Job title: SECURITY AND RISK MANAGER

The Challenge:

Would you like to be at the heart of a Company developing innovative and transformative ideas? Are you interested in being part of a team that identifies how space technology can address UK and global societal challenges? Do you want a Security and Risk Management position which will make a real difference? If so, you may be who we’re looking for!

We are currently seeking a SECURITY & RISK MANAGER to work in our Governance and Risk Team. Working collaboratively, you will be responsible for developing, maintaining and continuously improving our Security and Risk capabilities to protect our organisation’s people and assets (physical and digital).

This role involves assessing potential risks, developing strategies to mitigate these risks, and ensuring compliance with relevant laws, regulations, and industry standards. The Security and Risk Manager will work closely with various departments to ensure that all security protocols are adhered to, and that the organisation is prepared to respond to any potential threats.

Reporting to the Head of Effectiveness, you will be a key point of contact for our internal stakeholders for security and risk across the Catapult. You will work alongside our IT, Finance, People and Facilities teams, to manage the corporate security framework (physical, information, and cyber) including ownership and maintenance of all associated policies and procedures. 

This a highly networked role that requires an ability to work under pressure and to challenging deadlines. The role is based at our Harwell office with occasional attendance at our offices in Westcott also required. There is flexibility to work from home.

Please note, the role does not have any direct reports.

Key Responsibilities:

Security Management

• Developing and implementing robust security strategies and policies to protect the Catapult’s employees and assets.

• Monitoring of new security threats (physical, people, and cyber) and provision of appropriate risk mitigation plans (in conjunction with HR / IT / facilities teams).

• Providing guidance to Catapult staff on security and wider risks at sites across the UK and overseas.

• Ownership and management of our Travel Policy and associated procedures. Providing guidance to bids and projects, on travel safety and security advice for UK and overseas activities.

• Assessing potential risks and vulnerabilities, investigating security breaches and reinforcing appropriate measures to mitigate them.

• Conducting regular security assessments, audits and inspections to identify gaps and areas for improvement.

 Information Security

• Management of Catapult’s staff security vetting process (BPSS; SC; DV etc).

• Leadership of the company's document and information classification framework, including compliance with any external regulations (e.g. Government Security Classifications) and any associated accreditations.

• Leadership of data protection and GDPR compliance and associated activities such as Subject Access Requests and data breaches.

• Providing support and recommendations to relevant accreditations.

  Risk management

• Provision of security risk management input to corporate risk, bids and projects.

• Working alongside the Head of Effectiveness, ongoing management of the company's corporate risk management framework including maintenance of all associated policies and procedures.

• Ensuring that an up-to-date corporate risk register is maintained, providing guidance to stakeholders across the organisation on risk identification, management and mitigation.

• Ownership and maintenance of the company's Business Continuity and Disaster Recovery plans, and working with key stakeholders to ensure an appropriate level of business readiness.

 Staff Development

• Fostering a culture of security awareness and training employees on security policies and procedures. 

Skills & Experience required:

• Experience with identifying and addressing security threats and vulnerabilities.

• Experience in developing, implementing, communicating and enforcing security policies and procedures.

• Proven track record of successfully managing risk in a complex organisation.

• Broad knowledge of security, controls, risk & compliance standards and frameworks e.g. ISO27001

• Knowledge of document classification regulations.

• Knowledge of data protection regulations.

   How we work….

We strive to create a high trust, high performance and inclusive environment that enables team members to bring their whole selves to work – this helps to create the foundations of an innovation culture. Our shared values are critical to this:

• We care - for our people, our partners, and our planet

• We connect - and engage with people and ideas

• We learn - and grow, as people and as an industry

Underpinning this is our belief in great teams, our combined efforts will always deliver outcomes beyond that of anyone providing we are honest through debate, experiment and reflect, and create shared resolutions in support of our purpose. Live these values, work to our principles, take ownership to deliver, and we are certain you will thrive with us.

This job description set outs the skills and experience we think are needed to be able to perform in this job. However, if you believe you can deliver in this role then we want to hear from you.

Important notice for applicants: We use tools to detect plagiarism and the use of AI or chatbots for applicant answers. If plagiarism, AI use (such as ChatGPT) or similar software are found to have been used in your application you will not be considered for this or future roles within the Satellite Applications Catapult.

At Satellite Applications Catapult, we're committed to fostering an inclusive and diverse workforce. We welcome candidates from all corners of the globe, but due to legal and logistical considerations, we want to be transparent about the potential visa-related challenges that could arise. Our ability to offer sponsorship will depend on the level of interest for our roles and salary level.

If you need any additional support during the application process, please do reach out and connect. We also invite you to share feedback via Applied.