Location
About the job
Job summary
At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.
We want to maximise the potential of everyone who chooses to work for us, and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.
Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role
See what it’s like to work at HMRC: find out more about us or ask our colleagues a question. Questions relating to an individual application must be emailed as detailed later in this advert.
Job description
This is an exciting opportunity to be at the heart of security risk management in HMRC and to be part of the Government Security Function, working to keep the UK safe.
You have the opportunity to work across all levels up to board level. Offering you a rare glimpse into how HMRC cyber risk can affect National Infrastructure, we work alongside GCHQ, NCSC and others to minimise and mitigate cyber threats that could be detrimental to the way the UK Government collect taxes. We are held accountable not only by taxpayers, but also our board and parliament.
Working with us means making a real impact on millions of people’s lives. It also means gaining new skills, growing your knowledge and taking your expertise further across a range of fascinating and vitally important work. Where possible we will fund your external training to further upskill you and help you gain a wider knowledge of cyber security.
This is an exciting time to join the HMRC Cyber Security Risk team. Our mission is to reduce HMRC’s security risk exposure whilst enabling HMRC to meet its business objectives effectively and to maintain public confidence in our services. We do this by providing expert security risk-based assurance, oversight and challenge.
Responsibilities
Main responsibilities:
- Leading on all aspects of reporting against the Tier 2 Cyber Risk and other forms of reporting as per business needs.
- To develop and maintain close working relationships with stakeholders to obtain high quality security risk data.
- Develop and maintain systems and processes for gathering and storing security risk data.
- Analysis of cyber threat landscape.
- Working closely with Head of Cyber Risk to measure effectiveness of risk measures and controls.
- Engaging with the wider CDIO to gather a view on current risks and how they are being managed and remediated.
- Creating effective networks inside HMRC security to ensure a joined-up approach to risk management.
- Strong organisational skills are a critical element of this role, as is the ability to prioritise and manage a workload, analyse complex information, present recommendations, and make effective decisions.
Person specification
Essential Criteria:
- Strong organisational skills, ability to prioritise and manage workloads, analyse complex information.
- A confident communicator, both written and verbal, and confident managing communications at all levels.
- Strong stakeholder management skills.
- You must be able to show evidence that you are organised and can run several areas of work concurrently.
Desirable:
- Previous cyber security enterprise risk management experience.
- CISMP or equivalent qualification, or be willing to work towards achieving.
- Risk management experience in a large and complex enterprise environment.
Benefits
- Learning and development tailored to your role
- An environment with flexible working options
- A culture encouraging inclusion and diversity
- A Civil Service pension with an average employer contribution of 27%
- 25 days annual leave, increasing 1 day per year up to 30 days
Find more about HMRC benefits in ‘Your little extras and big benefits handbook’ for further information or visit Thinking of joining the Civil Service.