At a Glance
- Tasks: Lead cyber security assurance and risk management for critical national digital services.
- Company: Join the Government Digital Service, the heart of UK digital innovation.
- Benefits: Competitive salary, flexible working, and opportunities for professional growth.
- Other info: Dynamic role with opportunities to mentor and influence across government.
- Why this job: Make a real impact on national security while shaping the future of digital services.
- Qualifications: Proven experience in cyber security, risk assessments, and stakeholder engagement.
The predicted salary is between 60000 - 70000 £ per year.
Location: Bristol, London, Manchester
The Government Digital Service (GDS) is looking for a Cyber Security Governance and Risk Management Principal to lead security assurance across critical national digital infrastructure.
About the role
You’ll join GDS, the digital centre of government, working at the heart of services like GOV.UK and One Login.
Responsibilities
In this role, you will:
- Lead cyber risk and security assurance across major digital services
- Work across teams delivering services in alpha, beta and live phases
- Influence how security is embedded across government digital delivery
- Support a strong “secure by design” culture across the organisation
What you’ll be doing
You’ll play a key role in protecting and strengthening government digital services, including:
- Leading cyber and information security risk management and assurance
- Conducting security assessments and IT Health Checks across services
- Ensuring SaaS and cloud solutions meet NCSC security principles
- Facilitating security working groups across delivery stages
- Producing formal risk assessments and risk treatment plans (RTPs)
- Advising on secure by design practices, including AI and secure coding
- Supporting incident management and live service security improvements
- Delivering risk briefings to senior leaders, with clear recommendations
- Mentoring teams and building capability across security practices
- Promoting a positive, collaborative security culture
What we’re looking for
We’re looking for an experienced cyber security professional who can operate at a senior level:
- Strong experience delivering cyber risk assessments and assurance
- Deep understanding of threat modelling, cloud security and SaaS environments
- Experience applying security standards and regulatory frameworks
- Confident working in complex, fast-paced digital environments
- Strong stakeholder engagement, able to influence senior leaders
- Excellent communication skills, translating complex risks into clear actions
- Experience mentoring, coaching or building team capability
- Ability to assess risks across emerging technologies (AI, cloud, SaaS)
- Commitment to continuous learning and best practice sharing
Cyber Security Governance and Risk Management Principal - Government Digital Service - G6 employer: Government Cyber Profession
The Government Digital Service (GDS) is an exceptional employer, offering a dynamic work environment in key locations such as Bristol, London, and Manchester. With a strong commitment to fostering a collaborative culture, GDS provides ample opportunities for professional growth and development, particularly in the rapidly evolving field of cyber security. Employees benefit from engaging in meaningful work that directly impacts national digital infrastructure while being supported by a team that values innovation and secure practices.
Contact Details:
Government Cyber Profession Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Governance and Risk Management Principal - Government Digital Service - G6
✨Tip Number 1
Network like a pro! Reach out to people in the cyber security field, especially those working in government digital services. Attend industry events or webinars and don’t be shy about introducing yourself – you never know who might have a lead on your dream job!
✨Tip Number 2
Showcase your expertise! Create a personal website or LinkedIn profile that highlights your experience in cyber risk assessments and security assurance. Share articles or insights related to secure by design practices to demonstrate your knowledge and passion for the field.
✨Tip Number 3
Prepare for interviews by brushing up on your communication skills. Practice explaining complex security concepts in simple terms, as you’ll need to influence senior leaders. Mock interviews with friends can help you get comfortable with this.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for talented individuals like you. Keep an eye on our job postings and make sure your application stands out by tailoring it to the specific role and showcasing your relevant experience.
We think you need these skills to ace Cyber Security Governance and Risk Management Principal - Government Digital Service - G6
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience in cyber security governance and risk management. Use keywords from the job description to show that you understand what we're looking for.
Showcase Your Achievements:Don’t just list your responsibilities; share specific examples of how you've led cyber risk assessments or influenced security practices in previous roles. We love seeing quantifiable results!
Be Clear and Concise:When writing your application, keep it straightforward. Use clear language to explain complex concepts, as if you're talking to someone who might not be a tech expert. This shows us you can communicate effectively with stakeholders.
Apply Through Our Website:We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Government Cyber Profession
✨Know Your Cyber Security Fundamentals
Make sure you brush up on your knowledge of cyber security principles, especially around risk assessments and assurance. Be ready to discuss how you've applied these in past roles, particularly in complex digital environments.
✨Showcase Your Stakeholder Engagement Skills
Prepare examples that highlight your ability to influence senior leaders and engage with various teams. Think about times when you successfully communicated complex risks and how you turned them into actionable insights.
✨Demonstrate Your 'Secure by Design' Mindset
Be ready to talk about how you’ve embedded security practices in previous projects. Discuss your experience with secure coding, threat modelling, and how you’ve promoted a positive security culture within teams.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to assess risks in hypothetical situations, especially involving emerging technologies like AI and cloud solutions. Practice articulating your thought process and decision-making strategies clearly.
