Enterprise Security Risk Manager in Leeds, Yorkshire

The Enterprise Security Risk Analyst is a senior analytical and leadership role within DWP's Enterprise Security Risk Management (ESRM) function. The postholder leads one of the department's four security risk domains: Cyber & Information Security, Personnel Security, Physical Security, or Supply Chain Security. They are responsible for producing high-quality enterprise-level security risk assessments that inform decision-making at the highest levels, including Director General Finance, the Executive Team, and Departmental Audit & Risk Assurance Committee (DARAC).

This role has evolved from traditional, system-based assessments to true enterprise security risk analysis, understanding the big picture, synthesising information, and articulating how security risks could impact the department's ability to operate, deliver services, maintain resilience, and protect staff, data, and assets. The postholder leads a small team, orchestrating complex analytical work across multi-layered risk scenarios, and works extensively with senior stakeholders across Digital, Estates, People Safety, Commercial, Risk & Resilience, and wider security stakeholders. Their work directly shapes DWP's security posture, prioritisation, and investment decisions.

Key Responsibilities

• Lead an Enterprise Security Risk Domain: Hold responsibility for one of four domains (Cyber, Physical, Personnel, Supply Chain). Develop, maintain and lead the production of quarterly Enterprise Security Risk Products for senior leaders.
• Deliver Complex Security Risk Analysis: Break down large, ambiguous or abstract security problems into structured analytical components. Gather, evaluate and synthesise information from diverse sources, including digital risk data, system-level risk assessments, threat intelligence, estate vulnerabilities, resilience data, and people safety insights. Apply structured analytical methods to generate robust findings, uncertainty judgements, and evidence-based conclusions.
• Influence Decision Makers: Produce clear, actionable insights to inform DG-level decision-making, risk appetite setting, and departmental prioritisation. Articulate business impacts: how risks could affect operations, resilience, service delivery, customer experience, staff safety, or data protection. Support senior leaders by outlining options, consequences, and recommended mitigations.
• Stakeholder Leadership and Engagement: Build strong relationships with senior stakeholders across Digital, Estates, People Safety, Risk & Resilience, Commercial, and wider security teams. Coordinate and convene stakeholders to gather evidence, test assumptions, and validate analysis. Ensure alignment across functions and build consensus around risk understanding, mitigations, and priorities.
• Team Leadership and Delivery Management: Lead, mentor, and quality-assure the work of a small team of colleagues. Task and oversee scenario-level analysis. Shape team capability, drive continuous improvement, and support professionalisation of ESRM's analytical approach.
• Strategic and Tactical Risk Support: Lead thematic/strategic risk assessments for priority business areas. Deliver tactical assessments when the business requests security input on emerging issues. Provide options and recommendations while enabling the business to understand and own its risk decisions.

What skills, knowledge and experience will you need?

• Experience providing analysis, risk assessment, or decision support within complex, multi-team environments ideally in large organisations with distributed accountabilities alongside a strong understanding of security or risk principles.
• Exceptional analytical skills able to break down complex or ambiguous security or operational problems into structured components, make evidence-based judgements, and articulate uncertainty clearly.
• Leadership experience in driving change and enhancing the professionalism of a team or function, while also providing guidance and quality assurance to colleagues.
• Ability to understand and communicate business impact translating security, technical or operational issues into clear consequences for service delivery, resilience, staff safety, or organisational performance.
• Strong stakeholder engagement and influencing capability able to identify the right stakeholders, gather insight, test assumptions, and build shared understanding, including with senior leaders.

Details

Alongside your salary of £64,946, the Department for Work and Pensions contributes £16,786 towards you being a member of the Civil Service Defined Benefit Pension scheme. DWP has a broad benefits package built around your work-life balance which includes:

• Working patterns to support work/life balance such as job sharing, term-time working, flexi-time, and compressed hours.
• Generous annual leave of at least 26 days on entry, increasing up to 31 days over time (pro-rata for part-time employees), plus 9 days public and privilege leave.
• Support for financial wellbeing, including interest-free season ticket loans for travel, a cycle to work scheme, and an employee discount scheme.
• Health and wellbeing support including our Employee Assistance Programme for specialist advice and counselling.
• Family friendly policies including enhanced maternity and shared parental leave pay after 1 year's continuous service.
• Funded learning and development to support progress in your role and career.
• An inclusive and diverse environment with opportunities to join professional and interpersonal networks.

Process

We know your time is valuable, so our application and selection process is just two stages:

• Apply: complete your application on Civil Service Jobs. There will be full instructions when you click through.
• Interview: a single stage face-to-face interview.

CLICK APPLY for more information and to start your application.