Head of Security Risk in Glasgow, Scotland

This is a rare opportunity to shape security risk at national scale, influencing decisions that directly protect millions of citizens and the UK's most critical public services. The Head of Security Risk leads DWP's strategic security risk function, operating at enterprise scale across all security domains: cyber, personnel, physical and supply chain security.

In this role you will provide authoritative, organisation wide security risk insight to senior leaders, enabling them to make confident, well informed decisions that protect departmental objectives, services and UK citizens. This is a role with national significance, given DWP's scale: 96,000 staff, £250bn in annual payments, personal data on every living UK citizen, and a threat landscape spanning everything from frontline operational incidents, insiders, organised crime groups and state sponsored cyber actors.

As our Head of Security Risk you will shape how DWP identifies, understands and responds to these risks, ensuring the department delivers services safely, securely and resiliently. You'll lead a team of approximately 15 staff and be responsible for strengthening DWP's security risk capability, embedding high-quality analytical standards, modern methodologies and clear strategic reporting. You'll also provide expert security risk support to core business functions that do not have their own dedicated security risk capability.

Key responsibilities

• Strategic Leadership & Direction: Own and lead DWP's enterprise level security risk function, setting direction, standards and methodology for how the department conducts security risk analysis. Define, maintain and continually improve the security risk framework, including structured analytical techniques and consistent reporting approaches.
• Production of Strategic Security Risk Assessments: Lead the creation and maintenance of DWP's strategic security risk assessments, covering all security domains. Produce risk insights for Director Generals, the Executive Team and the Departmental Audit & Risk Assurance Committee (DARAC). Provide regular (monthly/quarterly) senior-level briefings on cyber, personnel and supply chain security risks.
• Influencing and Senior Stakeholder Engagement: Act as a trusted advisor to DG-level decision-makers, articulating complex technical risks in plain English, with clear implications for departmental objectives. Provide actionable, board ready narratives, recommendations and insights.
• Supporting Security Policy & Standards: Deliver bespoke risk assessments to inform security policy, standards and strategic direction for the department.
• On-Demand Risk Support Across DWP: Provide expert risk support to parts of the organisation without their own embedded capability.
• Transforming and Professionalising the Function: Build a modern, credible risk profession aligned with cross-government analytical standards and industry-recognised frameworks.
• Cross-organisation Leadership and Collaboration: Strengthen cross-government collaboration on security risk, supporting initiatives such as the Government Cyber Action Plan and shared security risk models. Collaborate with a range of DWP stakeholders, such as Digital Security, Commercial and Estates to collectively deliver against DWP's Security Strategy for 2030. Shape assurance priorities based on risk findings, ensuring risk and assurance functions work closely together, sharing insight and driving continuous improvement.

What skills, knowledge and experience will you need?

• Leadership of an enterprise-level risk function: demonstrable experience directing strategic risk activity in a complex or regulated organisation, using risk insight to inform senior-level decision-making.
• Strong analytical leadership: proven ability to lead analytical work, apply structured analytical techniques, and develop analytical capability within a team.
• Broad security domain knowledge: credible understanding across physical, personnel, cyber and supply chain security, with the ability to represent cross-domain risk professionally at senior level (expert depth not required).
• Senior stakeholder influence and communication: experience engaging, advising and influencing executive-level stakeholders (e.g., Director Generals, External/Sector-Wide Collaboration), presenting complex security risks in clear, business-focused language.
• Delivery of strategic risk assessments with diverse stakeholders: evidence of producing organisation-wide or multi-stakeholder risk assessments requiring negotiation, influence and cross-functional engagement.
• Transformational leadership of functions or teams: a track record of building or maturing a function, including establishing operating models, improving processes, or upskilling and developing people.

Details

• Pay: £75,026 salary and £7,000 pa recruitment and retention allowance. Alongside your salary of £75,026, Department for Work and Pensions contributes £21,735 towards you being a member of the Civil Service Defined Benefit Pension scheme.
• Benefits: DWP have a broad benefits package built around your work-life balance which includes working patterns to support work/life balance such as job sharing, term-time working, flexi-time and compressed hours. Generous annual leave at least 26 days on entry, increasing up to 31 days over time (pro-rata for part time employees), plus 9 days public and privilege leave. Support for financial wellbeing, including interest-free season ticket loans for travel, a cycle to work scheme and an employee discount scheme. Health and wellbeing support including our Employee Assistance Programme for specialist advice and counselling and the opportunity to join HASSRA a first-class programme of competitions, activities and benefits for its members (subscription payable monthly). Family friendly policies including enhanced maternity and shared parental leave pay after 1 years continuous service. Funded learning and development to support progress in your role and career. This includes industry recognised qualifications and accreditations, coaching, mentoring and talent development programmes. An inclusive and diverse environment with opportunities to join professional and interpersonal networks including Women's Network, National Race Network, National Disability Network (THRIVE) and many more.

Process: We know your time is valuable so our application and selection process is just two stages: Apply: complete your application on Civil Service Jobs. There'll be full instructions when you click through. Interview: a single stage face to face interview.