Risk Lead

Cambridge
6 days ago
Create job alert

Risk Lead

Salary: £57,100 - £76,450

Location: Cambridge, Hybrid (2 days per week in the office)

Contract: Full time, permanent, 35 hours per week

Lead with Impact: Shape the Future of Risk Management and Assurance at Cambridge University Press & Assessment.

This is an exciting opportunity for an experienced Risk Lead to join a passionate and fast-paced Exam Technology department.

We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge, an institution which is respected across the globe for its long heritage and ethos of excellence.

About the role

As the Risk Lead, you will play a key role in leading risk management work across high-stakes exam products and services. You will manage risk assessment campaigns, assurance reviews, and contribute to the design and launch of new assessment products. The role involves collaborating with various stakeholders, ensuring governance and compliance, and acting as the Risk Champion.

The Risk Lead will maintain the strategic risk register and develop the ETO risk framework. The Lead role involves strengthening risk management practices across the department. As the Risk Lead you will engage with third-party investigations to ensure compliance. Building effective partnerships and facilitating discussions with stakeholders are also key responsibilities.

Key Responsibilities:

Leadership and Responsibility: Demonstrate a passion for risk management, leading by example and embodying CUP&A behaviours. Take ownership of risk guidelines and frameworks to manage risk within Exam Technology effectively.

Governance & Compliance: Engage with third-party investigations, ensuring compliance with external requirements. Lead ongoing risk assessment campaigns, assurance reviews, and risk reports.

Stakeholder Collaboration: Build trusted relationships with stakeholders, facilitate constructive discussions, and implement risk management processes across Exam Technology.

Communicating and Influencing: Communicate purposefully and clearly, simplifying complexities and influencing others to agree on prevention measures, controls, and solutions.

About you

We are looking for an experienced Risk Lead who can bring a wealth of knowledge and expertise to our team. You are a strategic and collaborative leader with a passion for excellence.

You will have a keen interest in enterprise risk management and how it can help an organisation deliver its strategy and objectives. This may come from a background in risk management, project management or assurance, or in working with senior decision-making functions in your organisation. Although a qualification in risk management is not required to apply for this role, we actively promote learning and development and will support you to develop your risk expertise.

Key skills and experience:

Risk Management Frameworks: familiarity with ISO 31000, NIST, and COSO.

Integrated Risk and Quality Management: knowledge of integrated processes.

Cybersecurity Principles: understanding of threat modelling, vulnerability assessment, and incident response.

Incident Management: knowledge of detection, response, recovery, and post-incident analysis.

Compliance and Regulatory Knowledge: awareness of external requirements and relevant laws like GDPR.

IT Infrastructure and Architecture: knowledge of networks, servers, databases, and cloud services.

The job offers an opportunity to lead our risk management efforts, shaping effective risk management across the Exam Technology and our Solutions teams, in a fast paced, regulated environment.

If you would like to know more about this opportunity and what will make you successful, please see the full job description attached to the bottom of this vacancy on our careers site.

Rewards and benefits

We will support you to be at your best in work and to live well outside of it. In addition to competitive salaries, we offer a world-class, flexible rewards package, featuring family-friendly and planet-friendly benefits including:



28 days annual leave plus bank holidays

*

Private medical and Permanent Health Insurance

*

Discretionary annual bonus

*

Group personal pension scheme

*

Life assurance up to 4 x annual salary

*

Green travel schemes

We are a hybrid working organisation, and we offer a range of flexible working options from day one. We expect most hybrid-working colleagues to spend 40-60% of their time at their dedicated office or location. We will also consider other work arrangements if you wish to work more flexibly or require adjustments due to a disability.

Ready to pursue your potential? Apply now.

We review applications on an ongoing basis, with a closing date for all applications being 25th April although we may close it earlier if suitable candidates are identified. Interviews are scheduled to take place on week commencing 12th May.

Please note that successful applicants will be subject to satisfactory background checks including DBS due to working in a regulated industry.

Cambridge University Press & Assessment is an approved UK employer for the sponsorship of eligible roles and applicants under the Skilled Worker visa route. Please refer to the gov uk website for guidance to understand your own eligibility based on the role you are applying for.

Why join us

Joining us is your opportunity to pursue potential. You'll belong to a collaborative team that's exploring new and better ways to serve students, teachers and researchers across the globe – for the benefit of individuals, society and the world. Sharing our mission will inspire your own growth, development and progress, in an environment which embraces difference, change and aspiration.

Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it's safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background.

We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities

Related Jobs

View all jobs

Cyber Security Lead - SCSC/CAF

Senior Information Security Analyst

Risk Manager

GRC Information Security Risk Manager

Information Security Officer

Information Security Officer

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Cyber Security vs. Ethical Hacking vs. Security Analysis Jobs: Which Path Should You Choose?

In an era where data breaches, ransomware attacks, and sophisticated digital threats dominate headlines, the demand for skilled cyber security professionals has never been higher. From global corporations to small businesses, organisations are scrambling to protect their systems, networks, and data from malicious actors. If you’ve been exploring cyber security jobs on www.cybersecurityjobs.tech, you’ve likely encountered various specialised roles—Ethical Hacking (often termed Penetration Testing), Security Analysis, Security Architecture, Incident Response, and more. Yet many job seekers and technology enthusiasts are unsure how these fields overlap or which one is right for them. In this in-depth guide, we’ll demystify three core disciplines—Cyber Security, Ethical Hacking, and Security Analysis—outlining the skills each requires, the responsibilities you can expect, salary ranges in the UK, and typical day-to-day activities. By the end, you’ll have a clearer understanding of these roles, helping you decide which path to pursue in this fast-growing industry. And when you’re ready to take the next step, head over to www.cybersecurityjobs.tech to explore the latest openings and find your perfect match.

Cyber Security Programming Languages for Job Seekers: Which Should You Learn First to Launch Your Security Career?

Cyber security has become a top priority for companies of all sizes, public institutions, and governments. As cyber threats evolve—from sophisticated ransomware attacks to large-scale data breaches—employers are eager to recruit talent with the skills to detect, prevent, and respond to security incidents. If you’re exploring roles on www.cybersecurityjobs.tech, a key question inevitably arises: Which programming language should you learn first for a career in cybersecurity? Cyber security is a multifaceted domain encompassing network security, application security, reverse engineering, digital forensics, ethical hacking (penetration testing), and more. Each niche may have unique language preferences—like Python for scripting tasks, C/C++ for exploit development, or Rust for building secure low-level tools. In this article, we’ll: Highlight the top programming languages used across cyber security. Break down pros, cons, and key use cases for each language. Present a simple beginner’s project for hands-on learning. Share essential resources and tips, so you can stand out in the competitive cybersecurity job market.

UK Visa & Work Permits Explained: Your Essential Guide for International Cyber Security Talent

Cyber security is one of the fastest-growing fields in today’s digital age. As cyber threats proliferate—ranging from data breaches and ransomware attacks to sophisticated nation-state incursions—organisations worldwide are investing more than ever to protect their systems, networks, and customer data. The United Kingdom, in particular, is emerging as a hub for advanced cyber defence, AI-driven threat detection, and compliance consulting. For international cyber security professionals, the UK offers a wealth of career opportunities, spanning financial services, government contracts, tech start-ups, and global corporations. However, stepping into the UK’s cyber security job market requires a clear understanding of the country’s visa and work permit processes. If you are an international candidate with expertise in areas like intrusion detection, penetration testing, or security architecture, navigating these immigration pathways can be daunting. This article aims to demystify the visa process—highlighting key routes, eligibility criteria, and practical tips—to help you seamlessly transition into the British cyber security ecosystem.