×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security IT Consultant

Information Assurance and Risk Manager

Job in Cardiff, Cardiff City Area, CF10, Wales, UK
Listing for: British Transport Police
Full Time, Contract position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 55310 GBP Yearly GBP 55310.00 YEAR
Job Description & How to Apply Below

Job Introduction

Salary: £55,310.87 per annum with yearly increments based on performance.

Contract Type:
Permanent

Location:

Cardiff, Wales

Type of Working Arrangement:
Blended approach of home and office-working is available – a minimum of two days per week to be worked in the office.

Hours:

This is a full‑time role (37 hours per week).

British Transport Police (BTP) is the national police force for the rail network throughout Great Britain. We are the ‘Guardians of the Railway,’ putting passenger safety at the heart of what we do. Our values are simply:
We Care, We Do the Right Thing, We Strive to Be Better Every Day, We Are One BTP, and We Are Proud to Protect. Join us and help create an environment where we can all be our best every day.

The Opportunity

British Transport Police has an opportunity for an Information Assurance & Risk Manager to join the Information Management Department
. As an Information Assurance & Risk Manager with BTP, you will provide strategic leadership and operational delivery of the organisation’s Information, Risk and Assurance. You will play a pivotal role in ensuring BTP maintains a robust Information Security Management System (ISMS), aligned with national policing and industry standards, while embedding a culture of compliance, continuous improvement, and proactive risk mitigation across the organisation.

You will also lead and develop a team of Governance, Risk and Compliance Officers, providing coaching, direction, and oversight to support high performance and professional growth.

What You’ll Be Doing
  • Strategic Leadership & Governance – Lead the development and continuous improvement of BTP’s Information Security Management System (ISMS), ensuring alignment with national policing and industry standards, and act as the senior lead for information assurance governance and strategy.
  • Risk & Incident Management – Oversee the identification, assessment, and mitigation of information risks across BTP, maintain the organisational Information Management risk register, and lead the force‑wide incident response process in line with national guidance.
  • Policy & Compliance Oversight – Develop and govern information security policies, ensuring compliance with GDPR, DPA 2018, and national standards, and monitor adherence through audits and assurance activities.
  • Third‑Party Assurance – Manage third‑party risk using the NPCC TPAP framework, ensuring suppliers meet BTP’s security standards and reporting compliance to governance boards.
  • Team Leadership & Development – Lead, coach, and support the GRC team, fostering a high‑performance culture, promoting agile working, and enabling cross‑functional collaboration.
  • Strategic Reporting & Liaison – Prepare strategic advice and reports for senior stakeholders, act as BTP’s Crypto Custodian, and liaise with national bodies including Police Digital Services and the Police Information Assurance Board.
What You’ll Bring To The Team
  • Qualifications & Training – Educated to degree level (or equivalent experience) in a relevant discipline, with professional certifications including CISMP, CISSP, and GDPR/Data Protection.
  • Experience – Significant experience in information security, risk management, and compliance within a complex or regulated environment—ideally policing or public sector. Proven track record in developing governance frameworks, managing third‑party assurance, and leading audits and accreditation processes.
  • Skills – Strong analytical and communication skills, with the ability to translate complex technical concepts into clear guidance for non‑technical audiences. Skilled in stakeholder engagement working closely with colleagues in Technology, policy development, and embedding compliance through audits and risk assessments.
  • Leadership – Demonstrable ability to lead and develop high‑performing teams, drive change, and embed new ways of working. Experience in coaching and supporting professional growth within a governance or compliance function.
  • Knowledge – Deep understanding of ISO/IEC 27001, GDPR, and national security standards (e.g. NCSC, NPCC). Solid working knowledge of cryptographic controls, accreditation processes, and assurance…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search