Cyber Security Governance & Assurance Professional

The Cyber Security Governance & Assurance Professional supports the delivery of BT's cyber security governance and assurance activities, helping to reduce risk to the business by assuring the effectiveness of key security controls, tooling and processes. This role contributes to:

• Protecting BT Business from cyber risk
• Supporting compliance with security standards and regulations
• Enabling external certifications that help BT win business
• Providing clear, risk based insight to senior stakeholders

This is a developing role, ideal for someone looking to build experience across cyber security governance, assurance and risk management within a large, complex organisation. Hybrid (3 days in office) & can be based in any of the following locations: Manchester / Belfast / Leeds. BPSS eligibility is also required for this role.

What you'll be doing:

• Supporting cyber security governance and assurance activities to identify, assess and reduce cyber risk across BT Business.
• Contributing to assurance of key security controls, including: Secure Configuration, Vulnerability Management, Access Control and Account Management, Audit Logging and Monitoring.
• Supporting assurance and oversight of security toolsets, including endpoint detection and malware defence (e.g. CrowdStrike).
• Assisting with risk based reviews of information security and technology processes and controls.
• Supporting governance forums and oversight activities, including preparation of materials and actions for security risk review meetings.
• Assisting with the analysis of governance, risk and compliance information such as risk registers, policy exceptions, audit findings and data security reviews.
• Supporting the preparation of cyber risk reporting and dashboards for management and senior stakeholders.
• Contributing to certification and assurance activities, including: Cyber Essentials Plus, ISO/IEC 27001, Public Services Network (PSN).
• Participating in cyber security incident response activities during high severity incidents when required.
• Supporting continuous improvement of governance, assurance processes and ways of working within the team.

Essential Skills / Experience:

• Cyber Security Governance & Assurance
• Risk Assessment & Control Assurance
• Understanding of Security Controls and Tooling
• Stakeholder Communication
• Documentation & Reporting

Desirable Skills / Experience:

• Foundational experience or strong understanding of cyber security, information security, risk, or compliance.
• Awareness of information security standards or frameworks such as ISO/IEC 27001.
• Basic understanding of risk assessment, control assurance, and governance concepts.
• Exposure to security controls such as vulnerability management, access control, secure configuration or logging.
• Some understanding of GDPR / data protection principles and their application within organisations.
• Ability to analyse information, document findings clearly, and follow defined processes.
• A proactive approach to learning and developing.

Our Package:

• On target 10% on target bonus
• BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%
• From January 2025, equal family leave: receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It's for all parents, no matter how your family is made up.
• Enhanced women's health support: including help with menopause symptoms, cancer screenings, period care and more.
• 25 days annual leave (not including bank holidays), increasing with service
• 24/7 private virtual GP appointments for UK colleagues
• 2 weeks carer's leave
• World-class training and development opportunities
• Option to join BT Shares Saving schemes.