Cyber Risk & Audit Manager

Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.

Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.

We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.

Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.

Methods was acquired by the Alten Group in early 2022.

Role Overview:
Methods is a leading digital transformation consultancy, partnering with public and private sector organisations to deliver innovative and secure solutions. With a strong focus on governance, risk, and compliance (GRC), we help businesses navigate complex security landscapes while ensuring regulatory and operational resilience.

We are seeking a Cyber Security Risk & Audit Manager to join our growing team. This role is ideal for a professional with a strong background in cyber security, risk management, and internal audit. The successful candidate will hold both the CMIIA (Chartered Internal Auditor) and IRM Chartered Risk Manager qualifications, ensuring a robust understanding of risk frameworks and compliance in a security-driven environment.

• Lead and execute cyber security audits, ensuring compliance with regulatory and industry standards.
• Develop and maintain risk management frameworks, aligning with best practices such as ISO 27001, NIST, and GDPR.
• Collaborate with stakeholders to identify and mitigate cyber risks across digital and operational infrastructures.
• Provide expert guidance on cyber risk governance, resilience, and assurance strategies.
• Assess third-party risk management practices and conduct security audits on suppliers and partners.
• Work closely with CISOs, IT, and compliance teams to drive a proactive security culture.
• Report findings and recommendations to senior leadership, ensuring risk mitigation strategies are effectively implemented.

Essential Skills & Qualifications:

• CMIIA (Chartered Internal Auditor) and IRM Chartered Risk Manager certification (or equivalent).
• Proven experience in cyber security risk management and audit, ideally within regulated industries.
• Strong knowledge of security frameworks, including ISO 27001, NIST, CIS Controls, and GDPR compliance.
• Ability to conduct security assessments, risk analyses, and internal audits.
• Familiarity with security tooling and governance platforms (e.g., SIEM, GRC platforms).
• Excellent communication skills with the ability to influence senior stakeholders.
• A proactive mindset with the ability to work independently and as part of a team.

This role will require you hold or achieve Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected - Details of this will be discussed with you at interview

Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.

By joining us you can expect

• Autonomy to develop and grow your skills and experience
• Be part of exciting project work that is making a difference in society
• Strong, inspiring and thought-provoking leadership
• A supportive and collaborative environment

Development – access to LinkedIn Learning, a management development programme, and training

Wellness – 24/7 confidential employee assistance programme

Flexible Working – including home working and part time

Social – office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes

Time Off – 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year

Volunteering – 2 paid days per year to volunteer in our local communities or within a charity organisation

Pension – Salary Exchange Scheme with 4% employer contribution and 5% employee contribution

Discretionary Company Bonus – based on company and individual performance

Life Assurance – of 4 times base salary

Private Medical Insurance – which is non-contributory (spouse and dependants included)

Worldwide Travel Insurance – which is non-contributory (spouse and dependants included)

Enhanced Maternity and Paternity Pay

Travel – season ticket loan, cycle to work scheme

For a full list of benefits please visit our website ()