Cyber Security and Risk Management Principal

Role summary

Cyber Security Governance and Risk Management is the monitoring of compliance with agreed cyber security policies and the assessment and management of relevant risk

Role expectations

At this role level, you will:

• Lead and undertake risk management activities against the hardest or most novel scenarios, while applying the fundamental principles of risk management to a range of
  complex scenarios, and lead regulatory or legislative compliance activities
  
• Guide and direct specialist activities of others, actively promoting development in the applicable skills, providing leadership to other risk managers, and sharing best practice
  widely across government, the public sector, and industry
  
• Lead the analysis and derivation of complex security needs
  
• Lead Cyber Security related risk assessments and other expert risk management activities, including providing guidance on establishing the organisation’s Cyber Security related governance arrangements
  
• Provide guidance to ensure ongoing confidence that fundamental organisational security needs have been met, including integrating a range of assurance approaches and
  techniques to give continued confidence to the risk, service or system owner
  
• Shape leadership decision-making through:
  
  • effective reporting and communication regarding the effectiveness of security processes across an organisation
    
  • providing recommendations to highly complex problems
    
  • acting as an SME for complex cyber risk management concerns, issues and problems

Accreditation skills

Accreditation level – Chartered

For information on accreditation, see UK Cyber Security Council – Standard of Professional Competence and Commitment: Cyber Security Governance and Risk Management

Learning pathway

• MGT514: Security Strategic Planning, Policy and Leadership
• MGT512: Security Leadership Essentials for Managers