Archives: Jobs

Westminster

Head Office provides the Department of State function and political and military strategic direction for the MOD. It is accommodated in Main Building, MOD’s flagship headquarters. This is an exciting new role within the Director Head Office business area specifically within the Safety Security and Business Resilience (SSBR) business unit.  Its main role is to oversee the safety, security, and resilience of MOD Main Building, ensuring that staff within MOD Main Building can continue to deliver critical Defence outputs in all foreseeable circumstances.  

We are looking for an enthusiastic individual to lead the Head Office Cyber Security team.  This is a new, exciting high-profile role working across the whole of Defence. The office is a busy, fun, and supportive environment covering a range of security and resilience delivery functions.  You will have LM responsibility for an SEO of which recruitment is underway.

As part of your role, you will be required to develop a Cyber Security Strategy for Head Office, aligning with Defence’s Cyber Security Strategy and Resilience programme.  You will lead the work to understand Head Office’s Cyber security and resilience risk to ensure the effective of proposed mitigations against an evolving cyber threat.  You will promote best practice, promote and advise on secure by design ensuring Head Office business units are aligned and comply with MOD policy.  You will lead on the implementation of Cyber Compliance Framework activities driving forward improvements as required.  Head Office ac f  You will liaise with Directorate of Cyber, Risk and Governance, Defence Digital and other key stakeholders to ensure we are coherent with wider Departmental work / objectives.  You will represent the Principal Security Advisor at departmental meetings including the Cyber Resilience Oversight Board as appropriate. 

Due to the nature of the role, you may be required to support the Principal Security Advisor and Security and Resilience Ops lead help to manage security (cyber) or resilience incidents.   This may include managing crises that disrupt or have the potential to disrupt business in MB.  You will have a wider awareness of the changing priorities and responsibilities and be able to work flexibly distinguishing the preferable from the critical.  As this is a new team, you will have an opportunity to shape the future size and shape and responsibilities of the team as the Head Office Security team as the organisation considers its priorities over the next 5 years.

You may be required to take part on an on-call rota, sharing the responsibility of providing out of hours advice to Main Building users and stakeholders with colleagues across the Safety, Security and Business Resilience team for which an allowance is payable.

This position is advertised at 37 hours per week.

• Leading work to understand Head Office cyber security and resilience risk to ensure understanding and effectiveness of proposed mitigations against the evolving cyber threat.
• Ensuring Head Office conducts cyber risk assessments and risk management in accordance with defence standards and in line with applicable regulations, legislation and policy.
• Reporting on Head Office cyber security and resilience risk, to enable senior stakeholders to make informed decisions.
• Ensuring Head Office implements Defence / HMG cyber security guidance, policy and tools.
• Overseeing the analysis of mitigation plans for Head Office cyber risks, building knowledge of common themes and identifying gaps
• Building a cyber risk management community of interest and using it to promote cyber risk knowledge sharing.
• Providing advice and guidance to Head Office senior management, business units and key stakeholders on cyber security related risks
• Leading and overseeing Head Office activity in response to cyber incidents and rapidly emerging vulnerabilities.
• Lead the implementation of the Cyber Compliance Framework and the Cyber Risk Management Framework across Head Office.
• Working closely with the Head Office Security and Resilience Team to reduce seams between physical, personal, technical and cyber security.
• Line managing the Head Office cyber security team – line manager for SEO, CSO for HEO post.

Maintaining professional competence.

• Self-starters who are comfortable working independently in a fast-paced environment, able to set goals, create opportunities, win support for them, and see them through.
• People with excellent interpersonal skills, able to express themselves clearly and engage with a diverse set of senior stakeholders to ensure that Head Offices priorities are met.
• People with sound judgment and analytical skills, able to take evidence-based decisions and calculated risks, with a good instinct for when to seek direction.
• People who have can drive forward change and can overcome obstacles to drive forward improvements.  
• People who are resilient, able to oversee and progress a broad programme of activities, prioritising among them and delivering to deadlines.
• Individuals who are highly organised and able to establish a close working relationship with a wide range of contacts, inside and outside of the Department.
• A sense of fun and a willingness to help develop a close and supportive team ethos.

 Essential

• A good understanding of cyber risk and cyber security
• Formal/ accredited qualifications in Information Risk Management and/or Information Security

Technical Qualifications

• IISP Skills Framework: A1 – Governance. Level 5 (Advise) – Principal Practitioner
• IISP Skills Framework: B1 – Threat Intelligence, Assessment and Threat Modelling. Level 5 (Advise) – Principal Practitioner
• IISP Skills Framework: B3 – Information Risk Management. Level 5 (Advise) – Principal Practitioner

Desirable

Knowledge of Security and Resilience Member of the professional body such as the Security Institute or Business Continuity Institute.

Formal/ accredited qualifications in Information Risk Management and/or Information Security

We’ll assess you against these behaviours during the selection process:

• Leadership
• Communicating and Influencing
• Changing and Improving
• Making Effective Decisions
• Delivering at Pace
• Managing a Quality Service

Alongside your salary of £57,670, Ministry of Defence contributes £15,570 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%
• Free onsite Gym
• Onsite Restaurant and Coffee Shop
• Generous annual leave allowance starting at 25 days per annum.

MOD Corsham, Westwells Road, Corsham, SN13 9NR

We are Defence Digital, part of Strategic Command, fulfilling an important role in the age of information warfare within the Ministry of Defence (MOD). We provide digital and technology services to our Armed Forces, ensuring they can operate securely via various communication means including radio, satellite, and the internet. Operating at scale, with an annual budget in excess of £2Bn and a diverse team of 2,500 colleagues, we’re aiming to make our Armed Forces some of the most technologically advanced in the world.

If you can see yourself contributing to the world of Defence digital and technology, the next chapter of your career may be with us!

This position is advertised at 37 hours per week.

The Crypto Custodian position sits within the MOD Corsham Security and Resilience team and is responsible for the safe custody, registration, mustering, amendment, issue, safe handling and disposal of Cryptographic items, held at their locations.

In this role, you’ll provide advice on risks to information, relating to Crypto use and share the discharge of all duties, regarding the cryptographic material held, with the Alternate Custodian Officer.

Currently, the role involves working in a subterranean environment but there are plans for this to change in the near future.

For this role, the successful candidate will be required to undertake the following training. These are short residential courses in Bedfordshire:

• CSD (UKNDA) 2-day crypto course.
• STRAPSO course must be attended in the first 12 weeks of taking up the post, if not already completed.
• The Information and Technology Security Officers course must be completed within the first 6 months of taking up the post, if not already completed.

This role sits within the Government Security Profession framework, which seeks to build the capacity and capabilities of security professionals across government. As an organisation, we are committed to providing learning and development opportunities, tailored to your role and beyond, helping you continue your professional development.

You’ll also be able to take advantage of our excellent benefits package, including flexible working, generous leave allowance, great discount services and a market-leading Civil Service pension.

Responsibilities:

• Lead the whole life accounting, management and maintenance of three large Communication Security (Comsec) accounts.
• Lead the process for issuing cryptographic material to all individuals who have a requirement to use crypto.
• Checking individual’s clearances with UK Vetting Service prior to briefing and issuing Cryptographic Authorisation Certificates.
• Lead on regular ad-hoc auditing checks on site and at Boddington.
• Lead 6 monthly Crypto Services for Defence (CSD) audits of all holdings within the specified time and prepare for annual audits.
• Lead on the destruction of material in accordance with policy.
• Attend all power outages at Corsham and Boddington, as required.
• Complete on-call requirements, either pre-arranged outages or urgent incidents.

If you have the following knowledge, skills and experience, we would love to hear from you!

• Working knowledge of cryptographic devices, policies and procedures
• Experience of working either directly or indirectly in a security environment
• An understanding of generic security roles and responsibilities
• Knowledge or understanding of implementing policy and audit processes
• Ability to communicate effectively at all levels
• An understanding of risk management

This role is predominantly based on site, with limited opportunities for hybrid working.

If not already held, the successful candidate will be required to undertake DV clearance. This position is open to sole UK Nationals only.

We’ll assess you against these behaviours during the selection process:

• Leadership
• Communicating and Influencing
• Managing a Quality Service
• Working Together

We’ll assess you against these technical skills during the selection process:

• Legal and regulatory environment and compliance
• Secure operations management

Alongside your salary of £28,300, Ministry of Defence contributes £7,641 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role with a dedicated minimum of 5 days per year
• 25 days paid annual leave rising (by 1 day per year) to 30 days upon completion of five years’ service
• Ability to roll up to 10 days annual leave per year
• In addition to eight public holidays per year, you will also receive leave for HM The King’s birthday
• A Civil Service pension with an average employer contribution of 27%
• Parental and Adoption Leave
• Discounts on a range of services within and external to the civil service – Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, Company discounts with Virgin, Vodafone, and Microsoft Office.
• In year rewards and ‘thank you’ schemes such as vouchers and gift cards
• A culture encouraging inclusion and diversity
• Please see Benefits Leaflet for more detail

Please be aware that this role will be based at one of our main sites in Lowestoft or Weymouth.

The Information and Security Officer will be responsible for two important business critical and government policy areas Information Security and Business Continuity, as well as supporting and deputising for the Head of Risk, Security and Information in management of Enterprise Risk.

This role requires a certain amount of autonomy, with the postholder acting on their own initiative, within set parameters, making decisions around work priorities and resolving, often complex issues. Supporting the Head of Risk, Security and information with managing and motivating staff in this area, the role will require good interpersonal and communication skills.

The role will require a good technical understanding of information management and information security and Cyber security controls.

The post holder may be required to perform duties other than those given in the job description. The duties and responsibilities attached to the post may vary from time to time without changing the general character of the duties or the level of responsibility entailed.

Cefas is proud of a diverse and inclusive work environment, committed to fairness and the promotion of equality of opportunity for all. We know that having a range of experiences, backgrounds, ways of working and thinking, makes us a stronger organisation, better at reflecting the communities we serve. We embrace different views and experiences and value the fresh perspective that people from a variety of circumstances bring to the work we do. We welcome applications from candidates who have not previously worked for the Civil Service, mid- and late-career changers with transferable skills, people from all backgrounds and circumstances regardless of disability, gender, age, ethnicity, LGBT+ identity and socio-economic status.

The Post Holder will be the lead for Information Security Management System, this will include (but not limited to); working with Information Asset Owners to assess and manage risks to Cefas critical information assets, and responsible managing the accreditation cycle of those critical information assets, managing Business Continuity, Incident Management and Disaster Recovery planning and activation of those plans.

The Post Holder will work closely with the IT Services Group to ensure cyber security actions are completed and mitigating controls are in place and working.

The Post Holder will support and deputise for the Head of Risk, Security and Information in managing of Enterprise Risk, this will include when required attending the ARAC to report on the top-level risks and chairing the Risk Board.

The post holder will manage aspects of Records Management, Data Protection Management, and Freedom of Information Management, which will include (but not limited to), Defining and managing classifications and record types, managing and improving records management within Cefas, ensuring full retention period activation for stored electronic and paper records, managing Cefas compliance with the Data Protection Act. Collaboration with Defra – Records Management, Data Protection, and Freedom of Information teams, to develop, maintain and promote best practice. Creation, updating and promotion of the Information Management and Security Teams policies and PAG’s.

The post holder may be required to perform duties other than those given in the job description. The duties and responsibilities attached to the post may vary from time to time without changing the general character of the duties or the level of responsibility entailed.

This role requires National Security Vetting at SC level.

The following are essential criteria required for this role and you must be able to demonstrate your skills and experience in the following areas: 

• Experience of engaging, advising and influencing at all levels of an organisation including senior managers
• The ability to consider the correct approach for each individual challenge
• The ability to take a cross-government approach, considering the impact of your decisions in the broadest of settings
• Understanding information security and assurance covering Cyber, personnel and physical
• Understanding and working knowledge and experience of information risk management
• Excellent IT skills and knowledge including hardware, software and networks
• Experience working within an ISO27001 compliant information security management system or experience working within an ISO22301 compliant Business Continuity Management System Good Eye for detail Commercial/ Business acumen
• The ability to form excellent relationships within Cefas and across Defra, especially with the Defra Groups within the teams’ areas of responsibility
• The ability to analyse information to provide appropriate expert advice and guidance
• Experience of managing complex and diverse workload, leading and drawing on multiple teams across Cefas and Defra to complete tasks
• Proven ability to perform effectively to deadlines, maintaining focus in challenging situations and adapting to find solutions that meet the needs of stakeholders
• A degree (for example in Computer Science, Cyber Security or related equivalent subject or qualification), and Certified Information Security Manager in good standing or Certified Information Security Systems Professional in good standing or willing to work towards one of these certifications

A degree, for example in Computer Science, Cyber Security or related equivalent subject or qualification.

We’ll assess you against these behaviours during the selection process:

• Seeing the Big Picture
• Changing and Improving
• Communicating and Influencing
• Working Together

We only ask for evidence of these behaviours on your application form:

• Seeing the Big Picture

Alongside your salary of £37,295, Centre for Environment, Fisheries and Aquaculture Science contributes £7,830 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Generous annual leave entitlement – Cefas offers 25 days’ annual leave on entry (rising to 30 days over first 5yrs) for full-time new entrants to the Civil Service. Employees receive 8 public holidays a year, plus an additional day to mark the King’s birthday
• Access to learning and development tailored to your role
• A working environment that supports a range of flexible working options
• A working culture which encourages inclusion and diversity
• Eligible to join the Civil Service Pension scheme – more information can be found on the CSP website http://www.civilservicepensionscheme.org.uk/
• Staff recognition vouchers
• In-year award scheme

Blackpool, Leeds, London, Manchester, Newcastle-upon-Tyne, Sheffield

Working for the Department for Work & Pensions Security Business Intelligence and Management team, you will work at the very centre of the department’s security function, and you will be working not just across the security function, but across all areas of DWP including Finance, Commercials and HR and occasionally with other Government Departments such as Cabinet Office and HMRC, in a fast paced, busy and challenging environment. 

The team develops and provides all aspects Security Business Intelligence and Management including, developing, improving and maintaining the Security Assessment Framework, including regular reporting to the S&DP Senior Leadership Team, provision of secretariat duties to the high-level departmental Security Boards, and high quality security information and management information.  The Team is also responsible for support to the Chief Security Officer and the Senior Leadership Team. Budgetary management, maintaining the Security and Data Protection (S&DP) resource baseline, providing fast and accurate responses to Parliamentary Questions (PQs) and Freedom of Information requests (FOIs), internal communications, business plans.

DWP security are looking for a highly motivated person.

The Business Intelligence and Management Lead will play a central role in supporting the Head of Security Business Intelligence Management, and senior managers across Security and wider DWP. The two separate leads will help to ensure the continued growth, development, streamlining, maintenance and delivery of;

1. The Business Intelligence function, such as the Security Assessment Framework (SAF), Security Management Information (MI), and Cyber Assessment Framework return.
2. The new and evolving DWP Security Operating Model outcomes, and
3. The DWP Security Management Information Dashboard

You will be responsible for leading and influencing strategic work within Security & Data Protection (S&DP).

This will involve taking ownership of specific areas of DWP Business Intelligence and Management structures and being responsible for the continuous improvement of those specific areas and communicating and instilling a culture of excellence and co-operation across the function.

The Business Intelligence function, such as the Security Assessment Framework (SAF), Security Management Information(MI), and includes but is not limited to; actively managing and leading on; the improvement of the SAF, the development and implementation of PowerBI reports, and an active role in the completion of cross-government returns such as the Departmental Security Health Check.

Responsibilities

• You will oversee the improvement and development of Security Assessment Framework (SAF), and other Security management information that feeds the dashboard and any other reports with Security Maturity information such as the Departmental Security Health Check (DSHC) and Cyber Assessment Framework (CAF).
• You will continuously build and maintain good working relationships with Security and Data Protection (S&DP) senior leaders, across DWP and Other Government Departments (OGDs).
• The role supports Security and Data Protection (S&DP) senior leadership team and Chief Security Officer (CSO) with a multitude of ad-hoc asks.
• You will gain assurance that the Security Governance Boards’ secretariat record significant security risk decisions as required.
• You will be responsible for the line management of team members.

Essential Criteria

• Background and knowledge of security.
• Proven strong stakeholder management skills, and the ability to engage effectively across multiple organisations operating, within a complex multi-partner environment.
• Have demonstrable experience of providing strong leadership, direction, and decision making, with the proven ability to steer senior conversations.
• Experience of identifying, collating, interpreting and explaining often complex information to inform future activity.
• Commitment to personal and professional development, Someone who drives their own development journey and acts on feedback to improve performance.
• Motivating and managing a team.

We’ll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Leadership
• Making Effective Decisions
• Working Together

We only ask for evidence of these behaviours on your application form:

• Communicating and Influencing

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

Porton Down, Sailsbury, Wiltshire, SP4 0JQ

The Challenge 

Do you want to join the 2021 Government Security team of the year and be part of our Gold Standard security service? 

The Ministry of Defence Guard Service (MGS) provides high quality security services at over 140 MOD sites across Great Britain. The MGS has guarded the Defence Estate for over 25 years including high profile locations such as MOD Main Building in London and His Majesty’s Naval Bases at Portsmouth, Devonport and the Clyde. We provide access control, military working dogs, control room operations and other security services. We play a vital role supporting the Defence Mission and work to protect the defence estate and personnel from crime, terrorism, espionage and sabotage threats. 

The MGS is part of the Defence Infrastructure Organisation (DIO) and employs over 2,500 staff. MGS Officers are often the first point of contact with the MOD for employees, visitors and contractors and we pride ourselves on our professional, customer-focused culture.

All our Security Officers are required to have excellent customer service skills and must be willing to go above and beyond to support security operations across the defence estate. Due to the high profile and strategic locations of the sites we guard, it is essential our Security Officers have a strong work ethic, are able to work as part of a team, are observant to threats and are capable to challenge and de-escalate difficult situations if required. We also require our Security Officers to have good written and verbal communication skills. Our Officers must have resilience and remain positive and friendly in all weather conditions and on all occasions.  

We provide our staff with a market leading salary, excellent sickness benefits, together with a defined benefit civil service pension. Free full uniform will be provided. 

We are a growing organisation with opportunities for good quality staff to progress their security careers. 

The MGS holds the Committed to Equality Gold Standard and we positively encourage applications from all under-represented communities and from all types of working backgrounds. 

See more information about the MGS, please read the candidate pack and watch our Security Officer YouTube video https://youtu.be/nzSK9OPOoDI  

About MGS

The Ministry of Defence Guard Service (MGS) is a professionally qualified body of Civil Servants who provide unarmed guarding services at over 100 MOD sites across Great Britain. The MGS has guarded the Defence Estate for over 25 years including high profile locations such as MOD Main Building in London and Her Majesty’s Naval Bases at Portsmouth, Devonport and the Clyde. The MGS plays a vital role supporting the Defence Mission and works closely with its security partners 

The MGS is part of the Defence Infrastructure Organisation (DIO) and  employs over 2,500 operational and support staff. The MGS is managed by a Head Office team, dispersed strategically around the country.  

MGS officers are very often the first point of contact with the MOD for employees, visitors and contractors and we pride ourselves on a customer-focused culture, working to DIO’s Values as well as our own core values of honesty, integrity, professionalism and efficiency.  

We are passionate about the services we deliver and work hard to keep pace with developments in the security industry, as we seek to be the unarmed  guarding provider of choice. The MGS holds the Committed to Equality Gold Standard and we positively encourage applications from all under-represented communities. 

Main Responsibilities 

The key duties of an Operational Manager (OM) are as follows.

• To ensure the correct posture of physical and tactical resources to manage sites and maintain operational preparedness for security incidents, in line with local Joint Business Agreements/General Statement of Security Requirement (GSSOR’s).
• Oversee the management of resources, including people, and expenditure whilst ensuring a positive and inclusive working environment
• Lead Physical Security operations and set governance structures to appropriately meet the risk appetite, overseeing effective Physical Security to protect assets and people throughout the estate. Liaise with Unit Customers and Heads of Establishments on a regular basis about service delivery and any problems/issues arising. Following agreed prioritisation of tasks and risks
• Comply with relevant regulation and legislation
• Ensure all posts and tasks are risk assessed and Health and Safety policies and processes are followed at all times
• Liaise with Unit Customers and Heads of Establishments on a regular basis about service delivery and any problems/issues arising. Following agreed prioritisation of tasks and risks.
• Cooperating with other security providers at the Unit to provide a high-quality security service.
• Provide Head Office with returns when requested regarding staffing levels, personal case work, audits and weekly completion of PORT, recording achievement of tasks, overtime and other operational data.
• Ensuring National Security Inspectorate (NSI) compliance at all Units within your Area of Responsibility (AOR) auditing paperwork and processes and amending and updating local documents when required
• Reviewing rosters, Joint Business Agreements/ General Statement of Security Requirement (GSSOR’s) and Assignment instructions on an annual basis to
• Consulting with Trade Unions on local changes and building positive and effective relationships with all stakeholders.
• Carry out all MGS/MOD/Management training including Institution of Occupational Safety and Health (IOSH) to ensure effective understanding and management of Health & Safety within their Area of Responsibility (AOR).

Travel Requirements

Some Operational Manager roles may cover more than one site and require routine travel using official vehicles between Units. There will also be an expectation to travel in order to attend meetings, training courses or carry out Personnel case work at other locations throughout the UK.

Desirable Experience & Skills 

A background, qualification or demonstrable interest in the delivery of site security and/or customer service will be an advantage. 

Full UK driving licence, due to travelling to other sites and to attend training courses and meetings.

We’ll assess you against these behaviours during the selection process:

• Leadership
• Managing a Quality Service
• Communicating and Influencing
• Developing Self and Others

We only ask for evidence of these behaviours on your application form:

• Leadership
• Managing a Quality Service
• Communicating and Influencing

Alongside your salary of £28,300, Ministry of Defence contributes £7,641 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

We enable our people to work at the right place, with the right people, at the right time. 

We believe that if we look after our people, they will be passionate about delivering great things for our customers. 

The MOD Discover My Benefits page lists the full set of benefits. Some of the many benefits you will receive include: 

• A Civil Service pension with an average employer contribution of 27%
• Free Uniform 

• 25 days (215 hours) annual leave rising (1 day per year, 8.6 hours) to 30 days (258) upon completion of 5 years’ service 
• Ability to roll over up to 10 days (86 hours) annual leave per year 
• Minimum of 15 Days Special Leave in a rolling 12-month period to for volunteer military or emergency service reserve commitments 
• Special Paid Leave for volunteering up to 6 days a year 
• Enhanced parental leave 

• Employee Assistance Programme to support your wellbeing 
• Most sites have good travel links with free car parking; many also have other facilities such as a Sports & Social Club, Gym and / or site shops 
• The possibility to gain a financial in-year reward after successful completion of six months probation and a further in-year reward after your 12 month anniversary and throughout your career with the MGS.

This post does not offer any assistance with relocation allowances.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

This vacancy is part of the A Great Place to Work for Veterans initiative, Making-the-civil-service-a-great-place-to-work-for-veterans

Learning & Development 

• Professional and Personal Development of skills 

• Access to thousands of training courses through Civil Service Learning, some free or paid by DIO 
• Ability to obtain industry recognised qualifications supported by DIO 

Employment Hours 

37 Hours Net. ​​This role is for full-time as due to the nature of the job, our customers require a Manager to be present Monday to Friday. Please note therefore, job share will only be considered if full time cover can be achieved. 

Medical 

MGS applicants are required to attend a medical appointment to undertake a colour perception test

About DIO 

DIO is passionate about ensuring that we are a top performing organisation and a great place to work. We host a diverse range of talent where everyone feels valued and supported enabling our people to thrive, bring greater creativity and innovation to achieve higher organisational performance. We are committed to be an equal opportunities employer and creating a culture where everyone can bring their whole self to work and individuality is truly appreciated.  

This culture of inclusion is underpinned by our 6 staff networks covering Disability, Faith and Belief, Gender Equality, LGBTQI+, Race, Social Mobility and 3 networks dealing with employee wellbeing and support: Speak Safe Volunteers, Mental Health First Aiders and Equality, Diversity and Inclusion Advisers.  

Our staff, future and current will be guided by the 4 Cs and we encourage you to be curious and continuously strive for improvement, collaborative in an inclusive culture, ambitious and resilient and committed to Defence, empowered and able to challenge so you can play a key part in shaping the direction of our organisation. 

DIO commits to offer its employees the following experience:  

• Meaningful, purposeful work 
• The ability to learn and grow 
• The right opportunities and resources 
• To care about your wellbeing 

• To feel valued and included 

Our responsibilities include:  

• Plan and deliver major capital projects and lifecycle refurbishment 
• Provide utilities services 
• Manage soft facilities management (i.e. cleaning and catering) 

• Provide a safe place to train 
• Allocate Service Families Accommodation 
• Procure and manage routine maintenance and reactive repair 
• Provide a central register of asset information to advise infrastructure planning 
• Act as steward of the Defence estate 

• Provide the unarmed guarding service 
• The Defence Infrastructure Organisation (DIO) is the estate expert for Defence, supporting the armed forces to enable military capability by planning, building, maintaining, and servicing infrastructure. 

 We employ approximately 4,900 staff from a very diverse range of professions, and we work across the world; in Germany, Cyprus and the Falkland Islands, Norway, Poland, Kenya, Belize, Nepal and Oman. 

You can view our YouTube video to see more about our work  

 

BSYO Organisation Naval Base Portsmouth

His Majesty’s Naval Base Portsmouth (HMNBP) has been an integral part of the city since 1194. It is home to almost two-thirds of the Royal Navy’s surface ships, including the new aircraft carriers HMS Queen Elizabeth; HMS Prince of Wales; the formidable Type 45 destroyers; Type 23 frigates; and mine countermeasures and fishery protection squadrons.

The base is a major employer and provides lodging facilities to RN personnel serving at the base and in Portsmouth based ships.

HMNBP is one of three naval bases providing enabling support as part of the nation’s defence strategy. In doing so, HMNBP seeks to improve through science and technology to strengthen its security and defence at home and overseas. This requires continuous improvements in building capacity, capability and resilience through its people. It is the home base for assigned ships and ship’s companies preparing for operations. A key component of achieving this support is the ability to deliver the full range of increasingly sophisticated engineering support services. The unique employment opportunities offered are varied, challenging and exciting and support Navy Command’s role to generate and operate forces for today and to ensure we are ready for tomorrow by developing and delivering the Navy of the future. Navy Command provides an open, flexible and supportive work environment and Civil Servants, Contractors and Armed Forces personnel work together in a wealth of interesting and challenging jobs in different disciplines.

In Navy Command, our civil servants work alongside their military colleagues in jobs that matter; jobs which often have a direct impact on the quality of the operational capabilities we deliver.

Roles can offer great job satisfaction and there are many opportunities to develop and progress both within the Department and across the wider Civil Service.

This position is advertised at 37 hours per week. 

The Royal Naval Distributing Authority (RNDA) is responsible for the issue, custody and accounting of Highly Protected items.

The post holder will be a broader band C2 grade and is directly accountable to the Captain of The Base and Head of Security.

The main function of the job is to co-ordinate and manage the receipt, distribution, and administration of Cryptographic material in accordance with mandated defence Policy and mange three E1 Alternate Crypto Custodians.

Key responsibilities: 1.    The OiC and Crypto custodian is in overall local command of RNDA Portsmouth and has a strategic overview, undertaking responsibilities to the outputs pertaining to the role of Alternate Custodians in accordance with JSP490, para 63. The role ensures policy, procedure and process for the department is delivered. 2.    The OiC is wholly responsible to the Captain of the Base (COB) for the safe custody of cryptographic items held by RNDA Portsmouth. The following paragraphs represent a summary but is not exhaustive. 3.    Manage the receipt, registration, stowage and issue of cryptographic items to HM Ships and local establishments, maintaining an accurate and timely supply pipeline so that customers always have sufficient reserve of their holdings ensuring only minimum crypto requirements are held; identifying surpluses and requesting disposal instructions for surplus/obsolete items and arranging disposal using approved methods.  4.    To establish a system for internal stock checks of all cryptographic items for which RNDA Portsmouth are responsible, Conduct six monthly 100% musters of the RNDA crypto account and initiate routine musters of sub-accounts ensuring account musters are reconciled correctly.  5.    Manage the production, maintenance, review and distribution of RNDA Crypto Holders Orders, Lead and maintain an overview of all RNDA Holders ensuring compliance with physical security aspects, accounting and handling procedures in accordance with JSP 490 at their location and to ensure compliance with Crypto policy and regulations and disseminate changes to Sub accounts and holders as required.  6.    To ensure that the minimum national and departmental requirements for the secure storage and handling of cryptographic items are applied to minimise the possibility of a breach of security or a PDS.  7.    Conduct stock-take of RNDA and Sub-account holdings, investigating and resolving all discrepancies and reconciling with Cryptographic Operational Distribution Electronic System (CODES) accounting system.  8.    Maintain an overview of RNDA Sub-accounts and holders ensuring compliance with accounting and handling procedures in accordance with NCSR’s, JSP 490, JSP 491 and JSP 440.  9.    Deputise auditing Sub-accounts by conducting annual inspections investigating and rectifying discrepancies or areas of concern and reporting to Crypto Services for Defence Policy.  10.  Act as Supervising Officer for MF 102 and other Protected Document Registers (PDR).  11.  SAPSO/STRAPSO, managing the safe receipt, storage and transmission of all STRAP and SAP material.  12.  Provide out of hours on-call cover (for RNDA for urgent operational requirements manning the Duty Mobile for the duration of your duty.  13.  To ensure that the minimum national and departmental requirements for the secure storage and handling of cryptographic items are applied to minimise the possibility of a breach of security or a PDS. 14.  To ensure that all personnel RNDA Portsmouth personnel employed on COMSEC duties hold the appropriate level of vetting and ensure that an Annual Security Appraisal is conducted for all DV post holders. 15.  To ensure that all RNDA Portsmouth personnel are CRYPTO authorised and appropriately trained. Personnel must be re-certified annually and hold the appropriate level of security for the classification of cryptographic items held in their charge. De-briefing on completion of access is also to take place. 16.  Ensure the department maintains a CRYPTO/Standing order book and ensure annual re-certification by CSA staff that orders have been read and understood. The contents are to include the following: a.    Security Orders. b.    Casual courier, escort, and guard orders. c.    Emergency and Evacuation Plans. d.    Terms of Reference for the Custodian, Alternate (s), Accountant/Assistant and BRENT Local Managers (where employed). e.    Copies of Holders’ orders, which are to be, signed annually certifying that orders are held, read and understood.  17.  To take immediate upward reporting action and investigation of any suspected or actual cryptographic incident iaw JSP 490 Chapter 7. Report security breaches to Navy Command (NC) Warning, Advice and Reporting Point (WARP) in accordance with the Mandatory Information Security Incident Reporting Scheme (MSIRS). 18.  To arrange a monthly surprise spot check of items and procedures of all cryptographic items carrying the CRYPTO, ACCSEC or CCI caveats which are on loan. If the holder only holds ACCSEC items, then the frequency of the check is 3 monthlies. 19.  Maintain compliance with MoD Stores management systems for Logistics accounting through MJDI, owner and financially responsible of the PLR . 20.  Lead for the introduction to new crypto accounting and delivery systems; SKKD. 21.  Responsible for an annual Self-Assessment and departmental return to the BSyO. 22.  Responsible for the management and reporting of a monthly and quarterly RNDA performance return to BSyO. 23.  Establish, manage, maintain and exercise RNDA Business Continuity plans. Report on status to be provided to BSyO annually. 24.  Line management of the Alternate Crypto Custodians. Level of Authority (e.g. line management, budgetary, project etc) Liaise with relevant internal and external authorities at the appropriate levels on all matters relating to crypto. Sign non-policy letters in relation to RNDA operations on behalf of NBC Portsmouth in accordance with Standing Orders and Instructions and/or as delegated. Administer the RNDA, guiding and directing the workload of staff and dealing with routine personnel and administrative duties as Line Manager and First Reporting Officer for RNDA staff.

Line Manager to: 3 x Alternate Crypto Custodian

The post holder should essentially, be educated to A Level standard or equivalent experience.  It is essential that they have experience in the Security Industry (or relevant) and it is desirable that they have experience in the Military or defence industry.

The successful candidate must be prepared to undertake all relevant RNDA training courses if not already qualified.

The post holder must be prepared to successfully complete the National Security Vetting – Developed Vetting process following appointment.

We’ll assess you against these behaviours during the selection process:

• Leadership
• Delivering at Pace
• Seeing the Big Picture
• Managing a Quality Service
• Working Together

Alongside your salary of £35,290, Ministry of Defence contributes £9,528 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

As a civil servant in Navy Command, you will be part of a forward-looking organisation with inclusive workplace policies, excellent career prospects, and a job that makes a difference.

Navy Command prides itself on being a supportive employer and where possible encourages flexible working, helping you to maintain a great work/life balance.

In HMNBP, we promote the 70:20:10 model[1]. We understand learning can take different forms including on the job practice, learning from others, networking as well as studying for courses. All staff are encouraged to take ownership of their development and take proactive steps to shape your own learning and development. This includes identifying learning needs, deciding the best way to meet these needs, undertaking learning and reflecting.

We believe that everyone has the potential to make a difference and you will be supported to help you learn and advance in your career. This includes working towards membership of a professional body and/or undertaking an apprenticeship as part of your role.

An apprenticeship is a combined package of work and training. Through an apprenticeship you will gain professional knowledge, practical experience, and the broader skills required to upskill you in your current role and pave the way for your future career. Most of the training will be ‘on-the-job’, with the remaining ‘off-the-job’ training often delivered by a training provider. This means minimal disruption and maximum impact.

 Professional qualifications can be achieved through an apprenticeship and range from Level 2 (equivalent to 5 GCSEs), Level 3 (equivalent to 2 A Levels), and Levels 4 -7, which can give you a foundation degree, a full Bachelor’s degree, or a Master’s degree.

 Apprenticeships normally last between 12 months – 3 years, depending on the level of the apprenticeship.

 Anyone can undertake an Apprenticeship and everyone, regardless of age, can benefit from developing their skills in an accredited way.

Successful candidates can discuss their development options with their manager when in post. 
We also provide first rate benefits for all our employees as we understand the commitments our staff have, both inside and outside of the workplace and our aim is to provide a place of work which allows the flexibility to maintain a work-life balance. These include:

• In addition to your salary is the potential for in-year performance and recognition awards
• A very competitive pension scheme with the option to buy additional contribution years
• Personal & professional development
• Access to a confidential, professional support service
• 25 days paid annual leave rising (1 day per year) to 30 days upon completion of 5 years’ service
• Alternative working patterns for many roles
• Discount schemes
• Bicycle / season ticket loans
• Enhanced maternity, paternity, and adoption leave
• Special paid leave to volunteer up to 6 days a year
• On-site facilities (gymnasium, various cafés, shops, post office, mess facilities etc)

[1] 20200522-Routes to learning 2020_May.pdf (sharepoint.com)

The post does not offer relocation expenses. 

External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period. 

Please Note: Expenses incurred for travel to interviews will not be reimbursed.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

MOD Recruitment Satisfaction Survey – we may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Notice sets out how we will use your personal data and your rights.

MDPHQ, Palmer Pavilion, RAF Wyton, Huntingdon, PE28 2EA

Gather and develop intelligence for PSD Professional Standards Department (PSD) Anti-Corruption Unit (ACU) to produce intelligence products for the MDP PSD Investigations.

Ensure the gathering, development, and retention of intelligence in relation to individuals is justified and complies with legislation under Human Rights Act and DPA, RIPA, CPIA, as well as MOPI Guidelines. Liaise with other agencies to ensure that partnerships are developed in relation to the sharing and use of intelligence.

Review the preparation of intelligence products that will support the MDP PSD Investigation to direct resources effectively. Responsible for the management of MDP ACU staff to ensure that all intelligence and vetting in line with the Force Control Strategy.

This position is advertised at 37 hours per week.

Provide guidance and support to ACU Administration officer

Produce intelligence products, to assist decision making, identifying and managing threat risk and harm, and ensuring compliance with national standards and relevant legislation.

Work in support of the MDP ACU Analyst in the preparation of analytical products as outlined in NIM producing intelligence reports, charts, etc to tight deadlines

Support supervisors for the delivery of Professional Standards intelligence services and functions as required to meet the intelligence demands of MDP PSD Investigations.

Support all MDP PSD ACU intelligence activity and ensure intelligence products are managed in accordance with law and policy.

Development and maintenance of intelligence relationships in MOD, as well as wider Law Enforcement and Intelligence community.

Enable collaboration with colleagues in partner agencies to share intelligence and facilitate cross-sector working practices.

Maintain awareness of innovation within intelligence to ensure implementation of latest techniques and tactics, best practice, and information relevant to the role.

Complete all mandatory training for role (internal/external).

The post may include occasional working away from home duty station.

The post holder will undertake other research type duties such as support to major enquiries as required by Hd PSD

Self motivated, confident and able to work on own initiative

Good interpersonal skills

The ability to work under pressure and prioritise workload with the minimum of supervision as part of a small team

High levels of general computer literacy in relation to Microsoft applications and database applications

The post holder must be able to communicate with people at all levels and a high level of confidentiality is required. Ability to maintain the highest levels of integrity, discretion and confidentiality.

Ability to quality assure intelligence products and negotiate with and influence senior managers based on data and analytical outcomes.

Able to engage a variety of audiences through a range of media to inform and/or persuade.

Able to undertake resource planning to deliver effective outcomes and ensure operational effectiveness within the resources allocated.

Able to seek out and identify a range of information to identify patterns, trends and options, to solve multifaceted and complex problems.

To be able to work as part of a team with limited supervision.

Skilled in monitoring performance, assessing progress, identifying emerging risks, issues and opportunities, and taking corrective steps as required to ensure that the right results are achieved.

Able to develop trusting relationships with a variety of stakeholders to collaborate and ensure that their needs and concerns are fully understood and responded to in an appropriate way.

Candidate must have either analytical or intelligence experience or qualification.

Special Conditions:

Post holder will be vetted to UKSV SC and Police Management Vetting

Must always maintain the highest levels of confidentiality and integrity regarding all information gained whilst in post.

Alongside your salary of £28,300, Ministry of Defence contributes £7,641 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

25 days leave pa. Rising to 30 days pa at a rate of 1 day per year.

Access to facilities at RAF Wyton

The post does not offer relocation expenses. 

External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period. 

Please Note: Expenses incurred for travel to interviews will not be reimbursed.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

MOD Recruitment Satisfaction Survey – we may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Notice sets out how we will use your personal data and your rights.

This role may be located in one of the following locations; Birmingham, Leeds, London, Manchester or Newcastle. Please find further information on the Corporate hub locations here.

Do you want to help protect the privacy and safety of some of the most vulnerable people in society?

Do you want to help design systems that prevent serious and organised criminals defrauding the taxpayer?

This role is part of a passionate multi-disciplinary team of security and counter-fraud professionals supporting one of the largest agile programmes in the world. You will be the trusted expert working alongside any of our 27 feature teams.  No two days are the same.  You might explore technology to help people digitally prove their identity.  Or you could be helping design a feature that identifies high risk financial transactions.

The role is part of the Secure Design team within the Universal Credit programme.

The security and fraud risk manager is responsible for working alongside delivery teams to identify and assess the security, fraud and privacy risks of new features, explore opportunities to improve security and reduce fraud and ensure compliance with government policy and law.

The post holder will be expected to:

• Partner with delivery teams, to provide expertise, advice and support.
• Help identify and manage security and fraud risks, vulnerabilities and issues. Ensuring incidents are reported actioned.
• Support and build consistency in the methodology and approach to risk-based decisions, ensuring alignment with Digital Security Risk Management (DSRM).
• Work with teams to review security and fraud risk management plans.
• Work closely with security and delivery teams to ensure threats, vulnerabilities and opportunities with the potential to impact or improve resilience are identified.
• Analyse current and future trends around fraud and security.
• Undertake and support controls testing and audit of counter measures and feed results back into risk assessments.
• Mentor, support, supervise, knowledge transfer and line manage junior members of the team.
• Advise on pragmatic solutions at each stage of the design process, ensuring they meet business requirements and comply with the DWP Counter Fraud Strategy.
• Assess the impact on fraud and error at every level of design.
• Evaluate business rules aligned to known fraud risks.
• Understand and advise on the specific legal requirements of prosecuting authorities. Work collaboratively with criminal lawyers to understand the changing nature of criminal evidence.
• Identify where fraud prevention is designed into services utilising nudge methods, sign-posting, legal warnings and similar methods.

The essential criteria are outlined in the selection process details.

If you would like to learn more about the role, please contact: Victoria.robson2@DWP.gov.uk 

• An employer pension contribution of up to 27% For further information please click here.
• Annual leave rising up to 30 days, (based on your working pattern).
• Family friendly flexible working arrangements, such as hybrid working, job sharing, term-time working, flexi-time and compressed hours.
• Learning and development tailored to your role this could include industry recognised qualifications, coaching and mentoring.
• An inclusive and diverse environment with opportunities to join staff networks including: Women’s Network, National Race Network, National Disability Network (THRIVE) and many more.

This job role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home. This is a voluntary, non-contractual arrangement and your office will be your contractual place of work. The number of days that anyone will be able to work at home will be determined primarily by business need but personal circumstances and other relevant circumstances will also be taken into account. If you are successful, any opportunities for hybrid working, including whether a hybrid working arrangement is suitable for you, will be discussed with you prior to you taking up your post. 

Salary Information

The National Salary for this role is from £40,201 (Band min) to £43,347 (Band max).

The London Salary for this role is from £45,724 (Band min) to £47,986 (Band max). 

Our offer to successful candidates will be based on an assessment of your skills and experience as demonstrated at interview.

Existing Civil Servants who secure a new role on lateral transfer should maintain their current salary.

Existing Civil Servants who gain promotion may move to the bottom of the next grade pay scale or 10% increase in salary whichever would be the greater.

City of Westminster, London (region), SW1A 2HB

This is an exciting role within the Head Office Security team. The role provides a unique insight into the day to day operations of a major Department of State and Military Headquarters. It offers a fantastic opportunity to work in a varied, challenging yet friendly and supportive environment. The Security Incident Team Manager will manage the day to day operations of the Head Office Security Incident Management Team and may on occasion provide support to the Cyber Security lead with respect to cyber security incidents and the delivery of information security advice and accreditation of IT systems.

The incumbent will review and update the existing standard operating procedures of the Security incident management team with the support of the Establishment Security Officer (ESyO) and Principal Security Advisor to ensure compliance with MOD Security policy.

The post holder will undertake routine exploratory and investigative work with business units to ensure that a coherent and concise level of detail is applied to all security incidents, so that robust and proportionate investigation and resulting action is taken.
As the focal point key messaging and alerts, the post holder will be required to communicate and disseminate applicable warnings, advisories and directives to stakeholders and teams across Head Office.

The post holder will also need to forge and develop a strong working relationship with other incident management teams communities across the MOD, maintaining a strong relationship with the Joint Security Coordination Centre (JSyCC) and the Directorate of Security & Resilience.

Other duties may include supporting the wider security output of the Head Office security team, working closely with the Head Office Establishment Security Officer and Principal Security Advisor.

This position is advertised at 37 hours per week

• Oversee and manage the effective operation of the Head Office Security Incident Management Team.
• Responsible for the accurate initial triage/risk assessment of all reported security incidents.
• Operate the MOD’s security incident management database to record, track, manage and analyse all reported security incidents.
• Provide security policy advice to a range of Head Office business units
• Disseminate a range of intelligence products, alerts and warnings to business units
• Liaison with the Establishment Security Officer (ESYO) and a range of branch and unit level security Officers’
• Act as the Head Office intelligent customer for the platform, creating and maintaining a strong working relationship with MOD’s Joint Security Coordination Centre (JSyCC) and Defence Digital/Cyber Defence & Risk.
• Escalate serious or critical incidents to appropriate senior manager
• Provide first line assurance on business unit response to security incidents in accordance with MOD or Head Office policy or processes.
• Provide an analysis of security incident data to identify patterns, trends or incident hotspots.
• Utilise STREAM as the Head Office preferred risk management tool.

The ideal candidate will be enthusiastic and engaging and have a desire to make a difference within the Head Office Security team.  They will be able to provide evidence of good communication and interpersonal skills combined with a calm and analytical approach enabling them to articulate the issues so that decisions can be made under pressure.  A willingness to learn, develop, adapt and be flexible are key requirements.  The role provides significant opportunity to develop stakeholder engagement and leadership skills, service delivery disciplines, and, due to upcoming changes, the ability to shape future development of the team’s approach and outputs.  

This position would suit someone with previous experience of working in; a security operations centre, Police control room or other work area’s involving detecting, assessing and responding to a variety of security incidents concerning Cyber, Information, Physical & Personnel. 

Desirable Criteria

• 1. Experience of working in a security advice centre, security operations centre or incident/Police control room.
• 2. Experience of triaging, managing and responding to a range of security incidents (Cyber, Physical, Personnel and Information Security related incidents)
• 3. Knowledge or experience of NIST CSF and/or ISO 27001.
• 4. Use or knowledge of STREAM

We’ll assess you against these behaviours during the selection process:

• Delivering at Pace
• Communicating and Influencing
• Making Effective Decisions
• Leadership
• Managing a Quality Service

We only ask for evidence of these behaviours on your application form:

• Delivering at Pace

Alongside your salary of £35,290, Ministry of Defence contributes £9,528 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development opportunities tailored to your role which may lead to obtaining nationally recognised qualifications
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%
• On site Creche facilities
• On site gym
• Generous annual leave/public holiday allowance

The post does not offer relocation expenses.

External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.

Please Note: Expenses incurred for travel to interviews will not be reimbursed.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

MOD Recruitment Satisfaction Survey – we may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Notice sets out how we will use your personal data and your rights.

Manchester – Soapworks (Travel may be required on occasion to other sites)

The role of Vulnerability Management is to triage vulnerabilities by relevance and criticality to the organisation. Vulnerability Management then identify mitigations for those vulnerabilities and advise on implementing them.

Due to nature of this role, it is only available full time.

Your main day to day responsibilities will be to support the creation and implementation of vulnerability assessments of enterprise assets to a predefined scope and schedule using predetermined templates and test scripts, including but not limited to:

• Application vulnerability assessments
• Infrastructure vulnerability assessments
• Triage and prioritise vulnerabilities, implement mitigating measures, and support in the life cycle of vulnerability management, providing standardised advice on ways to
• Improve control mechanisms and mitigate risk.
• Collaborate with stakeholders to manage vulnerabilities and advise on remediation activities.
• Communicate common mitigation strategies such as patching and basic configuration change (system hardening)
• Utilise new and existing sources of cyber threat intelligence to contextualise the potential risk posed by vulnerability exposure across the organisation.
• Perform vulnerability assessments of enterprise assets with limited supervision to a predefined scope and schedule using predetermined templates and test scripts.

Other day to day activities

You will also be expected to carry out the following day to day activities:

• Represent and promote the threat and vulnerability management service across the Home Office and externally; collaborating with other government departments where required.
• Deliver, manage, and maintain tailored threat and vulnerability management profiles and products for an assigned portfolio of risk owners and relevant stakeholders.
• Identify vulnerabilities that currently exist or may pose a potential future risk to Home Office products, systems, and services.
• Supervise direct reports including management of performance and development.

Note: The post-holder may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence, and training.

Essential skills and criteria

You’ll have a demonstrable passion for Vulnerability Management, with the following skills and experience in:

Strategy and architecture

• Security and Privacy
  • Threat intelligence THIN – Level 4

Delivery and operation

• Security Services
  • Security operations SCAD – Level 4
  • Vulnerability assessment – VUAS level 4

The skills listed above are reflective of the Home Office DDaT Profession Skills and Competency Model (based on the industry standard SFIA framework).

Please see below for the relevant skills required for your role:

• Experience in a related information security, cyber security, or information assurance discipline, with experience in information and/or cyber security threat and risk analysis.
• Understanding of Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) platforms and targeted cyber-attack analysis
• Knowledge of common cyber security threats, vulnerabilities, and exploitation tactics.
• Experience of analysing and interpreting threat and vulnerability information into risk and articulating the potential business impact.
• Is able to undertake research and perform analysis with minimal supervision but can also work as part of a wider team when engaged on research and analysis tasks.
• Is able to work as part of a wider team of cyber security professionals spread across multiple locations.
• Has excellent communication skills, verbal and written, and a good understanding of the use of different channels and formats for different audiences.
• Is familiar with key threat intelligence feeds and sources (e.g., NCSC, CiSP etc.) and possesses a good level.
• Can analyse and assess the potential business impact associated with a specific cyber security threat, vulnerability, and exploitation tactics, and possesses knowledge or experience of applying the necessary controls required to mitigate the relevant risk.
• Functional knowledge of some / all of the following: TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
• Functional knowledge of some / all of the following technologies: UNIX, Linux, Apple, and Windows.

Desirable criteria

Ideally you will also have the following skills or some experience in:

• Some experience in line management and/or leading teams.
• Working in a ‘Security Operations Centre’ environment.
• Building strong partnerships with peers across the technology organisation and navigating the complex landscape of technologies, 3rd party suppliers, internal and cross-government teams.
• Communicating in a verbal and written manner, and a good understanding of the use of different channels and formats for different audiences.
• Certification in relevant cyber security qualifications such as CISMP, CTIA, CRISC etc. or equivalent experience.
• Knowledge of cyber risk and controls frameworks, such as NIST, ISO27001, COBIT, BS EN 31111, Cyber Essentials, Cyber Defence Controls, Cloud Principles, and general NCSC guidelines.
• Experience of common threat analysis models and frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model etc.
• Experience in vulnerability research, malware analysis or exploit investigation.
• Experience of working within the UK public sector.

We’ll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Delivering at Pace
• Changing and Improving

We’ll assess you against these technical skills during the selection process:

• Strategy and architecture – Threat intelligence (THIN – Level 4)
• Delivery and operation – Security operations (SCAD – Level 4)
• Delivery and operation – Vulnerability assessment (VUAS level 4)

Alongside your salary of £41,600, Home Office contributes £11,232 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• A Civil Service pension with employer contribution rates of between 26.6% and 30.3%, depending upon salary.
• 25 days annual leave on appointment, plus 8 days public holidays and 1 day for the King’s Birthday, rising further with service.
• Flexible working options to enable you to achieve the work life balance that right for you including part-time, flexi time and job sharing.
• Training and development opportunities tailored to your role.
• A culture encouraging inclusion and diversity.
• Season ticket loans and rental deposit loans.
• Cycle to work and payroll giving.
• Employee discounts – including a huge number of retailers, Microsoft Home Use programme and gym membership.
• A variety of staff recognition schemes including thank you vouchers.
• Health and wellbeing initiatives including monthly mindfulness sessions.
• Staff support networks.
• Maternity, adoption or shared parental leave of up to 26 weeks full pay followed by 13 weeks of statutory pay and a further 13 weeks unpaid.
• Maternity and adoption support leave (paternity leave) of 2 weeks full pay.
• Up to five days paid leave for volunteering.
• Study leave and support for studying for a qualification or other accredited development relevant to your role.

You can find more information at Benefits – Home Office Careers

Summary

The first duty of the government is to keep citizens safe and the country secure. The Home Office has been at the front line of this effort since 1782. As such, we play a fundamental role in maintaining the security and economic prosperity of the UK.

The Home Office leads on immigration and passports, refugee protection, counter-terrorism, policing, fire services, and crime and drugs policy.

Digital Data and Technology (DDaT) enables the Home Office to keep the UK safe and secure. We design and build the services that help people apply for visas or passports; support policing and counter-terrorism operations; and protect the UK’s borders.

This is an exciting time to be at the Home Office. You’ll have a chance to shape the future and support our mission to deliver exceptional public services that work for everyone.

Our work is guided by these principles:

• we put user needs first.
• we value delivery and outcomes over process.
• we work in the open

Our flexible working policy ensures a healthy work-life balance. We also nurture talent and offer a broad range of learning and development opportunities that will help you flourish in your role.

We work hard to maintain a positive working culture and are committed to helping you fulfil your potential. We value diversity and provide an open, inclusive, and supportive environment to help you do your best work.

You can keep up-to-date with our work on the [Home Office DDaT blog.] (https://hodigital.blog.gov.uk/)