Security Risk Lead

Cambridge
1 month ago
Applications closed

Related Jobs

View all jobs

Information Security Risk Manager

Cyber & Data Security Risk Consultant

Information Security Consultant (Insurance) (London Area)

Information Security Consultant (Insurance)

Security Architect for Network and Cloud

Security Architect for Network and Cloud (Belfast)

Security Risk Lead

Salary: £53,300 - £71,300

Location: Cambridge/Hybrid with 2 days a week minimum the office

Contract: Permanent

Join our organisation as a Security Risk Lead. Utilise your expertise and drive to safeguard operations in this impactful role.

We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge.

About the role

The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment's security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework.

Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation's priorities. They will also take the lead on key initiatives to reduce the organisation's risk exposure, delivering critical risk insights, reports

  • Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation.

  • Implement controls to mitigate risks and ensure effective execution.

  • Manage and support the Security Risk Manager. Prepare and present regular risk reports for senior management.

  • Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements.

  • Monitor industry trends and best practices.

  • Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions.

  • Provide risk management training and develop a risk-aware culture.

  • Support the development of security risk policies and frameworks.

  • Collect data for risk assessments and foster a collaborative risk management approach. Provide risk management input on key projects.

  • Represent the organisation in industry forums.

    About you

    We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry

    The ideal candidate will have a relevant degree in Risk Management, Finance, Business, or a related field, or appropriate business experience, along with active CRISC or 27005 Risk Manager certification

    You should have a minimum of 5 years or demonstrated experience in a governance, risk, or compliance role within an information security context

    Strong analytical and problem-solving abilities, excellent written and verbal communication skills, and proficiency in risk management software and MS Office Suite are essential

    You should be detail-oriented with strong organisational and project management skills, and able to work well in a team-oriented environment and build relationships with stakeholders

    If you would like to know more about this opportunity and what will make you successful, please see the full job description attached to the bottom of this vacancy on our careers site.

    Rewards and benefits

    We will support you to be at your best in work and to live well outside of it. In addition to competitive salaries, we offer a world-class, flexible rewards package, featuring family-friendly and planet-friendly benefits including:

  • 28 days annual leave plus bank holidays

  • Private medical and Permanent Health Insurance

  • Discretionary annual bonus

  • Group personal pension scheme

  • Life assurance up to 4 x annual salary

  • Green travel schemes

    We are a hybrid working organisation, and we offer a range of flexible working options from day one. We expect most hybrid-working colleagues to spend 40-60% of their time at their dedicated office or location. We will also consider other work arrangements if you wish to work more flexibly or require adjustments due to a disability.

    Ready to pursue your potential? Apply now.

    We review applications on an ongoing basis, with a closing date for all applications being 15 May 2025 although we may close it earlier if suitable candidates are identified. Interviews are scheduled to take place shortly after it closes.

    Please note that successful applicants will be subject to satisfactory background checks including DBS due to working in a regulated industry.

    Cambridge University Press & Assessment is an approved UK employer for the sponsorship of eligible roles and applicants under the Skilled Worker visa route. Please refer to the gov website for guidance to understand your own eligibility based on the role you are applying for.

    Why join us

    Joining us is your opportunity to pursue potential. You'll belong to a collaborative team that's exploring new and better ways to serve students, teachers and researchers across the globe – for the benefit of individuals, society and the world. Sharing our mission will inspire your own growth, development and progress, in an environment which embraces difference, change and aspiration.

    Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it's safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background.

    We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities.

    Security Risk Lead

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Quantum-Enhanced AI in Cyber Security: Guarding the Digital Frontier

The cyber security landscape has evolved dramatically over the past decade. Long gone are the days when businesses primarily worried about simplistic phishing or basic website defacements. Today’s threats include nation-state attacks, sophisticated ransomware, AI-generated phishing campaigns, and a wide array of stealthy intrusion methods. Organisations must defend vast digital ecosystems that include cloud infrastructure, IoT devices, and critical operational technology—any of which can become high-value targets for malicious actors. Amid these escalating challenges, a new technological wave is emerging: quantum computing. Although still in its infancy, quantum computing promises capabilities that could surpass even the most advanced classical supercomputers for specific tasks. Simultaneously, in the world of Artificial Intelligence (AI)—where data volumes and model complexity are exploding—quantum’s parallelism could significantly boost analysis, training, and decision-making. What unfolds when quantum computing and AI converge in the realm of cyber security? On one hand, quantum technologies could introduce stronger encryption and faster threat detection. On the other, adversaries armed with quantum power might break today’s cryptographic protocols or develop more potent attacks at unimaginable speeds. This article explores the phenomenon of quantum-enhanced AI for cyber security: the possibilities it unlocks, the challenges it poses, and the reasons it could reshape both defensive and offensive operations in the digital world.

Jobs

Cyber Security Jobs at Newly Funded UK Start-ups: Q3 2025 Investment Tracker

Cyber security is no longer just a topic for tech-savvy professionals—it’s an essential pillar of every modern organisation. From protecting sensitive customer data to thwarting state-sponsored attacks, cyber security teams play a crucial role in safeguarding digital infrastructures across all sectors. In the UK, cyber security innovation is thriving, fuelled by a fertile mix of venture capital, government backing, and an ever-growing pool of talented specialists. Now, in the third quarter of 2025, we’ve seen a fresh influx of funding for cyber security start-ups that are poised to shape the industry’s future. This Q3 2025 Investment Tracker highlights newly funded UK-based cyber security start-ups, their core offerings, and—most importantly—the wide range of job opportunities they’re creating. Whether you’re a veteran security analyst, a pen tester, or a newcomer eager to explore the defensive side of tech, these start-ups are actively seeking professionals to help drive their next phase of growth. We’ll also guide you through the essential skills in demand, strategies to secure a role, and how to leverage CyberSecurityJobs.tech to fast-track your job search.

Jobs

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.