Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Security Risk Lead

Cambridge
1 week ago
Create job alert

Security Risk Lead

  • Salary: £53,300 - £71,300

  • Location: Cambridge/Hybrid with 2 days a week minimum in the office

  • Contract: Permanent

    Join our organisation as a Security Risk Lead. Utilise your expertise and drive to safeguard operations in this impactful role.

    We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge.

    About the role

    The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment's security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework.

    Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation's priorities. They will also take the lead on key initiatives to reduce the organisation's risk exposure, delivering critical risk insights, reports

  • Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation.

  • Implement controls to mitigate risks and ensure effective execution.

  • Manage and support the Security Risk Manager. Prepare and present regular risk reports for senior management.

  • Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements.

  • Monitor industry trends and best practices.

  • Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions.

  • Provide risk management training and develop a risk-aware culture.

  • Support the development of security risk policies and frameworks.

  • Collect data for risk assessments and foster a collaborative risk management approach. Provide risk management input on key projects.

  • Represent the organisation in industry forums.

    About you

    We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry

    The ideal candidate will have a relevant degree in Risk Management, Finance, Business, or a related field, or appropriate business experience, along with active CRISC or 27005 Risk Manager certification

    You should have a minimum of 5 years or demonstrated experience in a governance, risk, or compliance role within an information security context

    Strong analytical and problem-solving abilities, excellent written and verbal communication skills, and proficiency in risk management software and MS Office Suite are essential

    You should be detail-oriented with strong organisational and project management skills, and able to work well in a team-oriented environment and build relationships with stakeholders

    If you would like to know more about this opportunity and what will make you successful, please see the full job description attached to the bottom of this vacancy on our careers site.

    Rewards and benefits

    We will support you to be at your best in work and to live well outside of it. In addition to competitive salaries, we offer a world-class, flexible rewards package, featuring family-friendly and planet-friendly benefits including:

  • 28 days annual leave plus bank holidays

  • Private medical and Permanent Health Insurance

  • Discretionary annual bonus

  • Group personal pension scheme

  • Life assurance up to 4 x annual salary

  • Green travel schemes

    We are a hybrid working organisation, and we offer a range of flexible working options from day one. We expect most hybrid-working colleagues to spend 40-60% of their time at their dedicated office or location. We will also consider other work arrangements if you wish to work more flexibly or require adjustments due to a disability.

    Ready to pursue your potential? Apply now.

    We review applications on an ongoing basis, with a closing date for all applications being 22nd October 2025 although we may close it earlier if suitable candidates are identified. Interviews are scheduled to take place shortly after it closes.

    Please note that successful applicants will be subject to satisfactory background checks including DBS due to working in a regulated industry.

    Why join us

    Joining us is your opportunity to pursue potential. You'll belong to a collaborative team that's exploring new and better ways to serve students, teachers and researchers across the globe – for the benefit of individuals, society and the world. Sharing our mission will inspire your own growth, development and progress, in an environment which embraces difference, change and aspiration.

    Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it's safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background.

    We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities.

    Security Risk Lead

Related Jobs

View all jobs

Cyber Security Risk Manager

OT Cyber Security Analyst

Cyber Security Specialist

Head of Security

Security Architect

Security Architect

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

Jobs

Cyber Security Team Structures Explained: Who Does What in a Modern Cyber Security Department

Cyber security has become a top priority for UK organisations of all sizes. From small businesses to financial institutions, healthcare providers, and government bodies, the risk of cyber attack is now a constant concern. Threats are more sophisticated, regulations more demanding, and customers more aware of data privacy than ever before. But defending against cyber threats isn’t simply about having the right tools — it’s about having the right team. A modern cyber security department relies on clearly defined roles and responsibilities to ensure that defences are proactive, incidents are managed swiftly, and compliance is maintained. This article explains the structure of a modern cyber security team, the roles you’ll typically find within it, how they collaborate, and what skills, qualifications, and salaries are expected in the UK job market.

Jobs

Why the UK Could Be the World’s Next Cyber Security Jobs Hub

Cyber security has become one of the defining challenges of the digital age. From protecting personal data and financial transactions to defending national infrastructure and corporate systems, the demand for strong cyber defences has never been higher. As businesses, governments, and individuals depend more heavily on digital services, the scale and sophistication of cyber threats have risen dramatically. Ransomware attacks, data breaches, state-sponsored cyber operations, and insider threats are now everyday risks. In response, organisations worldwide are investing heavily in cyber security talent. The United Kingdom is uniquely positioned to become a global cyber security jobs hub. With its strong tech sector, world-class universities, advanced defence capabilities, and established financial markets, the UK already has the foundations. The question is whether it can scale up, attract, and retain the right talent to meet global demand. This article explores why the UK is poised to become the world’s next cyber security jobs hub, the opportunities available, the challenges ahead, and what needs to happen for this vision to be realised.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.