Senior Cyber Security Risk Manager
| Posting date: | 23 March 2026 |
|---|---|
| Salary: | £57,946 to £78,205 per year |
| Hours: | Full time |
| Closing date: | 06 April 2026 |
| Location: | M2 3LR |
| Company: | Government Recruitment Service |
| Job type: | Permanent |
| Job reference: | 452355/4 |
Summary
Are you a Cyber Security Risk Analyst with hands on technical experience working in a large-scale organisation?
If yes, these opportunities could interest you and we want you to join us at DWP Digital.
The Cyber Security Risk Management drives first line risk management across DWP Digital, providing a clear, consistent, and proportionate view of cyber security risk across digital services, enabling informed risk-based decision making and secure delivery. The role identifies, assesses, and supports the treatment of cyber security risks through a controls driven approach aligned to organisational standards, frameworks and ever evolving threat landscape.
Working collaboratively with delivery teams, technical specialists, and senior stakeholders, cyber security risk managers undertake analysis on control effectiveness, translates technical vulnerabilities and gaps into meaningful risk insight, and ensures risks are understood within the context of the business delivery. It supports delivery teams in meeting security requirements, particularly around design, testing, and monitoring, while providing constructive challenge where solutions do not align with strategic direction or reusable components. The role underpins effective governance, remediation, supporting proportionate, risk informed decisions across products, programmes, and operational services.
The Cyber security Risk Manager role provides effective security risk expertise, advice and support for business managers, Senior Risk Owners, and the Executive Team within DWP.
Key responsibilities include:
- Using evidence, knowledge, and experience to support accurate, expert decisions and advice. Carefully consider alternative options, implications, and risks of decisions. Enabling the prioritisation and delivery of solutions with appropriate security controls to mitigate Cyber Security Risks through a structured risk management process.
- To ensure proportionate, risk-informed decisions about current and future security investments to protect the Department’s assets and improve the Department’s security risk posture.
- Manage and support Digital’s Cybersecurity risk management lifecycle through the delivery 1st line risk identification, assessment, remediation, and treatment of risks.
- Identify controls and make recommendations to address security vulnerabilities and control weaknesses in products, projects, and programmes, working with product owners and Subject Matter Experts to enable them to make well informed risk-based decisions whilst leading and influencing the management of tactical and strategic risks.
- Work closely with Security & Data Protection and other internal and external stakeholders, to ensure Cyber Security threats, vulnerabilities, and opportunities with the potential to impact or improve resilience of Digital IT Infrastructure are identified; or reported appropriately.
- Research and evaluate business processes in alignment to known/emerging security risks and controls to ensure expert advice is provided.
Proud member of the Disability Confident employer scheme