Critical National Infrastructure Senior Advisor

CNIS Threat Intelligence & Risk role

you will turn government and sector threat intelligence into actionable organisational posture; maintain the enterprise CNIS risk register and cross business view. Key responsibilities will include:

• Receive/triage threat briefings (government/sector); set and communicate posture levels.
• Run horizon scanning; produce periodic threat/risk reports to internal key stakeholders.
• Own risk methodology, scoring, tolerances; ensure consistent application across the business.
• Coordinate risk prioritisation and remediation plans within the business.
• building effective partnerships to jointly manage risks, and with internal and external organisations,
• able to work with senior people, manage multiple priorities, and competing demands on yourself and the team
• experience of stakeholder management, with clear communication and engagement skills
• There is a conditional requirement to achieve Developed Vetting (DV) level of National Security Vetting

Are you an inspirational and collaborative leader with technical security knowledge? Are you keen to use your skills to protect the organisation, our assets, and our employees?

As one of two Critical National Infrastructure and Systems (CNIS) Senior Advisors you will be working in a small team who will provide strategic leadership, consistent standards, and expert capability across physical, personnel, cyber, and supply chain security for CNIS. They will ensure compliance with national security obligations, resilience, and manage risk.

We are recruiting for two roles; CNIS Policy and Standards Senior Advisor, and a Threat Intelligence and Risk Senior Advisor.

you will design, publish, and maintain CNIS standards and procedures; ensure alignment with existing asset management and corporate policies.

Key responsibilities include:

• Draft and update CNIS policy, standards; maintain control framework & document library.
• Map standards to asset lifecycle (design, build, operate, decommission), working with internal teams to integrate into asset management policy and procedures.
• Define control assurance methods and evidence requirements; run annual policy reviews.
• Conduct gap analyses; drive corrective action with the business.

you will turn government and sector threat intelligence into actionable organisational posture; maintain the enterprise CNIS risk register and cross business view. Key responsibilities will include:

• Receive/triage threat briefings (government/sector); set and communicate posture levels.
• Run horizon scanning; produce periodic threat/risk reports to internal key stakeholders.
• Own risk methodology, scoring, tolerances; ensure consistent application across the business.
• Coordinate risk prioritisation and remediation plans within the business.

You will be part of a small team within the Corporate Management, Assurance, and Security team, who are focused on protecting and empowering the organisation to function effectively and be resilient. You will be a centre of excellence providing consistent standards and assurance for the organisation on CNIS.

The team manages a diverse work, are very welcoming and you will have the opportunity to gain a wide range of experience of key activities.

• 7 or more years in security governance, with an understanding of physical, personnel, cyber/operational technology, security, or 7 or more years in risk/threat intelligence and analytical capability with an understanding of physical, personnel, cyber/operational technology
• proven leadership skills to achieve outcomes, promote partnership, influence, and inspire others
• building effective partnerships to jointly manage risks, and with internal and external organisations,
• able to work with senior people, manage multiple priorities, and competing demands on yourself and the team
• experience of stakeholder management, with clear communication and engagement skills
• There is a conditional requirement to achieve Developed Vetting (DV) level of National Security Vetting

Everyone that joins us is required to undertake training and participate in incident response duties when needed. An incident role is an essential part of working for the Environment Agency, how we help communities and prevent harm to the environment.

Further information on incident response can be found within your candidate pack.

There will be an informal session to hear more about the role and ask questions on Friday 12th June . For further details please contact Emma Young  to join the session or receive a transcript of the session.

Interviews are scheduled to take place from week commencing 29th June 2026.

To apply for this post, please provide examples for each of the competencies below.

Competence 1

Builds and Sustains Relationships

Description

Key to your success in this role will be your ability to work well with others. Please give an example of a time when you built a strong…