Senior Cyber Security Risk Manager

Crown Prosecution Service
11 days ago

Role details

Contract type
Temporary to permanent
Employment type
Part-time / full-time
Working hours
Shift work
Languages
English
Experience level
Senior
Compensation
£ 51K

Job location

Tech stack

Artificial Intelligence
Computer Security
Databases
Digital Assets
Digital Data
Cyber Threat Analysis
Cybercrime

Job description

As a senior cyber security risk manager you play a pivotal role within the Digital and Information Directorate, responsible for safeguarding the organisation's digital assets in a rapidly evolving threat landscape. Reporting to the Lead Cyber Security Risk Manager, you lead the development, implementation, and continuous improvement of cyber risk management practices across the CPS. The Crown Prosecution Service is based in England and Wales. If you're applying for this role and live in Scotland or Northern Ireland, you must let us know when accepting this offer as you need permission to work from your home address if hybrid working is part of your role. There's no guarantee that we will grant this approval. You must be aged 16 before starting in this role. The start date is expected to be 8-12 weeks after the application deadline. As part of this role, you may be expected to undertake direct line management responsibilities., Your roles and responsibilities

  • you develop and maintain comprehensive cyber risk management processes that align with industry best practices.
  • you foster strong relationships with internal stakeholders to ensure cyber risk considerations are integrated into all business processes.
  • you drive continuous improvement in cyber risk processes, incorporating emerging risks such as those related to AI systems and autonomous decision-making.
  • you stay current with emerging cyber threats, risk management techniques, and regulatory changes.
  • you encourage a culture of learning and development within the team, promoting the sharing of knowledge and best practices. A copy of the full job description is available if requested from Ellie.Dixon@cps.gov.uk, This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Strengths and Experience. Recruitment process The recruitment process consists of an online application, interview and assessment. These are expected to take place the week commencing Monday 15th of December 2025. Your interview takes place online through Microsoft Teams. A member of our recruitment team will be in touch with guidance. If you have any queries about this, contact Ellie.Dixon@cps.gov.uk You should keep this date free or notify us if you're not available. We'll make every effort to accommodate your date preferences but we can't guarantee it. Assessment We ask you to complete an assessment as part of the recruitment process for this role. We will provide details 5 working days before your scheduled interview slot. Personal statement We ask you to complete a personal statement of no more than 1250 words. You need to address the core behaviours for this role, which are, The panel has the right to raise the minimum standard pass mark for the lead behaviour 'making effective decisions'. The panel may also refer to the lead behaviour at the interview stage to determine merit order. Interview/Assessment We use behaviours to help us understand your experience, to see if you're a good fit for the role. You are assessed against grade SEO in the Civil Service success profiles behaviours framework. We are assessing 3 behaviours at interview/assessment stage.
  1. Making effective decisions - interview
  2. Managing a quality service - interview and assessment
  3. Communicating and influencing - interview Essential Experience - assessed at interview and assessment CV You're not required to upload your CV. However, when submitting your application there is a 'CV section'. You are required to provide information about your employment and/or academic history for the past three years. The CV section will be used as supporting evidence, it won't be assessed. It's your responsibility to provide the specified information in the requested format to ensure that you're considered for the post. If you're unable to cover three years through employment or academic history, you must provide a character reference for clearance purposes. Strengths Strengths are tested at interview stage - the strengths tested are not shared before the interview. AI Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use. Other This is a full-time post. We do consider requests for flexible, part-time working and job share, always considering the operational needs of the department. Clearance If successful, you are required to secure a Disclosure and Barring Service check and Developed Vetting clearance, for which you must have a current valid UK address. If successfully appointed, we ask you to complete a character enquiry form, nationality and immigration questionnaire and national security vetting form. If you're a Crown Prosecution Service member of staff, you won't need to do a Disclosure and Barring Service check as you already hold this clearance. The job you're applying for is covered by Article 3(a) of the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975, consequently Section 4(2) of that Act doesn't apply. You're required to disclose all previous convictions and cautions including spent convictions. Failing to make a full declaration will result in withdrawing your offer of employment if our checks reveal convictions that haven't been disclosed. To be cleared to Developed Vetting clearance level, you have to be able to meet the residency requirement in the Cabinet Office guidance. For the Crown Prosecution Service they are:
  • Developed Vetting - six years within the last ten years. Reserve list If you're recommended by the selection panel but not appointed to the current vacancy, you're put on a reserve list for 12 months. You may be offered another Senior Cyber Security Risk Manager post in CPS Digital Information Directorate if a vacancy comes up during this period. We may also approach candidates on the waiting list to fill other roles that require similar knowledge and experience. Feedback We only provide feedback if you attend an interview or assessment. Fraud check The Crown Prosecution Service provides a Fair Processing Notice to all new applicants after they've been successful at interview. These candidates are informed that, as one aspect of pre-employment screening, their personal details - name, National Insurance number and date of birth - are checked against the Internal Fraud Database. We won't employ anyone included on the database unless they can demonstrate exceptional circumstances. The Strategic Resourcing team in the Crown Prosecution Service will, on behalf of the vacancy holder, inform applicants when they are refused employment because of their inclusion in the Internal Fraud Database. Civil Service Commission If you're dissatisfied with the recruitment process and wish to make a complaint, please contact Strategic.Resourcing@cps.gov.uk with your concerns. If you remain dissatisfied and wish to make a further complaint, please click on the following link to the Civil Service Commission complaints page https://civilservicecommission.independent.gov.uk/recruitment/civilservicerecruitmentcomplaints/ Civil Service Commission Recruitment Principles can be found at https://civilservicecommission.independent.gov.uk/recruitment/ Details of the Civil Service Nationality Rules are located at: https://www.gov.uk/government/publications/nationality-rules Candidates are subject to UK immigration requirements. For the most up-to-date information on the requirements of working in the UK, please go to the UK Visas and Immigration website at https://www.gov.uk/browse/visas-immigration/work-visas Feedback will only be provided if you attend an interview or assessment.

Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window)

Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Requirements

  • At least 2 years of hands-on experience in the cyber security field, with practical exposure to implementing and managing technical or procedural controls in operational environments.

  • Experience in identifying, assessing, and mitigating cyber risks, with a strong grasp of public sector or enterprise-level risk frameworks (e.g., ISO 27001/27005, NIST, CAF, Cyber Essentials+).

  • The ability to evaluate risk treatment options and ensure decisions are aligned with strategic and business objectives.

  • Proven experience in developing and coordinating cyber incident response strategies, including the creation of playbooks, running tabletop exercises, and leading triage and investigation processes.

  • Demonstrated ability to establish and operationalise threat intelligence capabilities, including integrating threat feeds, defining intelligence requirements, and generating actionable insights.

  • Proven experience of working with external partners and ensuring controls are tested and improved in line with standards such as Cyber Essentials+, ISO27001, both of which cover supplier-related risk and third-party assurance. It is desirable that you have the below experience but this is not required to apply:

  • Incident Response certifications

  • CRISC

  • Threat intelligence qualifications

  • Exposure and experience of working with the NCSC Cyber Assessment Framework.

  • Experience of working in cyber security within the public sector., + Making Effective Decisions

  • Managing a Quality Service

  • Communicating and Influencing, + At least 2 years of hands-on experience in the cyber security field, with practical exposure to implementing and managing technical or procedural controls in operational environments.

  • Experience in identifying, assessing, and mitigating cyber risks, with a strong grasp of public sector or enterprise-level risk frameworks (e.g., ISO 27001/27005, NIST, CAF, Cyber Essentials+).

  • The ability to evaluate risk treatment options and ensure decisions are aligned with strategic and business objectives.

  • Proven experience in developing and coordinating cyber incident response strategies, including the creation of playbooks, running tabletop exercises, and leading triage and investigation processes.

  • Demonstrated ability to establish and operationalise threat intelligence capabilities, including integrating threat feeds, defining intelligence requirements, and generating actionable insights.

  • Proven experience of working with external partners and ensuring controls are tested and improved in line with standards such as Cyber Essentials+, ISO27001, both of which cover supplier-related risk and third-party assurance. In addition, you need to demonstrate the Crown Prosecution Service or Civil Service values.

Benefits & conditions

Alongside your salary of £43,800, Crown Prosecution Service contributes £12,688 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. Join the Crown Prosecution Service and find your purpose The Crown Prosecution Service is passionate about ensuring that we're a top performing organisation and a great place to work. We're a committed equal opportunities employer, creating a culture where you can bring your whole self to work, and individuality is truly appreciated. This culture of inclusion is underpinned by our staff networks covering disability, faith and belief, LGBTQI+, race, social mobility alongside our mental health first aiders programme and wellbeing sessions. The Crown Prosecution Service commits to offer its employees the following experience.

  • You can do impactful, purposeful work that's making a difference to your local communities.

  • You are able to learn and grow, with access to the right opportunities and resources.

  • We care about your wellbeing.

  • We want you to feel valued, trusted and included. We also offer the following range of benefits:

  • Civil Service contributory pension of up to 28.9%

  • 25 days' leave, increasing to 30 days after 5 years

  • £350 each year to spend on personal development

  • lawyer training programme for all new prosecutors

  • an extra privilege day to mark the King's birthday

  • competitive maternity, paternity and parental leave

  • flexible working including flexitime, and a family friendly approach to work

  • Cycle2Work scheme, employee savings. Diversity at the Crown Prosecution Service is about inclusion, embracing differences and ensuring our workforce truly reflects the communities we serve. We want you to feel that you belong and can thrive, whatever your background, identity or culture. As a Disability Confident employer, we're happy to support requests for reasonable adjustments and improve your recruitment experience. If you'd like any reasonable adjustments made to our recruitment process, let us know within your application or contact Ellie.Dixon@cps.gov.uk The Crown Prosecution Service also has a range of development programmes to support all aspiring, new and experienced managers with developing the skills, behaviours and knowledge to build their confidence and capability. Our Manager Induction Programme is mandatory for all newly appointed managers. This is a fantastic opportunity to support all our new Crown Prosecution Service managers with the tools required to perform effectively in their roles.

Apply for this position