ABOUT YOU

We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry
The ideal candidate will have a relevant degree in Risk Management, Finance, Business, or a related field, or appropriate business experience, along with active CRISC or 27005 Risk Manager certification
You should have a minimum of 5 years or demonstrated experience in a governance, risk, or compliance role within an information security context
Strong analytical and problem-solving abilities, excellent written and verbal communication skills, and proficiency in risk management software and MS Office Suite are essential
You should be detail-oriented with strong organisational and project management skills, and able to work well in a team-oriented environment and build relationships with stakeholders
If you would like to know more about this opportunity and what will make you successful, please see the full job description attached to the bottom of this vacancy on our careers site.

WHY JOIN US

Joining us is your opportunity to pursue potential. You’ll belong to a collaborative team that’s exploring new and better ways to serve students, teachers and researchers across the globe – for the benefit of individuals, society and the world. Sharing our mission will inspire your own growth, development and progress, in an environment which embraces difference, change and aspiration.
Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it’s safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background.
We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities.

LI-SW

The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment’s security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework.

Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation’s priorities. They will also take the lead on key initiatives to reduce the organisation’s risk exposure, delivering critical risk insights, reports

• Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation.
• Implement controls to mitigate risks and ensure effective execution.
• Manage and support the Security Risk Manager. Prepare and present regular risk reports for senior management.
• Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements.
• Monitor industry trends and best practices.
• Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions.
• Provide risk management training and develop a risk-aware culture.
• Support the development of security risk policies and frameworks.
• Collect data for risk assessments and foster a collaborative risk management approach. Provide risk management input on key projects.
• Represent the organisation in industry forums.