Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security risk management strategy and oversee risk assessments.
- Company: Join Cambridge University Press & Assessment, a top academic publisher linked to the University of Cambridge.
- Benefits: Enjoy 28 days leave, private medical insurance, and flexible working options.
- Why this job: Make a real impact in a collaborative environment focused on growth and diversity.
- Qualifications: 5+ years in governance or compliance, with relevant degree and certifications required.
- Other info: Hybrid work model with opportunities for flexible arrangements.
The predicted salary is between 48000 - 72000 £ per year.
Cambridge University Press & Assessment (CUPA) is a world-leading academic publisher and assessment organisation, part of the University of Cambridge.
About the role
The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment's security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework. Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation's priorities. They will also take the lead on key initiatives to reduce the organisation's risk exposure, delivering critical risk insights and reports.
- Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation.
- Implement controls to mitigate risks and ensure effective execution.
- Manage and support the Security Risk Manager.
- Prepare and present regular risk reports for senior management.
- Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged.
- Ensure compliance with regulatory requirements.
- Monitor industry trends and best practices.
- Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions.
- Provide risk management training and develop a risk-aware culture.
- Support the development of security risk policies and frameworks.
- Collect data for risk assessments and foster a collaborative risk management approach.
- Provide risk management input on key projects.
- Represent the organisation in industry forums.
About you
We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry. The ideal candidate will have a relevant degree in Risk Management, Finance, Business, or a related field, or appropriate business experience, along with active CRISC or 27005 Risk Manager certification. You should have a minimum of 5 years or demonstrated experience in a governance, risk, or compliance role within an information security context. Strong analytical and problem-solving abilities, excellent written and verbal communication skills, and proficiency in risk management software and MS Office Suite are essential. You should be detail-oriented with strong organisational and project management skills, and able to work well in a team-oriented environment and build relationships with stakeholders.
Rewards and benefits
We will support you to be at your best in work and to live well outside of it. In addition to competitive salaries, we offer a world-class, flexible rewards package, featuring family-friendly and planet-friendly benefits including:
- 28 days annual leave plus bank holidays
- Private medical and Permanent Health Insurance
- Discretionary annual bonus
- Life assurance up to 4 x annual salary
We are a hybrid working organisation, and we offer a range of flexible working options from day one. We expect most hybrid-working colleagues to spend 40-60% of their time at their dedicated office or location. We will also consider other work arrangements if you wish to work more flexibly or require adjustments due to a disability.
Ready to pursue your potential? Apply now. We review applications on an ongoing basis, with a closing date for all applications being 15 May 2025 although we may close it earlier if suitable candidates are identified. Interviews are scheduled to take place shortly after it closes. Please note that successful applicants will be subject to satisfactory background checks including DBS due to working in a regulated industry.
Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it's safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background. We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities.
Security Risk Lead employer: TieTalent
Contact Detail:
TieTalent Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Risk Lead
✨Tip Number 1
Familiarise yourself with the specific security risk management frameworks mentioned in the job description, such as ISO 31000 and 27001. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the role.
✨Tip Number 2
Network with professionals in the security risk management field, especially those who have experience in academic publishing or similar industries. Engaging with them can provide valuable insights and potentially lead to referrals that could strengthen your application.
✨Tip Number 3
Prepare to showcase your analytical and problem-solving skills through real-world examples. Think of specific instances where you identified and mitigated risks effectively, as this will highlight your practical experience and suitability for the role.
✨Tip Number 4
Stay updated on the latest trends and best practices in security risk management. Being knowledgeable about current industry developments will not only help you in interviews but also show your commitment to continuous learning and improvement.
We think you need these skills to ace Security Risk Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in security risk management. Focus on your knowledge of frameworks like ISO 31000 and 27001, and any certifications you hold, such as CRISC or 27005 Risk Manager.
Craft a Compelling Cover Letter: In your cover letter, express your passion for security risk management and how your skills align with the role. Mention specific examples of how you've successfully identified and mitigated risks in previous positions.
Highlight Analytical Skills: Given the importance of analytical abilities in this role, provide examples in your application that demonstrate your problem-solving skills and your proficiency with risk management software.
Showcase Communication Skills: Since the role involves preparing and presenting reports to senior management, emphasise your written and verbal communication skills. Include instances where you've effectively communicated complex information to diverse stakeholders.
How to prepare for a job interview at TieTalent
✨Understand the Security Risk Landscape
Familiarise yourself with the latest security risk management frameworks and methodologies, especially ISO 31000, 27001, and 27005. Be prepared to discuss how these frameworks can be applied to the role and demonstrate your understanding of regulatory requirements in the industry.
✨Showcase Your Analytical Skills
Prepare examples from your past experience where you successfully identified, assessed, and mitigated risks. Highlight your analytical and problem-solving abilities, as well as your proficiency in risk management software, to illustrate how you can contribute to the organisation's risk management strategy.
✨Communicate Effectively
Since the role involves preparing and presenting risk reports for senior management, practice articulating complex information clearly and concisely. Use examples to demonstrate your excellent written and verbal communication skills, ensuring you can convey critical insights effectively.
✨Emphasise Team Collaboration
The position requires working closely with various stakeholders. Be ready to discuss your experience in fostering a collaborative environment and building relationships within teams. Share specific instances where you contributed to a team-oriented approach in risk management or compliance projects.
