Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Security Governance Risk and Assurance Manager

Manchester
6 days ago
Create job alert

About the DCC:

At the DCC, we believe in making Britain more connected, so we can all lead smarter, greener lives. That desire to make a difference is what drives us every day and it wouldn’t be possible without our people. Each person at the DCC brings a special kind of power to the business, and if you join us, we’ll give you the means to unleash yours. Here, we depend on each other and hold each other accountable. You have the power to challenge and make change, to take the initiative and enjoy real responsibility. Whether it’s doing purposeful work, helping us grow or building the career you want – we’ll give you the support to do it all. Our secure network for smart meters is transforming Britain’s energy system and helping the country’s fight against climate change: we want you to be part of our journey.

The role:

The Information Security Assurance Manager is a hands-on, multi-disciplinary role combining project assurance, governance, risk management, and compliance. You will work across business units, projects, and suppliers to ensure security is embedded in everything we do—from design to delivery. You will also support the development and maintenance of our Information Security Management System (ISMS), lead internal audits, and provide expert guidance on risk mitigation and regulatory compliance.

Key Responsibilities:

Security Assurance & Project Engagement

Provide end-to-end security assurance across the Licence Renewal programme
Attend programme meetings to represent Information Security and provide expert guidance.
Review technical documentation (e.g., designs, network diagrams, data flows) to ensure alignment with security policies and architecture.
Conduct Information Security Impact Assessments and Data Protection Impact Assessments.
Support penetration testing and vulnerability assessments, tracking remediation to closure or handover to BAU.
Translate technical risks into business language for stakeholders.
Maintain alignment with ISO27001 and other frameworks (e.g., NIST).
Advise on compliance for staff, suppliers, and services.
Support procurement activities with security assessments and contract reviews.

Skills & Experience - Essential

Strong experience in Information Security across complex environments (e.g., outsourced, telecoms, energy).
Solid grasp of risk management methodologies (ISO27005, ISO31000).
Excellent communication skills—able to engage with technical and non-technical stakeholders.
Ability to work independently and collaboratively in a fast-paced environment.

Skills & Experience - Desirable

Recognised certifications: CISSP, CISM, CISA, CEH.
ISO27001 Lead Auditor / Implementer certification.
Knowledge of NIST Cybersecurity Framework and PKI.
Understanding of large public sector programmes.
Eligible for HMG SC clearance.

Personal Attributes

Analytical and detail-oriented with a proactive mindset.
Strong stakeholder engagement and influencing skills.
Able to prioritise effectively and remain calm under pressure.
Committed to continuous improvement and professional development.

Company benefits:

The DCC’s continued success depends on our people. It’s important to us that you enjoy coming to work, and feel healthy, happy and rewarded. In this role, you’ll have access to a range of benefits which you can choose from to create a personalized plan unique to your lifestyle.

If there are any questions you’d like to ask before applying, please contact [recruiter name, email address] or complete your application, so we can learn more about you. Your application will be carefully considered, and you’ll hear from us regarding its progress.

Join the DCC and discover the power of you

Related Jobs

View all jobs

Information Security Assurance Specialist (we have offices in London, Leeds & Cambridge)

Head of Compliance

Joint Project Manager

UK*C/eDV Product Manager

Security Assurance Analyst

IT Risk & Control Analyst

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

Cyber Security Team Structures Explained: Who Does What in a Modern Cyber Security Department

Cyber security has become a top priority for UK organisations of all sizes. From small businesses to financial institutions, healthcare providers, and government bodies, the risk of cyber attack is now a constant concern. Threats are more sophisticated, regulations more demanding, and customers more aware of data privacy than ever before. But defending against cyber threats isn’t simply about having the right tools — it’s about having the right team. A modern cyber security department relies on clearly defined roles and responsibilities to ensure that defences are proactive, incidents are managed swiftly, and compliance is maintained. This article explains the structure of a modern cyber security team, the roles you’ll typically find within it, how they collaborate, and what skills, qualifications, and salaries are expected in the UK job market.

Why the UK Could Be the World’s Next Cyber Security Jobs Hub

Cyber security has become one of the defining challenges of the digital age. From protecting personal data and financial transactions to defending national infrastructure and corporate systems, the demand for strong cyber defences has never been higher. As businesses, governments, and individuals depend more heavily on digital services, the scale and sophistication of cyber threats have risen dramatically. Ransomware attacks, data breaches, state-sponsored cyber operations, and insider threats are now everyday risks. In response, organisations worldwide are investing heavily in cyber security talent. The United Kingdom is uniquely positioned to become a global cyber security jobs hub. With its strong tech sector, world-class universities, advanced defence capabilities, and established financial markets, the UK already has the foundations. The question is whether it can scale up, attract, and retain the right talent to meet global demand. This article explores why the UK is poised to become the world’s next cyber security jobs hub, the opportunities available, the challenges ahead, and what needs to happen for this vision to be realised.