Information Security Governance, Risk and Assurance Lead
Listed on 2026-07-17
-
IT/Tech
Cybersecurity, Information Security
Salary: £46,743
Band: UKRI Band E
Contract Type: Open Ended – Permanent
Hours: Full-time (Compressed hours & flexible working patterns available)
Location: Keyworth, Nottingham or Polaris House, Swindon
- Hybrid working available
Closing Date: Sunday 19th July 2026
Step into the world where cutting‑edge science meets robust information security. Protect the technology that powers groundbreaking discoveries and be part of the team that safeguards the future of Big Science. Here, you’ll collaborate with leading engineers, researchers, and technologists to tackle the most pressing security challenges in a fast‑paced, innovative environment. Every day offers you the chance to defend vital data and systems, ensuring that the pursuit of scientific excellence continues securely and seamlessly.
Discover the difference you can make when you bring your expertise in information security to an organisation at the forefront of global research – working alongside some of the brightest minds and most advanced facilities in the world.
SecurityAs a minimum, due to the nature of this role, candidates must be eligible for clearance in line with UK National vetting guidelines and willing to undertake the process. Please indicate eligibility in the written submission. Candidates not meeting this level of clearance will not be considered.
The level of clearance required is security check.
About the roleThe UKRI CIO Group plays a pivotal role in managing and optimising the organisations critical enterprise technical services that underpin and enable UKRI’s business capabilities. Within the group a team of Information Security Professionals support the delivery of modern, secure, resilient and scalable services across a larger federated team of Digital, Data and Technology professionals to deliver impact across the organisation and the wider UK research and innovation system.
Join us for this rare opportunity to apply your expertise in information security in a dynamic, fast‑paced security operational, risk, compliance and assurance role in an organisation at the heart of research and innovation in the UK. Working as part of a team of technical specialists, your broad remit is to drive the implementation of our ambitious information security roadmap and support the Information Security Governance and Risk Manager and Head of Information Security to mature our information security function.
This Band E role focuses on strengthening governance, risk management and assurance across UKRI’s security operations, ensuring that information assets remain protected, risks are understood and mitigated, and security processes operate effectively across a complex federated environment.
- Operate and enhance UKRI’s security governance, risk and assurance framework, ensuring controls remain appropriate, effective and aligned to organisational risk.
- Perform security risk assessments for systems, services, projects and suppliers, producing clear risk treatment recommendations.
- Lead the coordination and delivery of assurance activities across operational security domains (e.g., SOC processes, vulnerability management, incident response, identity and access management).
- Monitor operational security performance, control effectiveness and compliance against internal policies and external frameworks including NIST CSF, ISO 27001 and the Government Cyber Assessment Framework.
- Manage and improve processes for evidence gathering, audit preparation, remediation planning and control validation.
- Conduct gap analyses following audits, incidents or assessments, ensuring remediation actions are tracked and delivered.
- Work closely with technology teams and service owners to integrate good governance and risk practices into operational workflows ("secure by design").
- Provide specialist advice to operational teams on risk, compliance obligations, and best‑practice implementation.
- Produce enterprise‑level assurance reporting, including metrics, dashboards and trend analysis to support senior decision‑making.
The below criteria will be scored during Shortlisting (S), Interview (I) or both (S&I).
Applicants will be able to…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: