Cyber Policy Advisor

Are you passionate about shaping cyber security strategy within a complex, highly regulated environment? We are working with a major organisation responsible for operating and protecting nationally important infrastructure. As part of continued investment in cyber resilience, they are seeking a Cyber Policy Advisor to help develop and drive cyber security policy, governance, and assurance activities across a diverse technology landscape. This is an opportunity to influence cyber strategy at an enterprise level, working with senior stakeholders, regulators, and technical teams to strengthen security and resilience across both traditional IT and operational environments.

The Role

As Cyber Policy Advisor, you will play a key role in developing, maintaining, and enhancing cyber security policies, standards, and governance frameworks. You will provide expert guidance on regulatory compliance, emerging cyber risks, and industry best practice while supporting the organisation's long-term cyber resilience objectives.

Key responsibilities will include:

• Developing and maintaining cyber security policies, standards, and governance frameworks aligned to recognised industry best practice.
• Providing expert advice and guidance to technology, security, risk, and leadership teams.
• Monitoring changes in legislation, regulation, and the threat landscape to ensure policies remain current and effective.
• Working closely with internal stakeholders across technology, operations, legal, risk, and compliance functions.
• Supporting cyber governance activities, audits, assurance reviews, and regulatory engagements.
• Contributing to incident response planning, lessons learned activities, and continuous policy improvement.
• Identifying strategic cyber risks and recommending appropriate mitigation measures.

About You

To be successful in this role, you will bring a strong understanding of cyber security governance, policy, and risk management within a regulated environment. You will ideally have:

• Experience developing or managing cyber security policies, standards, or governance frameworks.
• Strong knowledge of recognised cyber security frameworks such as ISO 27001, NIST, or the Cyber Assessment Framework (CAF).
• Experience supporting compliance, risk management, or information assurance programmes.
• Excellent stakeholder management and communication skills, with the ability to translate technical concepts into clear business and policy language.
• Experience engaging with senior stakeholders, external partners, or regulatory bodies.
• The ability to balance security requirements with operational and business objectives.

Desirable Experience

• Experience within critical infrastructure, utilities, defence, energy, engineering, transport, manufacturing, or other highly regulated sectors.
• Understanding of Operational Technology (OT) and Industrial Control Systems (ICS) security.
• Knowledge of cyber resilience requirements within critical national infrastructure environments.
• Professional certifications such as CISSP, CISM, or ISO 27001 Lead Implementer/Auditor.

What's on Offer

• Opportunity to influence cyber strategy within a nationally significant organisation.
• Exposure to complex cyber security and governance challenges.
• Collaborative and supportive working environment.
• Ongoing professional development and certification support.
• Competitive salary and comprehensive benefits package.

If you're looking to make a meaningful impact in a role that combines cyber security, policy development, governance, and strategic stakeholder engagement, we'd like to hear from you.