At a Glance
- Tasks: Lead cyber security risk management and assurance for critical national digital services.
- Company: Join the Government Digital Service, the heart of UK government digital transformation.
- Benefits: Competitive salary, flexible working, and opportunities for professional growth.
- Other info: Dynamic role with a focus on collaboration and continuous learning.
- Why this job: Make a real impact on national security while shaping the future of digital services.
- Qualifications: Proven experience in cyber security, risk assessments, and stakeholder engagement.
The predicted salary is between 55000 - 65000 £ per year.
Location: Bristol, London, Manchester
The Government Digital Service (GDS) is looking for a Cyber Security Governance and Risk Management Principal to lead security assurance across critical national digital infrastructure.
About the role
You’ll join GDS, the digital centre of government, working at the heart of services like GOV.UK and One Login.
Responsibilities
In this role, you will:
- Lead cyber risk and security assurance across major digital services
- Work across teams delivering services in alpha, beta and live phases
- Influence how security is embedded across government digital delivery
- Support a strong “secure by design” culture across the organisation
What you’ll be doing
You’ll play a key role in protecting and strengthening government digital services, including:
- Leading cyber and information security risk management and assurance
- Conducting security assessments and IT Health Checks across services
- Ensuring SaaS and cloud solutions meet NCSC security principles
- Facilitating security working groups across delivery stages
- Producing formal risk assessments and risk treatment plans (RTPs)
- Advising on secure by design practices, including AI and secure coding
- Supporting incident management and live service security improvements
- Delivering risk briefings to senior leaders, with clear recommendations
- Mentoring teams and building capability across security practices
- Promoting a positive, collaborative security culture
What we’re looking for
We’re looking for an experienced cyber security professional who can operate at a senior level:
- Strong experience delivering cyber risk assessments and assurance
- Deep understanding of threat modelling, cloud security and SaaS environments
- Experience applying security standards and regulatory frameworks
- Confident working in complex, fast-paced digital environments
- Strong stakeholder engagement, able to influence senior leaders
- Excellent communication skills, translating complex risks into clear actions
- Experience mentoring, coaching or building team capability
- Ability to assess risks across emerging technologies (AI, cloud, SaaS)
- Commitment to continuous learning and best practice sharing
Cyber Security Governance and Risk Management Principal - Government Digital Service - G6 in Bristol employer: Government Cyber Profession
The Government Digital Service (GDS) is an exceptional employer, offering a dynamic work environment in vibrant cities like Bristol, London, and Manchester. With a strong commitment to fostering a collaborative culture, GDS provides ample opportunities for professional growth and development, particularly in the rapidly evolving field of cyber security. Employees benefit from engaging in meaningful work that directly impacts national digital infrastructure while enjoying a supportive atmosphere that encourages innovation and continuous learning.
Contact Details:
Government Cyber Profession Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Governance and Risk Management Principal - Government Digital Service - G6 in Bristol
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cyber security field. Attend meetups, webinars, or even local events. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or a personal website showcasing your projects, risk assessments, or any relevant work. This is a great way to demonstrate your expertise and passion for cyber security to potential employers.
✨Tip Number 3
Prepare for interviews by brushing up on your knowledge of current threats and security practices. Be ready to discuss how you would handle specific scenarios related to cyber risk management. Confidence and clarity are key!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got some fantastic opportunities waiting for you. Plus, it’s a great way to ensure your application gets seen by the right people. Let’s get you that dream job!
We think you need these skills to ace Cyber Security Governance and Risk Management Principal - Government Digital Service - G6 in Bristol
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role. Highlight your experience in cyber risk assessments and security assurance, and don’t forget to mention any work with cloud solutions or SaaS environments. We want to see how you can influence security practices!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cyber security and how your skills align with our mission at GDS. Be sure to mention your experience in mentoring and building team capability – we love that!
Showcase Your Communication Skills:In this role, you’ll need to translate complex risks into clear actions for senior leaders. Use your application to demonstrate your communication prowess. Whether it’s through your CV or cover letter, make sure we can see your ability to engage stakeholders effectively.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets to us quickly and efficiently. Plus, you’ll find all the details you need about the role and our culture there!
How to prepare for a job interview at Government Cyber Profession
✨Know Your Cyber Security Fundamentals
Make sure you brush up on your knowledge of cyber risk assessments, threat modelling, and cloud security. Be ready to discuss how you've applied these concepts in previous roles, as this will show your depth of understanding and experience.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to solve hypothetical situations related to security assurance and risk management. Think about past experiences where you had to influence stakeholders or lead a team through a security challenge, and be prepared to share those stories.
✨Showcase Your Communication Skills
Since you'll need to translate complex risks into clear actions for senior leaders, practice explaining technical concepts in simple terms. This will demonstrate your ability to communicate effectively, which is crucial for the role.
✨Emphasise Your Mentoring Experience
Highlight any experience you have in mentoring or coaching others in security practices. Discuss how you've built capability within teams, as this aligns with the role's focus on promoting a positive security culture across the organisation.
