Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber security efforts to protect digital systems and respond to threats.
- Company: Join the Joseph Rowntree Foundation, a leader in public policy and non-profit work.
- Benefits: Flexible working options, competitive pay, and a commitment to diversity and inclusion.
- Why this job: Make a real impact by safeguarding vital information and enhancing organisational resilience.
- Qualifications: Experience in cyber security frameworks and strong analytical skills required.
- Other info: Opportunity for career growth in a supportive and inclusive environment.
The predicted salary is between 36000 - 60000 ÂŁ per year.
You will be responsible for leading the delivery of the organisation’s cyber security activities, ensuring that digital systems and information assets are protected against current and emerging threats. Maintaining the cyber risk register, you will lead investigations into security breaches, coordinate disaster recovery (DR) and cyber incident response, and support business continuity planning (BCP), including defining Restore Point Objectives (RPOs) and Recovery Time Objectives (RTOs). The role ensures compliance with cyber security and information governance policies whilst providing subject‑matter expertise across the organisation. You will advise colleagues and senior stakeholders and act as a key liaison with third‑party providers to safeguard our digital environment and ensure alignment with standards and audit requirements. This is a hands‑on, standalone cyber security role. As the organisation’s senior cyber security authority, you will be the sole individual delivering cyber security activity, working closely with the Technology Manager and external IT provider. The role combines strategic oversight and independent risk‑based decision‑making with direct ownership of day‑to‑day cyber security delivery, driving continuous improvement in security maturity and organisational resilience.
We are seeking an experienced cyber security professional with expertise in frameworks such as ISO 27001, NIST, CIS Controls, GDPR, the UK Data Protection Act, and Cyber Essentials. The successful candidate will bring expertise in disaster recovery, business continuity, risk management, internal controls, and security technologies including SIEM, firewalls, EDR, MFA, encryption, Microsoft Purview, and Microsoft Entra. Experience with incident response, cyber forensics, enterprise security architecture, secure‑by‑design principles, and managing third‑party security risks is essential. The ideal candidate will have strong analytical and investigative skills to assess, document, report, and elevate cyber risks confidently. You will interpret vulnerability scans and penetration tests, evaluate cyber risks in projects or procurement, and deliver awareness programs, phishing simulations, and staff training. Excellent communication and stakeholder management skills are critical, including briefing senior leaders, liaising with external partners, and making high‑impact security decisions under pressure. You will have hands‑on experience working with cyber security tools or SOC services to monitor, detect, and respond to threats, as well as experience leading or supporting incident investigations and coordinating DR and BCP exercises. The role also involves supporting audits, compliance certifications, policy deployment, and regulatory requirements, with experience providing strategic advice to senior leadership or boards.
If you share our passion and this role sounds like you, we look forward to hearing from you. Please submit your CV and supporting information via our online application platform. The closing date for applications is 19th January 2026. Interviews will take place TBC. We reserve the right to bring the closing date forward should enough quality applications be received prior to the current closing date.
Applications are welcome from all, regardless of age, disability, marriage or civil partnership, pregnancy or maternity, religion or belief, race, sex, sexual orientation, trans status or socioeconomic background. We positively encourage applications from people from marginalised backgrounds, including but not limited to those with experience of living in poverty. We are committed to being an anti‑racist organisation and operate an anonymised recruitment process so that bias is eliminated from the shortlisting process. In support of our approach to flexible working, we are happy to receive applications from those seeking full‑time employment, as well as those who may wish to share the role on a part‑time basis. When making your application, please state whether you want to be considered for either full or part‑time work and, if part‑time, the number of hours per week you would be looking for. When working flexibly between the office and home, an expectation of two days a week in your home office applies. We are a Disability‑Confident Employer. We are committed to the recruitment, progression and retention of disabled individuals and will offer interviews to disabled candidates who meet the minimum criteria for the role. If you have a disability, please let us know if you would like to be considered for an interview under the Disability Confident Scheme. If you have any additional needs and need reasonable adjustments to be made to the interview process, please let us know.
Cyber Security Lead employer: Joseph Rowntree Foundation (JRF)
Contact Detail:
Joseph Rowntree Foundation (JRF) Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Lead
✨Tip Number 1
Network like a pro! Reach out to your connections in the cyber security field, attend industry events, and join relevant online forums. The more people you know, the better your chances of hearing about job openings before they even hit the market.
✨Tip Number 2
Show off your skills! Create a personal project or contribute to open-source initiatives that showcase your expertise in cyber security frameworks like ISO 27001 or NIST. This not only builds your portfolio but also demonstrates your passion and commitment to potential employers.
✨Tip Number 3
Prepare for interviews by brushing up on common cyber security scenarios. Be ready to discuss how you've handled incidents or improved security measures in past roles. Practising your responses will help you feel more confident and articulate during the real deal.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are genuinely interested in joining our mission at StudySmarter. So, get your CV ready and hit that apply button!
We think you need these skills to ace Cyber Security Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Cyber Security Lead role. Highlight your experience with frameworks like ISO 27001 and NIST, and don’t forget to showcase your hands-on skills with security tools. We want to see how your background aligns with what we’re looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about cyber security and how your expertise can help us at JRF. Be specific about your achievements and how they relate to the responsibilities of the role.
Showcase Your Communication Skills: Since this role involves liaising with senior stakeholders and external partners, make sure to highlight your communication skills in your application. We love candidates who can convey complex information clearly and confidently!
Apply Through Our Website: Don’t forget to submit your application through our online platform! It’s the best way for us to receive your CV and supporting information. Plus, it helps us keep everything organised as we review applications.
How to prepare for a job interview at Joseph Rowntree Foundation (JRF)
✨Know Your Cyber Security Frameworks
Make sure you brush up on key frameworks like ISO 27001, NIST, and GDPR. Be ready to discuss how you've applied these in your previous roles, as this will show your expertise and understanding of compliance requirements.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to respond to hypothetical security incidents or breaches. Think through your past experiences and be prepared to explain your thought process, decision-making, and the outcomes of your actions.
✨Showcase Your Communication Skills
As a Cyber Security Lead, you'll need to communicate complex information clearly to non-technical stakeholders. Practice explaining technical concepts in simple terms, and be ready to demonstrate your stakeholder management skills during the interview.
✨Highlight Your Hands-On Experience
Since this role is hands-on, be prepared to discuss your experience with security tools and technologies like SIEM, firewalls, and EDR. Share specific examples of how you've used these tools to monitor, detect, and respond to threats effectively.