Senior Cyber Security Risk Manager

The first duty of Government is to protect the public. Since 1782, the Home Office has led work to keep the country safe from those who seek to do it harm. The Home Office covers three systems: Homeland Security, Public Safety and Borders, and Immigration and Citizenship. These systems work collaboratively to deliver our cross-cutting priorities, whilst providing increasingly efficient and secure services for the public. Digital Data and Technology (DDaT) enables the Home Office to keep citizens safe and the country secure, as well as at the front line of making the Home Office a modern and capable department at a time of unprecedented global change. Within DDaT, End User Compute & Collaborate (EUC&C) develop, maintain, and support End User Devices, Collaboration tools and Voice and Video products and services to approximately 67,000 users from across the Home Office, including the Private office, operational arms of Border force and Immigration Enforcement. EUC&C also offer users the ability to collaborate efficiently, on joint documentation, with other government departments. The Programme vision is: ''to empower Home Office Staff by providing an outstanding designed user experience through the right IT products.'' We embrace diversity and inclusion to ensure we represent the public we serve, and we are passionate about fair treatment and the wellbeing of our colleagues as part of our ambitions to be a brilliant Civil Service. EUC&C is geographically spread across three primary locations (Croydon, Manchester and Southport) with most staff working in line with the Department's hybrid working arrangements (a minimum of 60% of time in an office location, with the remainder working from home). You will need to agree a base location of either Croydon, Manchester, Liverpool OR Southport, and there will be a requirement for occasional travel to other locations. Due to the nature of this role this post is available on a full-time only basis. The Cyber Security Risk Manager identifies, understands and mitigates cyber-related risks. They identify and evaluate security risks to information, systems and processes owned by the organisation, and proactively provide appropriate advice, drawing on a wide variety of sources, to stakeholders across the organisation and at a variety of levels. They provide risk or service owners with advice to help them make well informed risk-based decisions. Main responsibilities:

• Deliver Level one assurance assessments and reports, ensuring measures align with risk levels, Data Protection, and Government Policy. Conduct and communicate risk assessments to stakeholders, advising on risk management strategies tied to business outcomes.
• Operate within established security governance structures under supervision to support and perform basic risk management tasks, including analysing security needs, conducting cyber risk and threat assessments, and other related activities.
• Interpret and contribute to risk management policies, ensuring alignment with regulations and departmental/government policies, with a clear understanding of applicable legislation.
• Offer advice to address cyber security risks using appropriate standards, guidance, or expertise. Validate risk mitigation measures and recommend improvements, including leveraging assurance activities like penetration testing.
• Support risk and service owners with clear security advice, contributing to reports or established reporting processes. Assess the security of systems, devices, and software applications.
Note: An employee may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training.

Disability Confident About Disability Confident A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.