Senior Security Policy & Standards Manager

The Senior Security Policy and Standards Manager will play a pivotal role in shaping, governing, and enabling security across DWP. Operating in a dynamic, highly reactive environment, the role ensures that security policy keeps pace with organisational priorities and supports the DWP 2030 strategy, while maintaining proportionate, risk-based controls that protect the department's people, services, and data. This is a role that requires effective decision-making skills, confident interpretation of complex issues, and the ability to respond at speed to new policy demands, emerging risks, and operational challenges. As a senior manager, you will lead the development, maintenance, and continuous improvement of security policies and standards, ensuring they remain relevant and adaptable in a rapidly changing technology and threat landscape. Rather than enforcing static requirements, you will guide the organisation towards flexible, outcome-focused controls that enable innovation and service transformation without compromising security. A key part of the role is providing clear, authoritative advice to senior leaders, programme teams, and operational colleagues. You will act as a strategic partner-translating security needs into practical, proportionate requirements, and ensuring that work within DWP can progress quickly and confidently. This includes steering discussions, supporting senior leader decision making and ensuring policies reflect both regulatory obligations and the realities of delivery at scale. Collaboration and an ability to influence are essential. You will work closely with architects, cyber-security specialists, operational colleagues, and senior stakeholders to embed a shared understanding of risk and secure-by-design principles. You will ensure that policy remains balanced, reducing unnecessary burden while safeguarding critical services relied upon by millions. Ultimately, the Senior Security Policy and Standards Manager ensures that DWP can move at pace-innovating, transforming, and preparing for 2030-while maintaining a strong and evidence-based security posture. By combining strategic vision with responsive leadership and practical delivery, the role ensures that security remains both a trusted enabler and a source of assurance across the department.

• Develop, deliver and maintain a framework of security policies and standards that support DWP objectives.
• Develop and manage the security policy and standards governance process to ensure the policy and standards portfolio. continues to meet current and emerging business needs, priorities and best practice, and are updated as threats evolve based on horizon scanning.
• Working with subject matter experts and domains, such as security architects and security assurance teams to ensure policies and standards accurately reflect known threats.
• Developing and drafting new security policies and standards as and when required.
• Ensure the Departmental security policy portfolio complies with security obligations, statutory requirements, industry. developments, best practice and standards, as well as legal obligations such as the Data Protection Act, Computer Misuse Act, and Freedom of Information Act, and ISO27001/2, NIST CSF, HMG Policy Framework (SPF), HMG Functional Standards and Cabinet Office Directives.
• Provide advice and support to the business on security policy matters.
• Managing individuals within the team, supporting their development and capability within the security profession.
  Disability Confident
About Disability Confident A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to .