Government Cyber Action Plan and shared security risk models.
• Collaborate with a range of DWP stakeholders, such as Digital Security, Commercial and Estates to collectively deliver against DWP’s Security Strategy for 2030.
• Shape assurance priorities based on risk findings, ensuring risk and assurance functions work closely together, sharing insight and driving continuous improvement.

Given the geographic spread of our team, DWP customers, cross-government stakeholders and industry suppliers, you'll need to be willing to travel to other DWP locations, with periodic overnight stays required.

Aelod balch o'r cynllun cyflogwyr Hyderus o ran Anabledd

Gwybodaeth am Hyderus o ran Anabledd

Yn gyffredinol, bydd cyflogwr Hyderus o ran Anabledd yn cynnig cyfweliad i unrhyw ymgeisydd sy'n datgan eu bod yn anabl ac yn bodloni'r meini prawf lleiaf ar gyfer y swydd fel y diffinnir gan y cyflogwr. Mae'n bwysig nodi, mewn rhai sefyllfaoedd recriwtio fel nifer fawr o ymgeiswyr, cyfnod tymhorol ac amseroedd prysur iawn, efallai y bydd y cyflogwr am gyfyngu ar y niferoedd cyffredinol o gyfweliadau a gynigir i bobl anabl a phobl nad ydynt yn anabl. Am fwy o fanylion ewch i Hyderus o ran Anabledd.