Cyber Risk Manager - Active Security Clearance Required

About the role

About us Solirius Reply , part of the Reply Group , is a technology consultancy and digital transformation partner that helps organisations solve complex challenges through strategy, design, engineering, and delivery. We work closely with our clients to deliver secure, accessible, user-focused services that evolve with their needs. By combining deep technical expertise with people-centred design, we create solutions that deliver meaningful, lasting impact. Our consultants partner directly with client teams, embedding into organisations to understand their goals, challenges, and users. This collaborative approach enables us to deliver tailored solutions that drive measurable outcomes across public and private sectors. Past and present clients include the Ministry of Justice, Department for Education, Ministry of Housing, Communities and Local Government, UEFA, International Olympic Committee, and Mercedes-Benz. Our services span the full digital delivery lifecycle, including architecture, engineering, delivery management, user-centred design, business analysis, data, DevOps, and AI. We operate as a collaborative and inclusive organisation that empowers our people to take ownership, innovate, and develop their expertise. As an equal opportunities employer, we are committed to encouraging equality, diversity, and social mobility, while creating opportunities for our teams to work on meaningful projects that deliver lasting impact About You: You are a motivated and adaptable professional with a strong analytical mindset and a passion for using technology to solve real-world problems. You enjoy working in collaborative, agile teams and take pride in delivering high-quality solutions that make a tangible impact. With strong communication skills and a consultative approach, you're comfortable engaging with clients, understanding their needs, and translating them into effective outcomes. The Role We are looking for an experienced Cyber Risk Manager to join our growing cyber practice on a permanent basis, supporting major public sector clients, with a particular focus on Local Government. You will work closely with client stakeholders to identify, assess, manage, and communicate cyber risks across a variety of programmes and operational environments. Acting as a trusted advisor, you will help organisations establish effective cyber risk management practices, improve governance processes, and implement proportionate controls aligned to their risk appetite. You will play a key role in supporting the continued evolution of our Local Digital Cyber Risk capability, helping to mature reporting processes, strengthen risk insights, and enhance the use of the NCSC Cyber Assessment Framework (CAF) to support informed decision-making across the sector. You will be a fundamental member of the team, responsible for leading cyber risk activities, supporting and developing colleagues, fostering best practice, and ensuring our clients remain resilient against an evolving threat landscape. Leading and facilitating cyber risk assessments across programmes, projects, and operational environments. Supporting and maintaining the Cyber Risk reporting process for the Local Government sector, ensuring timely and accurate reporting of cyber risks and emerging trends. Supporting the continued development and maturity of the Local Digital Cyber Risk function through the enhancement of metrics, reporting frameworks, and governance structures. Analysing NCSC Cyber Assessment Framework (CAF) returns to identify themes, trends, and actionable risk insights that inform decision-making and prioritisation. Planning and executing assessments to determine the cyber risk levels associated with strategic departmental goals, programmes, and initiatives. Providing a cyber risk perspective on the development, refinement, and implementation of the CAF process to ensure it remains effective and aligned to organisational objectives. Directly engaging with councils, when required, to validate risk profiles, understand local challenges, and provide pragmatic risk-based guidance. Developing and maintaining cyber risk registers, ensuring risks are appropriately documented, prioritised, assigned, and managed through to resolution. Assessing the effectiveness of security controls and recommending proportionate improvements to reduce risk exposure. Producing high-quality risk reports, dashboards, and presentations for senior stakeholders and governance forums. Providing risk-based guidance to technical and business teams throughout project lifecycles. Conducting third-party and supplier cyber risk assessments where appropriate. Supporting internal and external audits, assurance reviews, and regulatory activities. Monitoring emerging threats and vulnerabilities to assess potential impacts to client environments. Promoting cyber risk awareness and embedding a positive security culture across client organisations. Key Skills and Experience Demonstrable experience worki