Information Security Risk and Assurance Specialist

On behalf of Sellafield, we are looking for an Information Security Risk and Assurance Specialist (Outside IR35) for a 12 month contract based Hybrid in Warrington or Cumbria.

Work at Sellafield Ltd, and you're not just building a career. You're embarking on a mission. Joining 11,000 people on a 100-year project transforming the Sellafield site for all the generations that follow. We have the site at Sellafield (West Cumbria) and our office at Risley (near Warrington). Join us and you'll work shoulder-to-shoulder with industry-leading - sometimes world-leading - experts. There are generations and generations of knowledge here and people are only too willing to share it. Our culture of continuous improvement is underpinned by commitment to professional and personal development few can match. Our relentless pursuit of excellence is reflected in our health, safety, security, resilience, and environmental performance standards as well as the quality of the products and services we deliver to our customers.

SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.

As an Information Security Risk and Assurance Specialist, your main responsibilities will be:
. Contribute to the design and documentation of cyber risk assessment and risk management processes
. Identify and map existing controls and risks to the developing assessment methodology
. Help define a risk taxonomy and risk tolerance levels appropriate for different classes of assets and systems
. Interface with system managers and risk owners to gather input and test draft processes
. Assist in running workshops and structured interviews with business stakeholders
. Provide input into evaluation of current security posture using frameworks such as MITRE ATT&CK and CAF
. Help refine or select appropriate risk registers or assurance tooling in collaboration with internal teams

Knowledge and Experience
. Strong understanding of cyber security risk principles and how they apply in complex organisational settings
. Working knowledge of at least one major framework (eg, CAF, NIST RMF, ISO 27001), and ability to relate these to real-world systems
. Demonstrable ability to communicate technical risk in a way that is accessible to senior stakeholders and non-specialist risk owners
. Experience supporting development of cyber security processes or frameworks
. Exposure to regulated industries, critical infrastructure, or operational technology (OT) environments is desirable
. Experience working collaboratively with external service providers and internal governance teams

Essential Skills
. Proven ability to act as a subject matter expert in cyber security risk or assurance
. Practical experience conducting or contributing to cyber risk assessments
. Strong written and verbal communication skills, with experience preparing briefing materials or board-level summaries
. Ability to synthesise information from multiple sources into clear and structured risk insights
. Comfortable working independently while contributing to a shared team objective
. Familiarity with the MITRE ATT&CK framework and its application to risk profiling
. Capable of managing tasks in an evolving, often ambiguous environment

Please be aware that this role can only be worked within the UK and not Overseas.

Sellafield Ltd is committed to eliminating discrimination and encouraging diversity amongst its workforce.

Disability Confident

As a member of the Disability Confident Scheme, Sellafield guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

Armed Forces Covenant

Sellafield guarantees to interview veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".