Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber governance, risk assessments, and security training to enhance organisational cyber posture.
- Company: Join the Department for Business and Trade, a top public sector employer focused on growth.
- Benefits: Access to industry training, career development pathways, and a supportive work environment.
- Why this job: Make a real impact in cyber security while driving meaningful change in a dynamic team.
- Qualifications: Experience in cyber security, risk management, and stakeholder engagement is essential.
- Other info: Empower your career in a growing government department prioritising wellbeing and professional growth.
The predicted salary is between 48000 - 72000 £ per year.
The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways:
- We help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.
- We open international markets and ensure resilient supply chains through Free Trade Agreements, trade facilitation and multilateral agreements.
- We work in partnership with businesses every day, providing advance, finance and deal‑making support to those looking to start up, invest, export and grow.
The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated four times in a row for 'Best Public Sector Employer' at the Women in Tech awards and won the award in 2025!
Ready to move into a space where cyber isn't an afterthought but a priority? Join DBT and help mature a security capability in a department that values expertise, moves quickly, and gives you the autonomy to drive meaningful change. This is a place where your skills won't be sidelined; they'll set the direction.
The GRC team plays a critical role in establishing governance, managing cyber risk, and maintaining system security assurance. They also deliver GovAssure, Secure by Design, security training and user education, maintain security policy, set compliance standards, and manage the delivery of cyber audits. Consequently, this role requires strong acumen across cyber security and corporate disciplines to actively shape governance practices and provide expert advice to inform decision-makers.
Sitting at the heart of DBT’s Cyber Security function, as a Senior Cyber Governance, Risk and Compliance (GRC) Manager, you will play a central role in maturing the organisation’s cyber governance model, completing risk assessments, driving assurance activity, and helping to embed strong security culture across DBT. Working closely with Lead GRC Managers and collaborating with colleagues across Cyber Security, DDaT, and the wider Government Security Profession, this is a role that blends strategic thinking with hands-on delivery.
You will support the uplift of organisational cyber posture within a broad remit, providing strong opportunity for personal development through empowerment to deliver within a growing government department. Indeed, in DBT we prioritise the wellbeing and careers of our Cyber professionals, with access to industry recognised training and civil service development pathways.
The post holder will be required to deliver across multiple areas within a complex cyber security portfolio. Experience across as many of the below as possible is desirable:
- Risk Management: Undertake complex cyber risk assessments, including, where applicable, tailored threat analysis and supply chain assurance, in compliance with appropriate legislation, regulation and policy.
- Digital Programmes: Provide cyber expertise and actively contribute to the delivery of key digital programmes of work across the organisation, ensuring all works are conducted cognizant of risk and in compliance with governmental standards and best practice, including ISO 27001, NCSC guidance, NIST CSF, NIS regulations and internal policy requirements.
- Security Audits: Manage cyber audit activities, compliance reviews and penetration tests, including GovAssure and Secure by Design, collaborating with diverse stakeholders to implement mitigations throughout programme lifecycles.
- User Education: Deliver cyber security education and awareness training across the organisation, developing auditable datasets that identify key areas for improvement and evidence knowledge uplift iteratively.
- Policy and Strategy: Contribute to the production and delivery of cyber strategies, security policies, standards and procedures across the cyber governance, risk and compliance portfolio ensuring they remain responsive to evolving threats and business requirements.
- Third party engagement: Support arm's length bodies and partner organisations to uplift their cyber security posture, standardising and sharing knowledge to align with departmental approaches, governmental standards and best practice wherever possible.
- Provide specialist cyber guidance: Offer specialist cyber security and data protection guidance to risk owners and stakeholders, enabling informed, risk-based decisions, while acting as an advocate for best practice within DBT and across government, engaging with peers in the public sector and industry.
- Stakeholder Engagement: Build strong relationships with internal and external stakeholders, including senior leaders, to enhance organisational cyber security capability.
About Disability Confident: A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people.
Senior Cyber, Governance, Risk and Compliance Manager in City of Westminster employer: Department for Business and Trade
Contact Detail:
Department for Business and Trade Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Cyber, Governance, Risk and Compliance Manager in City of Westminster
✨Tip Number 1
Network like a pro! Reach out to current or former employees at DBT on LinkedIn. Ask them about their experiences and any tips they might have for your interview. Personal connections can give you insights that make you stand out.
✨Tip Number 2
Prepare for the interview by diving deep into DBT's mission and values. Understand how your skills in cyber governance, risk, and compliance align with their goals. This shows you're not just interested in the job, but also in contributing to their mission.
✨Tip Number 3
Practice common interview questions related to cyber security and GRC. Think about real-life examples where you've successfully managed risks or led compliance initiatives. This will help you articulate your experience confidently during the interview.
✨Tip Number 4
Don’t forget to follow up after your interview! A quick thank-you email reiterating your interest in the role and mentioning something specific from the conversation can leave a lasting impression. Plus, it shows your enthusiasm for the position!
We think you need these skills to ace Senior Cyber, Governance, Risk and Compliance Manager in City of Westminster
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in cyber governance, risk management, and compliance. We want to see how your skills align with our mission at DBT!
Showcase Your Expertise: Don’t hold back on sharing your knowledge of cyber security frameworks like ISO 27001 or NIST CSF. We’re looking for someone who can bring their expertise to the table and help us drive meaningful change.
Be Clear and Concise: When writing your application, keep it straightforward and to the point. We appreciate clarity, so make sure your key achievements and experiences shine through without unnecessary fluff.
Apply Through Our Website: We encourage you to submit your application directly through our website. It’s the best way to ensure your application gets into the right hands and shows your enthusiasm for joining our team!
How to prepare for a job interview at Department for Business and Trade
✨Know Your Cyber Stuff
Make sure you brush up on the latest trends and regulations in cyber security, especially those mentioned in the job description like ISO 27001 and NIST CSF. Being able to discuss these frameworks confidently will show that you're not just familiar with the basics but are ready to dive deep into the specifics.
✨Showcase Your Risk Management Skills
Prepare examples of how you've conducted risk assessments or managed compliance reviews in the past. Use the STAR method (Situation, Task, Action, Result) to structure your answers, making it easy for the interviewers to see your thought process and impact.
✨Engage with Stakeholders
Think about times when you've built strong relationships with stakeholders. Be ready to share how you’ve collaborated with different teams to enhance cyber security capabilities. This role is all about communication, so demonstrating your interpersonal skills will be key.
✨Be Ready for Scenario Questions
Expect scenario-based questions where you might need to demonstrate how you'd handle specific cyber security challenges. Practice articulating your thought process and decision-making strategies, as this will highlight your strategic thinking and hands-on delivery capabilities.
