Principal Security Risk & Assurance Consultant

Principal Cyber Risk Management & Assurance Advisor

Clearance Level: SC Location: UK (Flexible / Remote options)Salary: Competitive + Benefits

A growing UK digital and cybersecurity organisation is seeking a Principal Cyber Risk Management & Assurance Advisor to join their senior team. This is a high-impact role providing expert cyber risk management, assurance, and architectural guidance across major applications and digital services.

Key Responsibilities

  • Lead cyber and information security risk management and assurance across digital services during alpha, beta, and early live phases.

  • Conduct critical security assessments and IT Health Checks, ensuring SaaS tools comply with NCSC Cloud Security Principles.

  • Facilitate and oversee Security Working Groups, ensuring risks are captured, tracked, and reported with clear, actionable recommendations.

  • Prepare formal risk assessments and risk treatment plans, ensuring digital services operate within defined risk appetites.

  • Advise on Secure by Design policies, covering secure coding, regulatory compliance frameworks (e.g., OWASP, DPIA, GovAssure), and safe AI use.

  • Coordinate cross-platform activities to support secure delivery of digital services, including incident management and ongoing improvements.

  • Provide regular and ad-hoc risk briefings to senior leaders, highlighting critical risks, mapping exposure, and recommending mitigations.

  • Mentor and train digital service teams and Information Security staff, building capability and expertise across the organisation.

  • Oversee the implementation and use of risk management tools, ensuring all data is accurate and up-to-date.

  • Engage with internal and external stakeholders to promote a strong security culture and enable confident delivery.

  • Take on future line management responsibilities as the team grows.

About You

  • Extensive experience delivering high-quality cyber risk assessments and assurance in complex digital environments, preferably in government or critical infrastructure.

  • Strong knowledge of cyber risk management, threat modelling, security architecture, and IT Health Checks, including experience with SaaS and cloud security.

  • Skilled at applying cyber security standards, regulatory frameworks, and secure-by-design principles in multi-disciplinary teams.

  • Confident self-starter, capable of working independently and collaboratively.

  • Proven ability to build cross-functional relationships, lead security initiatives, and influence senior stakeholders.

  • Excellent written and verbal communication, able to convey technical findings as clear, actionable recommendations.

  • Committed to continuous learning and developing others through mentoring and capability-building.

  • Ability to assess emerging technology risks (AI, SaaS, cloud) and recommend proactive security measures.

  • Understanding of organisational values such as respect, collaboration, inclusivity, with a focus on public service ethos.

Qualifications / Certifications

  • Relevant industry certifications (e.g., CISSP) or a Master's degree in a relevant discipline.

Apply Now
Apply Now

Job Details

Company
Tank Recruitment
Location
Bristol, Avon, England, United Kingdom
Employment Type
Full-Time
Salary
£70,000 - £85,000 per annum
Posted