Job Introduction Salary: Up to £63,520.60 per annum (dependent on experience) Contract: Permanent Location: Cardiff‑based Hybrid working: Yes – minimum 2 days per week in the Cardiff office Hours: Full‑time, 37 hours per week Working pattern: Flexible, blended home and office working available British Transport Police (BTP) is the national police force for the rail network throughout Great Britain. We are the ‘Guardians of the Railway,’ putting passenger safety at the heart of what we do. Our values are simply: We Care, We Do the Right Thing, We Strive to Be Better Every Day, We Are One BTP, and We Are Proud to Protect. Join us and help create an environment where we can all be our best every day. The Opportunity We are seeking an Information Assurance & Risk Manager to join our Information Management Department, based in Cardiff. This is a senior role with both strategic and operational responsibility for information assurance, risk management, and compliance across BTP. You will lead the development, implementation, and continuous improvement of BTP’s Information Security Management System (ISMS), ensuring alignment with national policing requirements and recognised industry standards. You will also be responsible for leading and developing a team of Governance, Risk and Compliance (GRC) Officers, supporting professional growth, high performance, and consistent assurance delivery across the organization. What You’ll Be Doing

Strategic Leadership & Governance – Lead the development and continuous improvement of BTP’s Information Security Management System (ISMS), ensuring alignment with national policing and industry standards, and act as the senior lead for information assurance governance and strategy. Risk & Incident Management – Oversee the identification, assessment, and mitigation of information risks across BTP, maintain the organisational Information Management risk register, and lead the force-wide incident response process in line with national guidance. Policy & Compliance Oversight – Develop and govern information security policies, ensuring compliance with GDPR, DPA 2018, and national standards, and monitor adherence through audits and assurance activities. Third‑Party Assurance – Manage third‑party risk using the NPCC TPAP framework, ensuring suppliers meet BTP’s security standards and reporting compliance to governance boards. Team Leadership & Development – Lead, coach, and support the GRC team, fostering a high‑performance culture, promoting agile working, and enabling cross‑functional collaboration. Strategic Reporting & Liaison – Prepare strategic advice and reports for senior stakeholders, act as BTP’s Crypto Custodian, and liaise with national bodies including Police Digital Services and the Police Information Assurance Board.

What You’ll Bring To The Team Applications are welcome from candidates who have a strong audit and assurance background, with a proven ability to understand, apply, and assure complex governance frameworks.

A strong audit and assurance background, with proven ability to understand, apply, and assure complex governance and regulatory frameworks. Significant experience in information security, risk management, audit, or compliance within a complex or regulated environment. Demonstrable experience of strategic governance and assurance leadership, including oversight of an Information Security Management System (ISMS) aligned to recognised standards (e.g. ISO/IEC 27001). Proven experience of third‑party and supplier assurance, including assessment of risk, review of assurance evidence, and reporting through formal frameworks (e.g. TPAP or equivalent). Strong leadership and stakeholder‑engagement skills, with the ability to influence senior stakeholders and translate complex technical or assurance issues into clear, practical advice.

What We Offer

28 days annual leave plus bank holidays, increasing to 30 days after 5 years. Family‑friendly policies, including up to 26 weeks paid maternity and adoption leave. Bespoke benefits platform and Blue Light Card access. Salary sacrifice options for cycles, home technology, gym membership, and electric vehicles. Interest‑free annual rail season ticket loan after 6 months. Access to the Transport Benevolent Fund for health, welfare, and financial support. Development opportunities, including fully funded apprenticeships. Excellent Pension scheme: We offer the BTP GPP Police Staff Pension Scheme, administered by Royal London. This group personal pension plan is available to all police staff and is a defined contribution scheme. It provides the flexibility to vary your pension contributions from 4.4% to 12% of your salary.

Vetting Successful applicants will be required to pass Management Vetting (5 years minimum UK residency required), including a full background and financial disclosure. Medical We’ll ask for relevant health and medical history details to support employee wellbeing. References We'll ask for references to cover the past 5 years. Inclusion & Diversity We are committed to building a workforce where everyone feels they belong. We welcome applications from people of all backgrounds, identities, and lived experiences. Diversity strengthens our teams, improves our services and helps us better represent and support the communities we serve. #J-18808-Ljbffr