Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the creation of a cyber security risk management framework and assess compliance across departments.
- Company: Join the Cabinet Office, a key player in UK government operations focused on cyber security.
- Benefits: Enjoy a hybrid work model with 2 days in London and opportunities for professional growth.
- Why this job: Be part of a transformative cyber security program that impacts national security and governance.
- Qualifications: Must have active SC Clearance and experience in Security Governance Risk & Compliance.
- Other info: This role is UK-based only; no overseas applications accepted.
The predicted salary is between 48000 - 72000 £ per year.
On behalf of the Cabinet Office, we are looking for a Cyber Security Risk Analyst (Inside IR35) for a 7-month contract hybrid role 2 days per week in London.
SC Clearance is an essential requirement for this role, (at the very least you will need to be eligible for SC Clearance).
Role Overview
The Cyber Security Risk Analyst will initially be responsible for writing the cyber security risk management framework, associated documentation, and templates. This will be followed by leading the procurement of tooling to scale adoption of the framework and leading its adoption across the Department and its Business Units.
This role will include understanding the Department’s alignment to the NCSC Cyber Assessment Framework (CAF) and the related HMG standards. The post holder will work within a cyber transformation programme alongside the Central Cyber and Information Security team in delivering against agreed deadlines while maintaining all aspects of information security risk management.
Responsibilities
- Draft and publish a risk management framework for the Cabinet Office.
- Lead the development and enhancement of cyber security risk management practices, including the development of methodologies and processes.
- Develop and implement processes to scale up the assessment of compliance against internal security policy and external requirements such as GovAssure and Secure By Design.
- Evaluate and assess cyber security controls across business engineering practices and third-party vendors to ensure compliance with the NCSC CAF.
- Collaborate with cross-functional teams to develop and implement risk management activities.
- Use risk management techniques to identify cyber threats, risks, and issues in a timely manner.
- Be proficient in threat modelling methods and familiar with tooling practices in threat modelling.
- Support the creation and maintenance of security policies, guidance, and standards.
- Support continuous improvement for information security practices and engagement.
Essential Skills, Knowledge & Experience
- Active SC Clearance.
- Sound knowledge of and experience in Security Governance Risk & Compliance (GRC) role.
- Experience working in a professional services environment.
- Hands-on experience conducting cyber risk assessments and developing cyber risk mitigation strategies.
- Experience with recognised security frameworks such as NCSC CAF, ISO27001, ISO 27005, ISO 31000, NIST 800-53.
- Strong interpersonal and communication skills, with the ability to interact with technical and non-technical stakeholders.
Required Disciplines
Business need: The ability to elicit security requirements that support the overall business need based on straightforward analysis.
Security direction and governance: Understanding and participation in enabling organisational cyber security governance.
Risk assessment: Sound understanding and evidence of application of the fundamental principles of risk assessment.
Risk treatment: Understanding of how the output of the risk assessment dovetails into risk treatment.
Assurance: Understanding of the provision of through-life assurance at a service/system as well as component level.
Please be aware that this role can only be worked within the UK and not Overseas.
#J-18808-Ljbffr
Cyber Security Risk Analyst employer: Public Sector Resourcing, managed by AMS
Contact Detail:
Public Sector Resourcing, managed by AMS Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Risk Analyst
✨Tip Number 1
Make sure you have a solid understanding of the NCSC Cyber Assessment Framework (CAF) and other relevant security frameworks like ISO27001 and NIST 800-53. Familiarity with these standards will not only help you in the role but also impress the hiring team.
✨Tip Number 2
Highlight your experience in conducting cyber risk assessments and developing mitigation strategies. Be prepared to discuss specific examples during the interview that showcase your hands-on experience in this area.
✨Tip Number 3
Since strong communication skills are essential for this role, practice articulating complex cyber security concepts in simple terms. This will demonstrate your ability to interact effectively with both technical and non-technical stakeholders.
✨Tip Number 4
Ensure you are eligible for SC Clearance and be ready to discuss your understanding of security governance and risk management principles. This is crucial as it aligns with the responsibilities outlined in the job description.
We think you need these skills to ace Cyber Security Risk Analyst
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Cyber Security Risk Analyst position. Familiarize yourself with the NCSC Cyber Assessment Framework and the essential skills listed in the job description.
Tailor Your CV: Customize your CV to highlight relevant experience in Security Governance Risk & Compliance (GRC), cyber risk assessments, and familiarity with security frameworks like ISO27001 and NIST 800-53. Use specific examples that demonstrate your hands-on experience.
Craft a Strong Cover Letter: Write a compelling cover letter that outlines your motivation for applying and how your skills align with the role. Emphasize your communication skills and ability to work with both technical and non-technical stakeholders.
Highlight SC Clearance: Since active SC Clearance is essential for this role, make sure to clearly state your current clearance status or your eligibility for it in your application. This will help you stand out as a qualified candidate.
How to prepare for a job interview at Public Sector Resourcing, managed by AMS
✨Understand the Cyber Security Frameworks
Make sure you are well-versed in the NCSC Cyber Assessment Framework and other relevant security frameworks like ISO27001 and NIST 800-53. Be prepared to discuss how these frameworks apply to risk management and compliance.
✨Showcase Your Risk Assessment Experience
Be ready to share specific examples of your hands-on experience conducting cyber risk assessments. Highlight any strategies you've developed for mitigating risks and how you've implemented them in previous roles.
✨Communicate Effectively with Stakeholders
Demonstrate your strong interpersonal skills by discussing how you've interacted with both technical and non-technical stakeholders. Provide examples of how you've communicated complex security concepts in an understandable way.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about potential cyber threats and how you would approach risk identification and treatment in those scenarios.
