×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Cyber Strategy and Policy Team Lead

Job in Nottingham, Nottinghamshire, NG1, England, UK
Listing for: Trades Workforce Solutions
Full Time position
Listed on 2026-01-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Profile

Title:

Strategy & Policy Team Lead

Reports to:

Deputy CISO

Job Family: TBC

Capability: TBC

Function/Division:
Cyber Security>

Grade:

JOB PURPOSE

The Strategy & Policy Team Lead plays a key role in supporting the Deputy CISO by overseeing strategic cyber security initiatives, refining governance processes, fostering cross-functional collaboration, and strengthening communication across the organisation. This role also drives the development of security awareness, education, and culture throughout the business.

Acting as a trusted advisor and liaison, the Team Lead helps align cyber risk management, compliance efforts, and leadership engagement. They contribute to shaping the broader cyber security strategy and enhancing CS&IA’s long-term capability and resource planning. Additionally, they promote risk awareness and translate strategic security objectives into actionable insights for senior leadership.

PRINCIPAL

ACCOUNTABILITIES
  • Drive continuous improvement of cyber security processes, controls, and metrics to enhance resilience and reduce risk.
  • Support the Deputy CISO in shaping and delivering the cyber security strategy, including talent planning and resource coordination.
  • Coordinate governance boards and meetings, and prepare executive briefings, board papers, and stakeholder presentations.
  • Act as a key liaison with NDA, GICC, and other oversight bodies, managing cross-cutting issues and urgent priorities.
  • Develop and maintain cyber security policies, standards, and procedures, ensuring alignment with regulatory and organisational requirements.
  • Maintain the cyber risk register and ensure accurate reporting of key metrics, maturity indicators, and dashboards for leadership.
  • Lead internal cyber awareness campaigns and training initiatives to embed a strong security culture.
  • Enhance governance processes, documentation standards, and operational workflows.
  • Promote automation and innovation in compliance and assurance activities to improve efficiency and transparency.
AUTHORITIES & DIMENSIONS
  • Directly manages a team of three within the Cyber Security Strategy & Policy function.
  • Provides technical leadership across all CS&IA security domains, ensuring alignment with strategic objectives.
  • Influences up to 16,000 personnel through the development and implementation of cyber security policy, risk management, and assurance across both IT and OT environments.
  • Safeguards enterprise reputation by proactively managing and communicating cyber risks in collaboration with the CS&IA team, particularly in a landscape of increasing public, regulatory, and stakeholder scrutiny.
KNOWLEDGE SKILLS & EXPERIENCE Essential
  • Proven experience in drafting, reviewing, and implementing cyber security policies, procedures, and standards.
  • Degree or equivalent professional experience in cyber security, information assurance, risk management, or a related discipline.
  • Strong understanding of cyber risk management, including qualitative and quantitative risk assessments and maintenance of risk registers.
  • Demonstrated ability to develop and track cyber security metrics, including dashboards and reporting for senior executives and governance forums.
  • Familiarity with regulatory and legislative frameworks such as ONR SyAPs, CAF, NIS/NIS2, DPA, and GDPR.
  • Experienced in engaging a wide range of stakeholders, including technical teams, business units, and risk, audit, and compliance functions.
  • Proficient in data visualisation tools such as Power BI, Excel, and Service Now dashboards.
  • Experience supporting cyber security awareness and culture change initiatives, including campaigns, briefings, and training delivery.
Desirable
  • Experience in the nuclear, critical national infrastructure, or similarly regulated sectors.
  • Knowledge of information security frameworks and standards (e.g., ISO/IEC 27001, ISO 27005, NIST CSF, CAF, NIST SP 800-53, CIS Controls).
  • Familiarity with enterprise risk management frameworks and integration of cyber risk into broader business risk processes.
  • Understanding of assurance models (1st, 2nd, 3rd line) and their application in cyber security.
  • Experience with supplier assurance frameworks and third‑party risk management tools.
  • Experience…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search