Security Risk Analyst
Listed on 2026-07-17
-
IT/Tech
Cybersecurity, Information Security
Protect our information, systems and services - clear risk analysis to secure our community.
As a Security Risk Analyst, you'll provide proactive cyber risk analysis to safeguard our digital systems and protect resident data. We're all in to strengthen our security posture and deliver resilient services for everyone.
Working Style:
You'll be based in the Borough for three days a week, playing a key role in serving the local community. Whether you're working on-site or collaboratively across teams, you'll be part of a dedicated team helping to keep our organisation secure.
Your days will be varied, focusing on providing clear, proactive and evidence-based cyber risk analysis to help us understand, prioritise and manage threats. You'll review updates to the cyber risk register, track agreed actions, identify vulnerabilities and raise concerns when progress slows.
Collaboration is vital, and you'll work closely with ICT, Information Governance, service areas and suppliers to assess risks linked to new systems, contracts, incidents or audits.
Vetting suppliers who handle Council information will be a key responsibility. You'll ensure security questionnaires are completed, evaluate threats and likelihoods and agree practical mitigations while managing the supplier risk system.
Beyond the technical tasks, you'll translate complex issues into clear business language for senior leaders and governance boards, championing strong security practices and helping embed a risk-aware culture across the entire organisation.
What you'll bringYou'll bring a degree in ICT, Computer Science or comparable experience within digital, data and technology, alongside a continuous commitment to professional development.
Experience in cyber security, information risk management or information governance within a complex organisation is essential. You should have a strong understanding of cyber threats, attack vectors and risk assessment frameworks such as the NCSC Cyber Assessment Framework, ISO 27001 or NIST.
Your ability to translate technical risks into clear, business-focused language is crucial, as are your excellent communication and stakeholder engagement skills. You must be proactive, with the analytical depth to manage competing priorities and drive follow-through on risk actions.
A firm understanding of modern technology environments, zero‑trust delivery, incident response and UK public sector regulatory requirements like PSN CoCo and UK GDPR is required, combined with a clear commitment to fairness, integrity and equal opportunities.
Why join usAt RBKC, we're all in – investing in our people, our communities and our future. This new role offers a unique opportunity to make a council-wide impact following a major cyber‑attack, backed by excellent senior buy‑in and upward support. You'll be strategically positioned to shape our security approach from day one.
We support your career growth with competitive pay, continuous training opportunities, flexible working and comprehensive wellbeing perks to ensure you thrive.
New hires will normally start at the minimum of the pay scale. However, a higher starting salary may be negotiated where a candidate demonstrates exceptional skills, knowledge or experience.
Employees receive annual salary increments until they reach the top of the pay scale, as well as any agreed cost of living pay awards.
We are committed to promoting equality and respecting diversity and welcome applications from all sections of the community.
We are a Disability Confident Employer – committed to ensuring that our recruitment and selection process is inclusive and accessible.
We reserve the right to extend or close this vacancy early without warning subject to the volume of suitable applicants.
#J-18808-LjbffrTo Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: