Security Risk Manager

About us

At OMNIA® Training, we’ve brought together some of the UK’s most innovative defence training organisations under one powerful mission: to transform the British Army’s training system and create the best-trained Army in the world. OMNIA are redefining the British Army’s collective training. To do that, we are looking for the best and brightest minds from across the UK. We are backed by British innovation and powered by world-class experts, like you. OMNIA is at the heart of the UK’s bold Land Industrial Strategy.

Job details

• Date Posted: 2026-03-09
• Country: United Kingdom
• Location: Warminster, Wiltshire
• Position Role Type: Hybrid

The role

This is more than a job — it’s a mission. You will be part of a high-impact, collaborative environment, where we expect everyone to live the values and standards of the British Army. Every person in our team plays a critical role in delivering OMNIA’s vision; designing, delivering, and transforming collective training so the British Army is ready to fight and win. You’ll work in a matrix organisation and report operationally through OMNIA Training and functionally through the Security Assurance Lead. Ultimately, you’ll work for the British Army, championing innovation, and helping shape the future of military collective training.

Key Responsibilities

• Lead programme wide security risk assessments (technical, operational and third-party).
• Manage Security Risk for the programme, maintaining plans, processes and the effective compliance to regulatory requirements such as NIST, ISO 27001, GDPR, and PCI-DSS.
• Support and work with programme stakeholders in the effective delivery of Programme Risk Management.
• Lead incident response, including investigating and reporting breaches and vulnerabilities.
• Monitor and record emerging threats and regulatory changes affecting risk posture.
• Lead and evaluate partner organisations compliance to Security Risk Management, security controls and risk assessments.
• Work with the Security Assurance Lead and wider invested teams to ensure a comprehensive approach to risk management, integrating Security Risk into the programme Security Management approach - developing and implementing security policies, procedure and strategies to minimise risk and enhance data security.
• Successfully driving the support solution design to assure incremental and progressive acceptance of security risk to the in-service support solution.
• Attend Customer Programme, Design, Security and Risk Reviews; to ensure security risk programme drivers are fully understood, considered and the impacts of any associated risks are reduced.
• Support to the Engineering Leadership Team by producing Security Risk Management engineering plans, Basis of Estimates, Key Performance Targets and Statements of Work.
• Ensuring that all security and risk activities undertaken are conducted in accordance with Raytheon UK and MOD site procedures that reflects best practice.
• Be ‘Responsible for championing and fostering a culture of Environmental, Health, and Safety (EHS) compliance and continuous improvement’.
• Any other duties required to meet the needs of the programme.

Who we are looking for

We’re after individuals who want to serve. You’ll have a mission focus, and the enthusiasm and drive to ‘get things done’. You’ll want to work in collaboration with other defence training organisations, and the British Army. You won’t let bureaucracy get in the way of what needs to be done, you’ll learn lessons and share these lessons across the team. You won’t necessarily have a military background, but you’ll understand what it means to serve and to put the mission first.

Qualifications

The OMNIA Training Security Risk Manager will be responsible for identifying, assessing and mitigating security risk across for the programme’s technologies systems, processes and third-party relationships for the Army Collective Training Service (ACTS). Responsible to the Security Assurance Lead, this position requires exceptional knowledge and experience across the breadth of security risk disciplines to lead security risk assessments, develop risk management frameworks, ensure regulatory compliance and collaborate with cross-functional teams, to provide a robust security posture. This role requires a systems-thinking mindset, strong stakeholder engagement skills, and the ability work in a multidisciplinary engineering team in a complex and evolving environment.

Essential Skills and Experience

• An engineering background, educated to degree level or with equivalent previous related experience.
• Proven knowledge and experience (3 - 5+ years) as a Security Risk Manager.
• Proven experience of incident response management and conducting security risk assessments utilising frameworks such as NIST and ISO27001.
• Experience of Supply Chain security risk management.
• Working knowledge of NCSC Secure by Design principles and UK Government Security Classification Policy (GSCP).
• Strong analytical and problem-solving skills to assess risk and develop effective mitigation strategies.
• A high level of competency in Microsoft Word, Excel and PowerPoint.
• A comprehensive understanding of Technical Publications and Support Documents.
• Comprehensive understanding of standards and guidance relating to supportability activities.
• Supporting the development of Risk Management Framework documents and controls.
• Understands security requirements and how to decompose them.
• Flexibility to travel regularly within the UK to support meetings.

Desirable Skills and Experience

• Well-developed planning and organisational abilities.
• Highly developed verbal and written communication skills.
• Experience of training solutions, army platforms or installation of equipment at customer sites.
• A working knowledge of understanding the impact of obsolescence on security risk.
• Knowledge of defence or public sector engineering standards and regulatory frameworks e.g. MOD Secure by Design.
• Additional knowledge of Physical Security or Personnel Security domains.
• Experience in training transformation or learning platforms.
• SAFe and ITIL4 certified.
• Qualifications in a security related domain such as CISSP, CGRC.
• Membership of a professional security body such as BCS CITP, ISC2.