Cyber Risk Manager - Active Security Clearance Required in Bristol

Cyber Risk Manager - Active Security Clearance Required in Bristol

Bristol Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Solirius Reply

At a Glance

  • Tasks: Lead cyber risk assessments and support local government clients in managing cyber risks.
  • Company: Join Solirius Reply, a tech consultancy driving digital transformation.
  • Benefits: Enjoy competitive salary, private healthcare, flexible working, and generous leave.
  • Other info: Diversity-focused employer committed to professional development and inclusive work culture.
  • Why this job: Make a real impact in cyber security while working with top public sector clients.
  • Qualifications: Experience in cyber security and strong stakeholder management skills required.

The predicted salary is between 60000 - 80000 £ per year.

Solirius Reply, part of the Reply Group, is a technology consultancy and digital transformation partner that helps organisations solve complex challenges through strategy, design, engineering, and delivery. We work closely with our clients to deliver secure, accessible, user-focused services that evolve with their needs. By combining deep technical expertise with people-centred design, we create solutions that deliver meaningful, lasting impact. This collaborative approach enables us to deliver tailored solutions that drive measurable outcomes across public and private sectors.

You enjoy working in collaborative, agile teams and take pride in delivering high-quality solutions that make a tangible impact. We are looking for an experienced Cyber Risk Manager to join our growing cyber practice on a permanent basis, supporting major public sector clients, with a particular focus on Local Government.

You will work closely with client stakeholders to identify, assess, manage, and communicate cyber risks across a variety of programmes and operational environments. Acting as a trusted advisor, you will help organisations establish effective cyber risk management practices, improve governance processes, and implement proportionate controls aligned to their risk appetite.

You will play a key role in supporting the continued evolution of our Local Digital Cyber Risk capability, helping to mature reporting processes, strengthen risk insights, and enhance the use of the NCSC Cyber Assessment Framework (CAF) to support informed decision-making across the sector. You will be a fundamental member of the team, responsible for leading cyber risk activities, supporting and developing colleagues, fostering best practice, and ensuring our clients remain resilient against an evolving threat landscape.

  • Leading and facilitating cyber risk assessments across programmes, projects, and operational environments.
  • Supporting and maintaining the Cyber Risk reporting process for the Local Government sector, ensuring timely and accurate reporting of cyber risks and emerging trends.
  • Supporting the continued development and maturity of the Local Digital Cyber Risk function through the enhancement of metrics, reporting frameworks, and governance structures.
  • Analysing NCSC Cyber Assessment Framework (CAF) returns to identify themes, trends, and actionable risk insights that inform decision-making and prioritisation.
  • Planning and executing assessments to determine the cyber risk levels associated with strategic departmental goals, programmes, and initiatives.
  • Providing a cyber risk perspective on the development, refinement, and implementation of the CAF process to ensure it remains effective and aligned to organisational objectives.
  • Directly engaging with councils, when required, to validate risk profiles, understand local challenges, and provide pragmatic risk-based guidance.
  • Developing and maintaining cyber risk registers, ensuring risks are appropriately documented, prioritised, assigned, and managed through to resolution.
  • Assessing the effectiveness of security controls and recommending proportionate improvements to reduce risk exposure.
  • Producing high-quality risk reports, dashboards, and presentations for senior stakeholders and governance forums.
  • Providing risk-based guidance to technical and business teams throughout project lifecycles.
  • Conducting third-party and supplier cyber risk assessments where appropriate.
  • Supporting internal and external audits, assurance reviews, and regulatory activities.
  • Monitoring emerging threats and vulnerabilities to assess potential impacts to client environments.
  • Promoting cyber risk awareness and embedding a positive security culture across client organisations.

Demonstrable experience working in cyber security, technology risk, information security, or enterprise risk management roles. Strong understanding of cyber risk management principles and methodologies.

  • NIST Cybersecurity Framework (CSF)
  • NCSC Cyber Assessment Framework (CAF)
  • ISO/IEC 27001 and ISO/IEC 27005
  • CIS Critical Security Controls
  • COBIT

Experience analysing risk data and translating findings into meaningful recommendations and reporting outputs. Experience maintaining risk registers and tracking remediation activities. Strong stakeholder management skills, with experience engaging senior leaders, executive audiences, and external organisations. Ability to communicate technical risks effectively to both technical and non-technical stakeholders. Experience facilitating workshops and conducting interviews to gather evidence and validate risk assessments. Experience operating within Agile and multidisciplinary delivery environments. Knowledge of cloud security risks and controls across platforms such as Azure, AWS, or Google Cloud is beneficial. Experience within Local Government, the wider public sector, or regulated environments would be highly advantageous. Experience using data and reporting tools to develop metrics and management information would be beneficial.

  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CRISC (Certified in Risk and Information Systems Control)
  • CISA (Certified Information Systems Auditor)
  • ISO 27001 Lead Implementer or Lead Auditor
  • NCSC or other recognised cyber security and risk management certifications.

As an equal opportunities employer, we are committed to creating a work environment that supports, celebrates, encourages and respects all individuals, where all processes are based on merit, competence, and business needs. This commitment is reflected in initiatives that support diversity, mental health, wellbeing, and professional development. Should you require further assistance or require any reasonable adjustments to be put in place to better support your application process, please do not hesitate to raise this with us. As a Disability Confident employer, we are committed to ensuring our recruitment process is accessible and inclusive, enabling all candidates to demonstrate their skills, experience and potential.

Solirius Reply

Contact Details:

Solirius Reply Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Cyber Risk Manager - Active Security Clearance Required in Bristol

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Solirius Reply, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Solirius Reply

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Solirius Reply. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Cyber Risk Manager - Active Security Clearance Required in Bristol

Cyber Risk Management
Stakeholder Management
NIST Cybersecurity Framework (CSF)
NCSC Cyber Assessment Framework (CAF)
ISO/IEC 27001
ISO/IEC 27005
CIS Critical Security Controls

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Solirius Reply insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Solirius Reply that you’re committed to staying ahead in the game.

How to prepare for a job interview at Solirius Reply

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Solirius Reply to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Solirius Reply.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.