×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Secure Design Lead & Cyber Risk Advisor

Job in Newcastle upon Tyne, Newcastle, Tyne and Wear, SY7, England, UK
Listing for: DXC Technology Inc.
Full Time position
Listed on 2026-02-21
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Secure by Design Lead & Cyber Risk Advisor
Location: Newcastle upon Tyne

Job Description

We are seeking an experienced Secure by Design Lead & Cyber Risk Advisor to drive Secure by Design practices across a portfolio of MOD and Public Sector digital services. You will lead risk identification, mitigation, and assurance activities, ensuring that products and services are designed, built, and operated securely while aligned with organisational and Authority risk appetites.

This role requires deep understanding of cyber risk methodologies, excellent communication skills, and the ability to guide multi‑disciplinary teams through Secure by Design processes  will act as the primary advisor on cyber risk and SbD compliance, producing concise, decision‑ready outputs and leading security assurance activities.

Key Responsibilities Secure by Design Leadership
  • Lead Secure by Design discovery and assessment activities across digital services and portfolios.
  • Provide Secure by Design risk and security assurance functions within MOD/Public Sector accounts.
  • Define pragmatic security control expectations aligned to service context and business risk appetite.
  • Coach delivery teams to adopt secure working practices in Agile and iterative environments without impeding delivery speed.
Risk Assessment & Threat Modelling
  • Conduct cyber risk assessments using NIST 800‑30/37 (rev.
    5)    ,
    ISO 27005
    , and NIST Cyber Security Framework (CSF).
  • Perform threat modelling using STRIDE
    , attack trees
    , and other contemporary analytical methods.
  • Identify vulnerabilities, threats, impacts, and control gaps to inform risk treatment decisions.
  • Carry out technical and control‑based risk assessments, incorporating outcomes of architecture reviews and testing activities.
Risk Treatment & Remediation Planning
  • Develop actionable, prioritised risk remediation plans
    , including responsibilities, timelines, and mitigation steps.
  • Provide pragmatic and business‑aligned risk remediation guidance
    , balancing operational needs with security obligations.
  • Work closely with risk owners and technical leads to negotiate and agree treatment strategies.
Governance, Assurance & Reporting
  • Support governance and assurance forums by articulating risk, mitigation options, and residual exposure.
  • Produce concise, informative documentation including:
    • Risk assessment reports
    • Threat modelling outputs
    • Vulnerability and control analysis
    • Residual risk statements
    • Secure by Design compliance evidence
  • Validate that required control patterns, assurance activities, and security testing have been completed.
Stakeholder Collaboration & Workshops
  • Facilitate security, risk, and threat modelling workshops with multi‑disciplinary teams and Authority stakeholders.
  • Engage with business and technical stakeholders to ensure alignment with broader transformation goals and regulatory requirements.
  • Work with MOD/Public Sector teams to ensure security expectations and compliance obligations are met.
Compliance & Evidence Production
  • Identify, collect, and review evidence demonstrating compliance with Secure by Design principles.
  • Produce documentation including:
    • Risk assessments
    • Security testing results
    • Evidence packs for Secure by Design compliance
    • Residual risk reports
Leadership, Coaching & Knowledge Sharing
  • Mentor junior consultants, technical specialists, stakeholders and program across multiple business units.
  • Produce and deliver awareness sessions on Secure by Design, secure development, governance, and best practice.
  • Promote a culture of continuous security improvement.
Skills & Experience Required Essential
  • Eligibility for UK security clearance
  • Proven experience leading Secure by Design across portfolios or multiple digital services.
  • Strong experience supporting MOD
    , Defence, or UK Public Sector clients.
  • Deep expertise in cybersecurity risk frameworks including:
    • NIST 800‑30/37
    • ISO 27005
    • NIST CSF
  • Demonstrated ability to facilitate structured threat modelling (STRIDE, attack trees).
  • Highly skilled in producing clear, concise, decision‑focused reporting for senior stakeholders.
  • Strong capability in running governance, risk, and assurance activities.
  • Experience working with Agile, Dev Ops, and multi‑disciplinary delivery teams.
  • Excellent stakeholder management and communication skills.
  • Experience in Secure by…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search