Search
Header navigation
Enterprise Security Risk Analyst

Enterprise Security Risk Analyst

Department for Work and Pensions
remoteHybrid
ExpiresExpires: Expiring in less than 4 weeks
Security
Flexible
£57,946 - £74,005 per year

Job summary

The Enterprise Security Risk Analyst is a senior analytical and leadership role within DWP’s Enterprise Security Risk Management (ESRM) function. The postholder leads one of the department’s four security risk domains — Cyber & Information Security, Personnel Security, Physical Security, or Supply Chain Security — and is responsible for producing high‑quality enterprise‑level security risk assessments that inform decision-making at the highest levels including Director General Finance, the Executive Team, and Departmental Audit & Risk Assurance Committee (DARAC).

This role has evolved in recent years from traditional, system‑based assessments to true enterprise security risk analysis — understanding the big picture, synthesising information, and articulating how security risks could impact the department’s ability to operate, deliver services, maintain resilience, and protect staff, data, and assets.

The postholder leads a small team, orchestrating complex analytical work across multi-layered risk scenarios, and works extensively with senior stakeholders across Digital, Estates, People Safety, Commercial, Risk & Resilience, and wider security stakeholders. Their work directly shapes DWP’s security posture, prioritisation, and investment decisions.

Job description

Lead an Enterprise Security Risk Domain

Hold responsibility for one of four domains (Cyber, Physical, Personnel, Supply Chain).

  • Develop, maintain and lead the production of quarterly Enterprise Security Risk Products for senior leaders.
  • Oversee multi‑layered risk analysis covering threat scenarios, impacts, controls, and residual risk.

Deliver Complex Security Risk Analysis

  • Break down large, ambiguous or abstract security problems into structured analytical components.
  • Gather, evaluate and synthesise information from diverse sources, including digital risk data, system-level risk assessments, threat intelligence, estate vulnerabilities, resilience data and people safety insights.
  • Apply structured analytical methods to generate robust findings, uncertainty judgements, and evidence‑based conclusions.

Influence Decision Makers

  • Produce clear, actionable insights to inform Director General level decision‑making, risk appetite setting, and departmental prioritisation.
  • Articulate business impacts: how risks could affect operations, resilience, service delivery, customer experience, staff safety or data protection.
  • Support senior leaders (for example DWP's Finance Director General (DG) as risk owner) by outlining options, consequences and recommended mitigations.

Stakeholder Leadership and Engagement

  • Build strong relationships with senior stakeholders across Digital, Estates, People Safety, Risk & Resilience, Commercial and wider security teams.
  • Coordinate and convene stakeholders to gather evidence, test assumptions and validate analysis.
  • Ensure alignment across functions and build consensus around risk understanding, mitigations and priorities.

Team Leadership and Delivery Management

  • Lead, mentor and quality‑assure the work of a small team of colleagues.
  • Task and oversee scenario‑level analysis (for example physical estate failure scenarios, cyber resilience scenarios).
  • Shape team capability, drive continuous improvement and support professionalisation of ESRM’s analytical approach.

Strategic and Tactical Risk Support

  • Lead thematic/strategic risk assessments for priority business areas (for example arm’s length bodies).
  • Deliver tactical assessments when the business requests security input on emerging issues (for example reviewing new operating models, or outreach activities).
  • Provide options and recommendations while enabling the business to understand and own its risk decisions.

Given the geographic spread of our team, DWP customers, cross-government stakeholders and industry suppliers, you'll need to be willing to travel to other DWP locations, with periodic overnight stays required.

Person specification

We would love to hear from you if you can demonstrate your skills and experience across all the following essential criteria:

  • Experience providing analysis, risk assessment, or decision support within complex, multi‑team environments — ideally in large organisations with distributed accountabilities — alongside a strong understanding of security or risk principles.
    Transferable experience (such as threat analysis, operational risk, resilience, or intelligence) is equally valuable. No mandatory qualifications are required.
  • Exceptional analytical skills — able to break down complex or ambiguous security or operational problems into structured components, make evidence‑based judgements, and articulate uncertainty clearly.
  • Leadership experience — able to guide and quality‑assure the work of others, support change, and contribute to improving or professionalising a team or function.
  • Ability to understand and communicate business impact — translating security, technical or operational issues into clear consequences for service delivery, resilience, staff safety or organisational performance.
  • Strong stakeholder engagement and influencing capability — able to identify the right stakeholders, gather insight, test assumptions and build shared understanding, including with senior leaders.

Benefits

Alongside your salary of £57,946, Department for Work and Pensions contributes £16,786 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

DWP have a broad benefits package built around your work-life balance which includes:

  • Working patterns to support work/life balance such as job sharing, term-time working, flexi-time and compressed hours.
  • Generous annual leave – at least 23 days on entry, increasing up to 30 days over time (pro–rata for part time employees), plus 9 days public and privilege leave.
  • Support for financial wellbeing, including interest-free season ticket loans for travel, a cycle to work scheme and an employee discount scheme.
  • Health and wellbeing support including our Employee Assistance Programme for specialist advice and counselling and the opportunity to join HASSRA a first-class programme of competitions, activities and benefits for its members (subscription payable monthly).
  • Family friendly policies including enhanced maternity and shared parental leave pay after 1 year’s continuous service.
  • Funded learning and development to support progress in your role and career. This includes industry recognised qualifications and accreditations, coaching, mentoring and talent development programmes.
  • An inclusive and diverse environment with opportunities to join professional and interpersonal networks including Women’s Network, National Race Network, National Disability Network (THRIVE) and many more.

Hybrid Working

This role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home. This is a voluntary, non-contractual arrangement and your office will be your contractual place of work.

If a hybrid working arrangement is suitable for the role and for you, you will normally be required to spend a minimum of 60% of your contracted working hours from your DWP office.

If you have a disability, caring responsibilities, or other circumstances that may affect your ability to meet the minimum office attendance requirement, please discuss this with us using the contact details in this advert.

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

Your application will consist of the following:
  1. A completed Personal Details application form
  2. Successful completion of the required numeracy and judgement online tests
  3. A curriculum vitae (CV) that includes your full employment history and demonstrates your skills and experience across all of the essential criteria (listed below) relevant to this role, giving details of key achievements, including details of the work and projects you have been involved in.

    Experience providing analysis, risk assessment, or decision support within complex, multi‑team environments — ideally in large organisations with distributed accountabilities — alongside a strong understanding of security or risk principles.
    Transferable experience (such as threat analysis, operational risk, resilience, or intelligence) is equally valuable. No mandatory qualifications required.

    Exceptional analytical skills — able to break down complex or ambiguous security or operational problems into structured components, make evidence‑based judgements, and articulate uncertainty clearly.

    Leadership experience — able to guide and quality‑assure the work of others, support change, and contribute to improving or professionalising a team or function.

    Ability to understand and communicate business impact — translating security, technical or operational issues into clear consequences for service delivery, resilience, staff safety or organisational performance.

    Strong stakeholder engagement and influencing capability — able to identify the right stakeholders, gather insight, test assumptions and build shared understanding, including with senior leaders.

  4. Personal Statement of up to 500 words that describes a time when you strengthened or embedded analytical rigour within a complex organisation, explaining how you led the change, improved data‑driven decision‑making, and influenced stakeholders to adopt the new approach..
  5. If you are successful at the sift stage you will be invited to a face-to-face interview. Prior to participating in this interview you will be expected to complete an in-tray exercise. The in-tray exercise and face-to-face interview will both happen on the same day, with the in-tray exercise being first.

We are not looking at how much time you have spent in a job, where relevant, but rather how you have performed. Your Personal Statement must show demonstrable evidence of what you did, how you did it, and what outcome was achieved. This should include the impact of your approach and evidence of your ability to take forward different approaches in different circumstances.

The standards detailed in the Person Specification are the minimum expectations for the role and only candidates with the strongest evidence will be invited to interview. Candidates will have to meet the standard for all criteria to progress to interview.

Application & Sift

After submission of the first stage of your application you will be invited to complete a Civil Service Judgement Test, and Civil Service Numerical Test. If you successfully pass the test, you will be invited to complete the final stage of the application.

Please complete the online tests as soon as possible (within 24-48 hours is recommended), the closing date for the tests is 23:55 on 13th April 2026. If you fail to complete the online test before the deadline your application will be withdrawn. Guidance for the test will be available when you are invited to take the test. The tests are administered online and accessed via the CS Jobs website.

Once you have submitted your completed application, both your CV and Personal Statement will be scored and you will receive one overall score.

The benchmark for candidates to proceed to the next stage may also be raised. In line with our commitment to the Disability Confident Scheme (DCS), we aim to advance all candidates applying under the DCS who meet the minimum standard. However, we may only progress those candidates who best meet the required standards.

Your statement must not exceed 500 words, and you are advised to take advantage of the full word count.

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide must relate to your own experiences. If evidence of plagiarism, or sharing of questions, information or answers throughout any part of the selection process is found, your application will be withdrawn. Examples of plagiarism can include:

  • Presenting the work, ideas and experience of others as your own
  • Copying content from an online/published source
  • Using forms of Artificial Intelligence to produce application content which you present as your own.

We recognise that AI may be helpful when applying for this role, but it is important to use it in the right way. Read the Artificial intelligence and recruitment , Civil Service Careers to understand how you can make the best use of AI while ensuring your application remains authentic and effective.

Interview Stage

If you are successful at the sift stage you will be invited to a face-to-face interview. Prior to participating in this interview you will be expected to complete an in-tray exercise. The in-tray exercise and face-to-face interview will both happen on the same day, with the in-tray exercise being first.

Sift and interview dates to be confirmed.

If you cannot attend an interview on any of the dates offered please get in touch with us.

Postings

Postings will be made in merit order.

Standard promotion rules will apply, and successful candidates will be placed on the pay scale and terms and conditions of DWP.

Offers of employment: Following the interview stage, should you not reach the required standard for the advertised G7 role, we may be able to offer you a role which would be a grade below the advertised post under our “Near Miss” process. Any candidates falling into this category will be contacted once the interview results have been released. You will be asked to indicate if you are interested when completing your application.

Further Information​

At the Department for Work and Pensions (DWP) we value diversity and inclusion and actively encourage and welcome applications from everyone, including those that are underrepresented in our workforce.

Find out more about working for DWP on the DWP Careers Hub.

Reserve List

A reserve list may be held for a period of 6 months from which further appointments can be made.

If you are placed on a reserve list but we cannot immediately offer you a post, please note:

  • If you are later offered the role you applied for, in a location you have expressed a preference for, and you decline the offer or are unable to take up the post within a reasonable timeframe you will be withdrawn from the campaign and removed from the reserve list, other than in exceptional circumstances (e.g. a contractual Part Time Working Pattern cannot be accommodated in the initial role offered or in cases of serious ill health).
  • If DWP makes an offer of an alternative role or location to that which you originally applied for, and you decline that offer, you will be able to remain on the reserve list.

Disability Confident Scheme

If high application volumes are received, the benchmark for candidates to proceed to the next stage may be raised. In line with our commitment to the Disability Confident Scheme (DCS), we aim to advance all candidates applying under the DCS who meet the minimum standard. However, we may only progress those candidates who best meet the required standards.

Reasonable Adjustments

We consider visible and non-visible disabilities, neurodiversity or learning differences, chronic medical conditions, or mental ill health. Examples include dyslexia, epilepsy, autism, chronic fatigue, or schizophrenia.

If you need a change to be made so that you can make your application, you should contact the Government Recruitment Service via DWPRecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs.

Complete the “Reasonable Adjustments” section in the “Additional requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

Integrity, plagiarism and Civil Service Principles

The Civil Service values honesty and integrity and expects all candidates to abide by these principles.

Please ensure that all examples provided in your application are taken directly from your own experience and that you describe the examples in your own words.

Examples of plagiarism can include:

  • Presenting the work, ideas and experience of others as your own
  • Copying content or answers from an online or published source that is not your own

Disclosure and Barring Service and Internal Fraud Database Checks

In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf.

However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading.

For further information on the Disclosure Scotland confidential checking service telephone: the Disclosure Scotland Helpline on 0870 609 6006 and ask to speak to the operations manager in confidence, or email Info@disclosurescotland.co.uk

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment. A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

If successful and transferring from another Government Department, a criminal record check will be carried out.

Important

New entrants are expected to join on the minimum of the pay band.

Before applying for this vacancy, current employees of DWP should check whether a successful application would result in changes to their terms & conditions of employment, e.g. mobility, pay, allowances. If you are a current employee and are successful you must be able to be released from your current post within four weeks.

Those on protected TUPE/ COSoP terms and conditions applying on promotion or voluntary permanent level move will adopt DWP’s Terms and Conditions and this may have a different impact on pay and allowances. Please review this prior to acceptance of a role.

Civil Servants that would transfer into DWP from other government organisations, following successful application, will assume DWP's terms & conditions of employment current on the day they are posted, unless DWP has stated otherwise in writing. Accepting a post will be taken to mean acceptance of revised terms & conditions.

Civil Servants applying on promotion will usually be appointed to the salary minimum or within 10% of existing salary.

Any move to DWP from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may, however, be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at the Childcare Choices Website.

For further information on National Security Vetting please visit the Demystifying Vetting website.

Feedback



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

Recruitment team

Further information

Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DWP by email: HR.BUSINESSASSURANCE@DWP.GOV.UK.
If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission. Click here to visit the Civil Service Commission.

Attachments

DWP Terms and Conditions January 2024 Opens in new window (docx, 17kB)Success-Profiles-Candidate-Overview Opens in new window (pdf, 635kB)

Salary range

  • £57,946 - £74,005 per year