About the Role
Lead and manage cybersecurity audit initiatives to ensure adherence to regulatory and industry standards. Design and sustain risk management frameworks in alignment with recognized best practices including ISO 27001, NIST, and GDPR. Partner with internal and external stakeholders to detect, evaluate, and reduce cyber threats across digital and operational systems. Offer specialized insight into cyber risk governance, resilience planning, and assurance methodologies. Evaluate third-party risk controls and perform security assessments on vendors and collaborators. Coordinate with senior security, IT, and compliance units to promote a forward-thinking security environment. Present audit outcomes and strategic recommendations to executive leadership to support effective risk remediation.
Responsibilities
- Manage and conduct cybersecurity audits to verify compliance with applicable regulations and industry benchmarks.
- Create and update risk management frameworks using standards such as ISO 27001, NIST, and GDPR.
- Engage with stakeholders to detect and address cyber threats within digital and operational environments.
- Deliver expert advice on cyber risk governance, organizational resilience, and assurance models.
- Evaluate third-party risk protocols and perform security audits on external partners and suppliers.
- Collaborate with CISOs, IT departments, and compliance units to foster a proactive security mindset.
- Communicate audit results and actionable recommendations to senior management, ensuring effective implementation of risk reduction measures.
Other
- This role will require you hold or achieve Security Clearance.
- As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK.
- If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected - Details of this will be discussed with you at interview
