AMS PSR

On behalf of DCMS we are looking for a Cyber Risk and Assurance Manager (Inside IR35) for a 3 month contract. Remote working.

DCMS is seeking three experienced Cyber Risk and Assurance Managers to join our team for a critical, high-tempo 3-month engagement. You will be instrumental in meeting government-wide cyber resilience targets by driving the assurance process for multiple Arms-Length Bodies (ALBs) under the Government Cyber Assurance Framework (GovAssure).

The purpose of this role is to act as the primary assurance lead for one or more DCMS ALBs, responsible for the integrity and accuracy of their WebCAF submissions.

As a Cyber Risk and Assurance Manager your main responsibilities will be to:

• Review and assure the quality of the ALB's GovAssure WebCAF submissions against NCSC's Cyber Assessment Framework (CAF) requirements.
• Work independently with a designated ALB to interrogate evidence submitted via the WebCAF platform, challenging and validating the assessment of security controls.
• Collaborate directly with the ALB to develop a robust, prioritised Targeted Improvement Plan (TIP), ensuring it is ready for formal submission to Government Digital Service (GDS) to meet all stages of GovAssure before contract end.
• Report weekly on progress, key findings, and identified risks and blockers to the DCMS Lead Cyber Risk and Assurance Analyst.

Essential:

• An active SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. (Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.) 
• Demonstrable, in-depth experience in reviewing security submissions against formal standards such as ISO 27001, Cyber Essentials, or SOC 2 Type II.
• Proven experience in the development and articulation of risk management strategies and targeted improvement plans to enhance organisational cyber security.
• Strong stakeholder management and communication skills.

Desirable:

• Practical working knowledge of the NCSC Cyber Assessment Framework (CAF) or previous experience reviewing CAF submissions.
• Previous experience working within an HMG department or public body.
• Hold relevant lead auditor or risk management certifications (e.g., ISO 27001 Lead Auditor, CISSP, CISM, CRISC).

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident 

As a member of the Disability Confident Scheme, DCMS guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".