Archives: Jobs

Manchester Soapworks

A trainee Cyber Security Risk Manager supports an established team of risk managers across Home Office Cyber Security (HOCS) to identify, understand and mitigate cyber-related risks. They identify and evaluate security risks to information, systems and processes owned by the organisation, and proactively provide appropriate advice, drawing on a wide variety of sources, to stakeholders across the organisation and at a variety of levels. They provide risk or service owners with advice to help them make well informed risk-based decisions.

You will receive coaching, mentoring and direction from more senior team members.

The role is a trainee position where you can broaden you technical understanding and skills and start developing a specialisation.

The role is a pilot trainee position and will sit within the profession management team. You will be supported by numerous teams across Cyber Security to learn whilst on the job, where you can broaden your technical understanding and skills and start developing a specialisation. You will work under close supervision and can expect to benefit from training (formal and informal), coaching and mentoring to help you develop towards a permanent career in Cyber Security Risk Management.

We are offering 1 role in Manchester/Croydon. All roles will be appointed on merit order and location preference will be considered but not guaranteed.

Your main day to day responsibilities will be:

• Assisting in the planning and implementation of organisation-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data. Working with the team to monitor the efficiency and effectiveness of the risk management processes across the organisation and help make recommendations for continuous improvement.

• Collaborate to conduct reviews and risk assessments when necessary and help feedback findings to the relevant parties. Contribute to communicating risk assessment outcomes to stakeholders in ways that support effective security, risk management and decision-making, and advise stakeholders on their approach to risk assessment in the context of their business outcomes

• Work within established security and risk management governance structures, under supervision to support, review and undertake straightforward risk management activities such as: helping with the analysis and derivation of business-supporting security needs; undertaking cyber security related risk assessments; basic threat assessments and other risk management activities

• Interpret and contribute to the development of risk management-related policy and assure the ongoing appropriateness of policy in accordance with regulation and wider departmental and government policies. Have some understanding of the applicability of appropriate regulations.

• Help to provide advice to address identified cyber security related risks by applying of a variety of security capabilities. Provide straightforward advice to validate the effectiveness of risk mitigation measures, including some understanding of how to use different assurance activities (such as a pen test) and make recommendations for improvement

• Help to advise risk or service owners to make decisions that are well informed by good and clear security advice, including making some contribution to reports or working within established reporting chains in a security team

Note: An employee may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training.

Due to the nature of this role/business needs, this post is available on full-time and flexible working only but not on part time basis.

Hybrid Working

Hybrid working enables employees to work partly in their workplace(s) and partly at home.  A hybrid working pattern may be available, where business needs allow. Applicants can discuss what this means with the vacancy holder if they have specific questions.  Some occasional travel will be required.

You will also be expected to carry out the following day to day activities:

• Help to identify process optimisation opportunities and work on the implementation of proposed solutions

• Driving the collection of statistical information relating to systems security incidents and identified vulnerabilities to produce reports for senior stakeholders

• Working with members of the team to ensure that everyone is up to speed with Home Office and security principles and developing in line with Home Office values

• Working closely with other Home Office Cyber Security (HOCS) personnel to ensure that specialist knowledge is kept current

• Assist with providing ad hoc support to IT teams by answering general enquiries about information security requirements

• Participating, contributing to, and supporting collaboration initiatives and career development within the community, building in-house capability via the professional community of practice

• Supporting reviews of security policy documentation, including procedures, processes and security notices, to ensure that requirements from governance, such as the System Security Document are reflected

• Helping to plan and deliver internal security audits, assisting with analysing audit data in order to help make recommendations on how we can ensure information conforms to processes, procedures and regulations

• Communicating effectively with relevant teams and stakeholders regarding the importance of security considerations and respond accordingly to changes in policy and procedure

• Supporting the review of internal controls following any security breach, helping to provide advice on how to remediate any vulnerabilities discovered.

• Working with the team on remedial solutions and helping to ensure resolution activities are carried out through liaising with the appropriate stakeholders

• Working with technical teams to audit the continuous monitoring of designated systems and networks and the recording of security events and incidents to highlight system and network errors and support investigations

• Ensure all identified risks are managed in accordance with Home Office risk management policies.

Note: The post-holder may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training.

Skills and experience

Essential criteria

You’ll have a passion for Cyber Security. Please see below some of the relevant skills required for this role which you may want to address in your application:

• Communication

• Problem-solving

• Time management

• Critical thinking

• Decision-making

• Adaptability

• Conflict management

• Leadership

• Resourcefulness

• Motivation

• Collaboration

• Flexibility

• Willingness to learn

• Resilience

Desirable criteria

Ideally you will also have some experience and/or awareness of:

• Risk management

• Audit and audit tools

• Understanding of Lean, Agile and DevOps principles within a Product-centric delivery model

• Currently enrolled onto a Level 6 apprenticeship scheme

• Currently enrolled onto a Cyber Level 6 apprenticeship scheme

We’ll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Changing and Improving
• Delivering at Pace

We’ll assess you against these technical skills during the selection process:

• Cyber Policy

Alongside your salary of £32,000, Home Office contributes £8,640 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

Portsmouth – National Maritime Information Centre

Border Force is a Law Enforcement arm of the Home Office. We are responsible for handling the UK border control by implementing immigration and customs regulations and working with the wider Home Office on counter terrorism, organised crime, modern slavery and trafficking. Learn more on the Border Force careers page.

The Joint Maritime Security Centre (JMSC) is the UK’s cross government organisation for maritime security. JMSC provides expert advice and support to government (including the Devolved Administrations and Crown Dependencies) on maritime security, including maritime related threat, operational and response mechanisms.

JMSC comprises operational and intelligence/information elements. The Operations Centre provides 24/7 awareness of the UK’s maritime asset distribution and ensures a coordinated and whole-system response to maritime security incidents at sea. It contributes to the integrity of UK waters and the mitigation of threats at sea by informing operational decision making. On behalf of government, The JMSC Operations Centre also owns multi-agency CONOPs and delivers a joint exercising calendar. Watchkeepers are a key element of this team. The National Maritime Information Centre is the multi-agency construct that enables joint operational activity, information sharing, and collaboration at the operational and tactical levels.

The new JMSC Assessment capability will produce global strategic maritime security assessments to inform UK government and other stakeholders of threats within or emanating from the maritime domain. Activity will normally be commissioned and prioritised by the National Maritime Security Committee (Officials) (NMSC(O). Professional standards will be compliant with the Cabinet Office Professional Head of Intelligence Assessment (PHIA).

JMSC is led by Head JMSC who is organisationally accountable to the Joint Governance Board (JGB), comprising sponsors from the Home Office, Department for Trade and Ministry of Defence.

As an intelligence analyst within the JMSC Assessment team, the post holder will report to and take direction from their respective Lead Analyst to fuse intelligence and information to produce global maritime security threat analysis and understanding in accordance with JMSC strategic and operational priorities. They will also have responsibility for one or two thematic threat areas.

This work is at the cutting-edge of delivering cross-government maritime security threat assessments in support of delivering the JMSC Mandate.  It offers a challenging opportunity to join a collaborative intelligence community and participate in developing and delivering Government-facing, consolidated maritime security threat understanding.  Analysts will be able to collate and cohere threat understanding from across the national and international intelligence communities, contributing to the development of assessments to inform decision-making at all levels. The primary output ultimately supports the  NMSC(O) in delivering the UK’s National Strategy for Maritime Security.

Responsibilities

Duties include but are not limited to:

• Drafting high-quality, global maritime threat assessments and presentations to satisfy standing and ad hoc intelligence requirements.
• Maintaining and building enduring linkages with national and international intelligence counterparts, to understand threats in a designated geographic region.
• Building an exhaustive knowledge and understanding of all threat vectors within a designated geographic region.
• Understanding, articulating, and helping drive forward JMSC Assessment output, and in turn, supporting wider business to deliver the JMSC Mandate.
• Providing strong support to their Lead Analyst regarding a specific area of analytical responsibility, including day to day and urgent, high profile or sensitive issues;
• Proactively taking responsibility for engaging, delivering outcomes and resolving issues.
• Providing high quality, succinct, timely and accurate, advice and briefings.
• Maintaining an overview of issues affecting wider JMSC Assessment activity.

Candidates to Note:

• Flexible or part time working will be considered but not all work patterns can be supported due to the business critical nature of this role.  Prospective candidates should discuss work patterns (for more details see further information).
• Post holders are expected to successfully obtain developed Vetting (DV) level clearance as part of the Pre Employment Checks, if not already held, prior to starting in their post

We are looking for someone who:

• Is a self-starter who can work effectively under pressure, taking responsibility for delivery, and works collaboratively with others to achieve the JMSC’s objectives.
• Must be able to build effective stakeholder relationships
• Has strong communication skills.
• Is able to prioritise work.
• Has a keen interest in expanding knowledge and keep up to date with global affairs

Essential Criteria

The successful candidate must be able to demonstrate:

• Have previously applied analytical skills independently to complex work, with an element of supervision.
• Be able to exercise judgement in selecting the best approach to achieve the task while meeting existing standards and procedures.
• Be able to tailor your approach to best meet deadlines.
• Demonstrate how your work and the work of your team can assist and inform organisational objectives and the wider understanding of potential threats
• Ability to develop strong stakeholder relationships, both domestically and internationally with a view to building enduring and collaborative analytical partnerships
• Use creative and critical thinking in analysis and research to support assessments, applying structured methods to explain how verdicts have been reached.
• Articulate thought processes and complex matters concisely, visually, verbally and in writing.
• Must hold a minimum of SC clearance and be willing to obtain DV clearance once in post.

Desirable Criteria 

• An ability to routinely review effort and outputs, taking the initiative to appropriately challenge and suggest improvements.
• Understand your areas of responsibility and display awareness of the wider impact of your actions.
• Completion of Professional Head of Intelligence Assessment’s (PHIA) new analyst training (or its predecessors) or equivalent.

Note:  These are desirable criteria and the absence of experience in one or more of these areas should not be a barrier for strong candidates.

We’ll assess you against these behaviours during the selection process:

• Managing a Quality Service
• Communicating and Influencing
• Delivering at Pace
• Making Effective Decisions

We only ask for evidence of these behaviours on your application form:

• Managing a Quality Service

Alongside your salary of £32,000, Home Office contributes £8,640 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

London

Business Unit Information 

The Government Security Function (GSF) oversees the delivery of protective security across Government. Our Mission is to enable Government to protect citizens and provide vital public services by understanding and managing security risks. We set the strategy and standards for Government Security, monitor departmental security performance, manage pan-government security incidents, support the delivery of key security capabilities and lead the Government Security Profession.

The Government Security Group (GSG) is the centre of the Security Function, based within the Cabinet Office. GSG is transforming the Government’s approach to protective security to ensure it is fit to meet the challenges of the digital age. This role offers an exciting opportunity to work in a fast-paced, dynamic team, with a breadth of stakeholders including in other Government departments, the National Technical Authorities and the Agencies, and to contribute to delivering improved security across Government.

To support the mission of the Government Security Function, in January 2022 we published the Government Cyber Security Strategy. This sets out how we will improve the cyber security of the Government up to 2030. To support the implementation of this strategy, the Cyber Directorate has established a Programme Management Office responsible for overseeing, coordinating and supporting all of the ongoing work across Government.

These roles will support the Programme Manager and lead the two branches of the PMO. The first branch of the PMO is the reporting team. This team is the eye and ears of the PMO and is responsible for maintaining an overview of the current progress and risks within the programme. This role focuses on maintaining a clear picture of our delivery partners progress on delivering the strategy and clearly communicating this to seniors when required. You should be the first person to notice when something is going wrong, triage the problem and work with teams to ensure they are being resolved. 

The second branch of the PMO is the enabling function of the team. The role of managing this team is all about making our Programme more effective and runs in two main parts. Primarily this is a hub for specialist project management resources that projects can’t have locally.This means specialist skills that projects don’t need full time, such as business case development, can be provided to projects while functions like stakeholder management can be managed at programme level on behalf of the project team. Secondly, the successful candidate will be responsible for managing any thematic risks that are identified through reporting and fall within the remit of the PMO. 

For both roles we are looking for candidates with a solid foundation in project management. We expect that the successful candidates will be able to provide support and cross cover between the two roles when it is required. 

Key areas of responsibility

The post holders will be responsible for:

• Team Leadership – Coordinating the activities of the team, including ensuring that the work is appropriately prioritised.
• Communications and stakeholder management – Identifying and managing stakeholder relationships. Managing internal and external relationships as appropriate by developing the communications strategy for the programme.
• Business case support – To provide expert advice on developing business cases to project leads and SMEs.
• Guidance – To provide direction and guidance on development to the PMO and more broadly across the program.
• Risks and issues – Ensuring mitigation’s for cross cutting risks are in place and resolved through negotiated agreement.
• Dependency management – Working with project leads and business as usual to ensure dependencies are actively managed, act as an arbiter and enforcer and resolve issues between the various elements of the programme.
• Programme performance and controls – Maintaining overall integrity and coherence of programme and governance framework to support each project. Plan programme assurance activities.

Essential skills and experience:

This role is aligned to the G7 Programme manager role in the IPA’s project delivery capability framework. The definition of Working level and Practitioner are contained in that framework along with more detailed definitions of the requirements below below. 

• Planning – Practitioner level.
• Stakeholder engagement – Practitioner level. 
• Risk and issue management – Practitioner level. 
• Influencing – Practitioner level. 
• An appropriate project management qualification such as: Managing Successful Programmes Practitioner, PRINCE2 Practitioner, Managing Successful Programmes Advanced Practitioner, APM Project Management Qualification, APM Chartered Project Professional, Project Leadership Programme, Leading and Managing Project Workstreams or equivalent. 

Desirable skills and experience:

• Collaboration – Practitioner level. 
• Conflict resolution – Working level.
• Inspiring others – Working level.
• Commercial and procurement skills – Working level.
• Working with ambiguity – Working level.
• Business case development – Working level.

Licences

Must hold a valid SC or be willing and eligible to undergo one.

Qualifications

An appropriate project management qualification such as: Managing Successful Programmes Practitioner, PRINCE2 Practitioner, Managing Successful Programmes Advanced Practitioner, APM Project Management Qualification, APM Chartered Project Professional, Project Leadership Programme, Leading and Managing Project Workstreams or equivalent.

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Communicating and Influencing
• Working Together

We only ask for evidence of these behaviours on your application form:

• Changing and Improving
• Communicating and Influencing

Alongside your salary of £50,694, Cabinet Office contributes £13,687 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role.
• An environment with flexible working options.
• A culture encouraging inclusion and diversity.
• A Civil Service Pension which provides an attractive pension, benefits for dependants and average employer contributions of 27%.
• A minimum of 25 days of paid annual leave, increasing by one day per year up to a maximum of 30.

National with regular travel

Digital and Information Directorate (DID) brings together professional experts in digital technology, security, information management and operational process transformation to deliver high quality services to the CPS.

We look to build positive partnerships across the CJS, and with our wider government colleagues, to implement innovative ways of working, reduce corporate risk, improve user experience, and enable colleagues to successfully deliver their business.

The Security and Information Assurance Division (SIAD) consists of a number of separate, but interlinked, teams within DID who provide holistic advice and guidance on all aspects of security and information assurance to the organisation. The Division is made up of:

•   Operational Security Team (OST)
•   Records Management Team (RMT)
•   Data Protection Compliance Team (DPCT)
•   Information Access Team (IAT)
•   Change and Engagement (CE)
•   Information Management and Architecture Team (IMAT)
•   Cyber Security Team (CST)

The Deputy Head of Cyber Security posts will be leading key projects / programmes and, together, with the Level E lead CST. The Deputy Head posts will also lead team members and provide specialist advice on cyber risk management and day to day operations as well as strategy and policy.

The CST is responsible for cyber security incident management, engagement with suppliers and other Government Departments to ensure the delivery and development of an appropriately secure ICT network and other digital services.

The role of Deputy Head of Cyber Security is to assist the Head of the Cyber Team in providing strategic leadership and direction for cybersecurity-related activities within the Crown Prosecution Service. The role will work closely with the Head to develop and implement cybersecurity strategies, policies, and initiatives that align with the CPS’s goals and priorities.

The Deputy Head may oversee the day-to-day operations of the Cyber Team, including managing resources, coordinating tasks, and ensuring the effective implementation of cybersecurity measures. They work to enhance the CPS’s cyber defense capabilities, identify potential vulnerabilities, and establish incident response protocols.

This role is key to ensuring that CPS retains its position at the forefront of CJS IT by making sensible and sustainable information assurance decisions within this more complex environment. Decisions can have a critical impact on organisational effectiveness or the external reputation of the organisation.

Who are we looking for?

• A visible leader and confident manager.
• An effective communicator across all levels of our business, Other Government Departments and with our suppliers.
• An experienced cyber security professional capable of leading the development / implementation of cyber security policies and workstreams. Your expertise will be supported by ‘real world’ experience and enable you to negotiate, persuade and coach effectively – establishing credibility and trust with senior stakeholders.
• An effective decision maker; someone who can assimilate knowledge quickly and promptly decide on next steps during a cyber security incident.
• A capable planner whose project management skills enable them to design clear, pragmatic and achievable plans.

The Deputy Head of Cyber Security will lead on various cyber security workstreams the for the CPS. The roles will have a specific focus on delivering on the objectives and outcomes within the CPS’ cyber security strategy and will be responsible for ensuring that the strategies deliverables are met, and feed this back through the governance and reporting structures.

• Leading work to understand the CPS cyber security and resilience risk to ensure the effectiveness of proposed mitigations against the evolving cyber threat.
• The ability to build and maintain relationships across a stakeholder network, and to operate across Whitehall to deliver the CPS’ and government’s priorities will be a key objective.
• Engage with key suppliers and third parties and building and maintaining strong relationships with other government departments.
• Deputy Head will support the Head of Cyber with the implementation of a strategy on Cyber Operations and Cyber Incident Response.
• Line management of the Cyber Security Team members to ensure workloads are balanced efficiently and that personnel are given sufficient career development programmes.
• The role will also be responsible for our cyber security awareness and education program, with the objective of reducing the risk to our organisation.
• Prepare and present briefing papers that ensures the CPS Senior Leadership Team / Board are appropriately aware of cyber security risks and support the measures in place to mitigate these risks.

We’ll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Leadership
• Managing a Quality Service
• Making Effective Decisions
• Seeing the Big Picture

We only ask for evidence of these behaviours on your application form:

• Communicating and Influencing
• Leadership
• Managing a Quality Service

Alongside your salary of £51,870, Crown Prosecution Service contributes £14,004 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Join the Crown Prosecution Service (CPS) and have a future that matters: Find Your Purpose

CPS is passionate about ensuring that we are a top performing organisation and a great place to work. We are committed to be an equal opportunities employer and creating a culture where everyone can bring their whole self to work and individuality is truly appreciated.

We want to ensure all our employees can thrive at work and home and offer a range of support to achieve a balance. This includes where possible, flexibility of working hours, flexibility to support caring responsibilities and a flexible approach to deployment, which means that where you work (i.e. a court, an office, or a remote setting such as your home) will be based on the kind of work you are undertaking.

This culture of inclusion is underpinned by our staff networks covering Disability, Faith and Belief, LGBTQI+, Race, Social Mobility alongside our Mental Health First Aiders Programme and Wellbeing Sessions.

CPS commits to offer its employees the following experience

• Impactful, purposeful work – making a difference to your local communities
• The ability to learn and grow, with access to the right opportunities and resources
• To care about your wellbeing
• To feel valued, trusted and included

We also offer the following range of benefits:

• Civil Service Pension
• Access to employee savings
• Cycle2Work scheme
• 25 days leave, rising to 30 days after 5 years’ service.
• 1 extra privilege day entitlement to mark the King’s Birthday.
• Competitive maternity, paternity and parental leave
• Flexible working and a family friendly approach to work.
• Childcare vouchers unless already registered with the Government Tax Free Childcare Scheme)

London

The Prime Minister’s Office enables the Prime Minster to deliver the Government’s overall priorities and to communicate the Government’s policies to Parliament, the public and international audiences. From the Policy Unit and Press Office, Switchboard and Custodians, to the Events & Visits team and the world class Private Office support; the diverse Downing Street team draws on varied expertise from across the Civil Service and beyond. The teams come together to deliver excellent service to the Prime Minister while also making No10 a great place to work.

The Role

As a Custodian Apprentice at the Prime Minister’s Office, you will help to protect our people and assets to make our complex security operation a success. You will work with a team of motivated professionals to provide a reassuring presence, while conducting a range of security duties and responsibilities.

A focus of the role will be to use bespoke security architecture (e.g., CCTV and Access Control systems) to maintain security assurance across our estate. You will also be responsible for processing visitors and vehicles and engaging in incident and emergency response.

Diversity is welcomed in our team and our Custodian Officers come from all walks of life. You do not need any security experience to apply.

Shift patterns and allowance

As a Custodian you will work a 24/7 shift pattern comprising of early, late and night shifts (including bank holidays & weekends). The average working week is 37.5 hours over 5 working days and two rest days. As such the basic pay is enhanced by 36.97% in allowances as of 2023.

Key responsibilities and skills;

• You will have good customer service skills and be keen to learn.
• You will enjoy working in a team, be calm under pressure and be assertive when giving instructions.
  You will be a confident communicator and take care to write clearly and concisely. With excellent attention to detail, you will compile accurate written logs.
• Proactive and motivated, you will be an effective time manager with strong administrative and observational skills.
• As the first person many people meet on entering No10 from staff to VVIP’s, you will have high personal standards, expecting nothing but the best of yourself and others.
• We will expect you to have some basic IT skills, including the ability to use email and Microsoft Office. Further training can be provided to develop these skills if required.

We’ll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Communicating and Influencing
• Working Together
• Developing Self and Others

Alongside your salary of £25,277, Cabinet Office contributes £6,824 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role.
• A culture encouraging inclusion and diversity.
• A Civil Service Pension which provides an attractive pension, benefits for dependants and average employer contributions of 27%.
• A minimum of 25 days of paid annual leave, increasing by one day per year up to a maximum of 30.

These positions can be based at either Main Building, London; RAF Wyton, Huntingdon or MOD Corsham, Wiltshire.

Allowances: A Recruitment and Retention Allowance (RRA) of up to £9k per annum may be payable with this post.

Location: These positions can be based at either Main Building, London; RAF Wyton, Huntingdon or MOD Corsham, Wiltshire.

Are you ready to work in one of the most interesting cyber security environments and share your experience to support national security?

Interested in projects at the cutting edge of world leading, military technology, such as next-generation fast jet capabilities, unmanned systems, highly secure networks, future warships & military vehicles and ground-breaking sensor technology?

So, who are we?

We are Defence Digital’s Cyber Assessment and Advisory Service (CySAAS) team, within our Cyber Defence and Risk (CyDR) organisation. Consisting of sub teams which assess specialist ICT, communication and weapons systems, we provide assurance, support and advice across the organisation. Our team thrives on curiosity, new ideas and creative thinking, driving a culture of exploring further and influencing wider, making Cyber security a leader in Defence.

CyDR sits at the forefront of cyber security and information technology and is responsible for enabling the provision of specialist assurance and cyber security services across UK Defence, our industry partners, other Government departments and our international allies.

Defence Digital, part of the Ministry of Defence, provides digital and technology services to our Armed Forces and operates at scale, with an annual budget in excess of £2Bn and a diverse team of 2,500 colleagues. Our aim is to make our Armed Forces some of the most technologically advanced in the world.

As a Civil Servant, you’ll have access to our range of excellent benefits, including flexible working, discount schemes, generous leave allowance and a market-leading Civil Service pension.

Our commitment to your development is fundamental and you’ll be able to take advantage of fantastic learning and development opportunities, tailored to your role and beyond. Whilst in post, you’ll be able to gain industry recognised qualifications, such as CISSP or CRISC and we’ll support you throughout the process.

This is a fantastic opportunity to join our team and become part of our exciting future.

This position is advertised at 37 hours per week.

As a Cyber Security Risk Assessor within the CySAAS team, you will lead a team providing timely, impartial and consistent assurance, assessment and advisory services across Defence.

Senior personnel will rely on your expertise to ensure they have an accurate understanding of through-life cyber security risks, so they can make informed business decisions. You will work with projects that involve complex technical and security challenges, which may include highly sensitive networks, cryptography and next-generation military vehicles and weapons systems.

Along the way, you will strengthen links with other cyber security bodies and business functions – from business delivery partners who provide project-based assurance activities, to industry trade bodies and organisations which deliver Information Technology (IT).

As an experienced cyber security leader, you will bring to the role a proven ability to communicate at all levels of a diverse organisation. As thought leadership will be a key aspect of the role, you will need to demonstrate a talent for solving complex problems through innovation. You will have the ability to advise on complex risk balance decisions; to explain cyber security policy, governance and technology to non-experts; and to lead a diverse team of skilled cyber security professionals. With you on board, we will develop a culture across UK Defence which values and protects data.

Responsibilities:

• Provision of timely, impartial and consistent accreditation, assessment and advisory services across Defence, to ensure that senior leaders have an accurate understanding of through-life cyber risks and can make informed business decisions.

• Leadership of cyber security assessment personnel. This may include management of Assessors to ensure:

– Strategic direction for MOD accreditation is on track

– Functional mentoring and professional training and development are achieved

– Accreditation related management information is accurate and up to date

– Workloads are balanced efficiently

• Ensuring assurance activities are completed in accordance with Government policy, including escalating risks, explained in business terms, to aid the Senior Leader’s decision-making process.

• Strengthening links with other cyber security bodies and business functions across Defence including:

– Business delivery partners: e.g., Defence Intelligence, Defensive Cyber Operations and Principal Security Advisors

– Business representatives: to help deliver secure IT requirements

– Industry trade bodies: building relationships through encouraging CySAAS attendance at appropriate events

• Work to develop a pan-Defence culture which values and protects data appropriately. Lead transformation programmes, within your area of responsibility.

• Promote the benefit of CySAAS outcomes and actively contribute to MOD and Pan Government IA forums, liaising with other Government Accreditation Authorities as appropriate.

• Support to Deputy Head Cyber Security Assessment, including external reporting requirements.

• Taking appropriate action as required in response to issues/events e.g., tiger teaming, deep dives.

• Provision of specialist cyber security services to advise and assist on complex cyber challenges.

Person Specification

If you have the following skills and experience, we would love to hear from you!

Your experience is key and whilst not essential, it may be beneficial to have the following desirable industry qualifications or accreditation and experience or knowledge. Training will be provided for the following, where appropriate:

• Certified Information Systems Security Professional (CISSP)
• Certificate in Information Security Management (CISMP)
• ISO27001
• Lead auditor
• Certified Cyber Professional (CCP)
• Operational Security Management

Dependent on the business need, there may be a requirement to travel to meetings within the UK (or potentially occasional overseas visits).

Allowances: A Recruitment and Retention Allowance (RRA) of up to £9k may be payable with this post, paid in increments upon reaching the required level of competence.

Location: These positions can be based at either Main Building, London; RAF Wyton, Huntingdon or MOD Corsham, Wiltshire.

Work locations will be agreed once the successful candidates have been selected.

This job role may be suitable for hybrid working, which is an informal, non-contractual and voluntary arrangement, blending a balance of attendance in the workplace (your permanent duty station which is based on business assessment of where the work is best done) and working from home as a personal choice (if the role is suitable for this).  If you are successful, any opportunities for hybrid working will be discussed with you prior to you taking up your post.

If not already held, successful candidates will be required to undergo DV clearance. Please note these positions are open to sole UK Nationals only.

We’ll assess you against these behaviours during the selection process:

• Leadership
• Seeing the Big Picture
• Making Effective Decisions
• Changing and Improving

We’ll assess you against these technical skills during the selection process:

• Cyber Security Governance and Management
• Risk Management

Alongside your salary of £54,440, Ministry of Defence contributes £14,698 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role with a dedicated minimum of 5 days per year
• Flexible working options
• 25 days paid annual leave rising (by 1 day per year) to 30 days upon completion of five years’ service
• Ability to roll up to 10 days annual leave per year
• In addition to eight public holidays per year, you will also receive leave for HM The King’s birthday
• A Civil Service pension with an average employer contribution of 27%
• Parental and Adoption Leave
• Discounts on a range of services within and external to the civil service – Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, Company discounts with Virgin, Vodafone, and Microsoft Office.
• In year rewards and ‘thank you’ schemes such as vouchers and gift cards
• A culture encouraging inclusion and diversity
• Please see Benefits Leaflet for more detail

DD operates an organisation model in which every individual belongs to a Government Profession. The successful applicant will be posted into one of the defined Government Professions on Standard Terms of Reference for the grade. DD reserves the right to move individuals between roles, within their allocated profession, to meet the needs of the business and in support of agile resourcing.

Within DD each profession is led by a Professional Head of Community who will lead professional development and support the Continuous Professional Development path for their group.

DD is currently going through a Transformation Programme which aims to ensure we have the right workforce, with the right skills, to deliver the MOD’s Digital Strategy. As the programme progresses, DD staff may be required to undergo an assessment to understand and develop their upskilling needs to support the delivery of this strategy. This post may be impacted by Transformation.

Equality and Diversity

Our people are at the heart of everything we do at DD. It’s vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so we’re proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please let us know in your application or at any stage throughout the process if this is something you want to explore.

The post does not offer relocation expenses. The post does not offer relocation expenses (move of home, excess fares or temporary transfer)

 External recruits who join the MOD who are new to the Civil Service will be subject to a six month probation period.

Please note: Expenses incurred for travel to interviews will not be reimbursed.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.”

“MOD Recruitment Satisfaction Survey – we may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Notice sets out how we will use your personal data and your rights.

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment by 31st December 2022. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

 

The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk

 

MOD Main Building (London) or RAF Wyton (Huntingdon)

Do you want to help safeguard and protect our Armed Forces, personnel, assets, information and National Security? Then your next role may be with us!

The Directorate of Security and Resilience (DSR) mission is to support the delivery of Defence Security outputs by protecting our people, assets and information in the UK and overseas. DSR is responsible for setting resilience and security policy for Defence and provides advice on how to counter and mitigate the key threats and hazards faced by Defence from a wide range of threats including: hostile state actors, terrorist organisations, and serious and organised crime groups.

DSR delivers the MOD’s security policy on the Defence Nuclear Enterprise; culture and training; physical mitigations; personnel and vetting; policing and guarding; resilience and business continuity; and technical and industry. DSR leads the Security Function within Defence and is led by the Chief Security Officer of the MOD, who also acts as the Head of Profession for Security in Defence.

This position is advertised at 37 hours per week.

The Joint Security Coordination Centre (JSyCC) forms a key part of DSR and aims to provide the Chief Security Officer and other key stakeholders with a range of strategic and tactical analytical products focusing on security incident data. JSyCC is also responsible for coordinating incident response and remediation activity with a range of key MOD stakeholders and technical experts.

JSyCC maintains oversight of all incident reporting and is responsible for the provision of detailed analysis of incident data for a range of key stakeholders including MOD seniors and Ministers and it is likely that your analysis may form part of reports presented at the highest levels in Government.

Joining our team as a JSyCC Security Incident Analyst, you will be conducting initial incident triage involving the most serious security incidents impacting MOD, ensuring that all security incidents are reported in accordance with MOD policy and that the incident data recorded on the Defence Incident Management database is accurate and reflective of the risk/threat to MOD.

You will ensure that any incident data (for the highest priority incidents), used to produce analytical work and management information, is quality assured and reliable and you could find yourself liaising with Defence Intelligence, Ministry of Defence Police and Service Police on a range of critical incidents.

Dependent on the ‘tasking’ and business need, there may be a requirement to travel to meetings within the UK. This post does not offer any assistance with relocation allowances.

The MOD operates an organisational model in which every individual belongs to a Government Profession. The successful applicant will be posted into one of the defined Government Professions on Standard Terms of Reference for the grade. The Directorate of Security and Resilience (DSR) reserves the right to move individuals between roles, within their allocated profession, to meet the needs of the business and in support of agile resourcing.

The day-to-day responsibilities include:

• Conduct and produce analytical products for MOD customers which cover security incident data. This will typically involve the use of Microsoft Excel/Power BI or other similar data analytics tooling.
• Respond to and process Ministerial/Parliamentary questions, Freedom of Information Act and Subject Access Requests.
• Operate, maintain, administer and develop the Defence Incident Management database.
  Conduct initial incident triage of high risk incidents.
• Monitor progress of incident remediation with Warning, Advice & Reporting Points (WARPs) and hasten accordingly.
• Monitor all incident communications and update incident records accordingly.
• Review incident data to identify personnel which may be responsible for multiple security breaches and escalate this accordingly to the relevant team (e.g., Vetting).
• Act as liaison with respect to security incident referrals from Other Government Departments
  (OGDs), Police or Public/Public bodies.
• Conduct assurance of incident data when an incident has concluded to ensure data quality &
  integrity.

You will need excellent communication skills and the ability to build strong working relationships with a diverse range of internal and external stakeholders.

You will need to be able to extract critical elements from a vast range of reported incident data and quickly identify risks, threats, trends, profiles and vulnerabilities that may impact MOD.

You will ideally have experience of working in an environment where you have a proven ability to triage/assess a variety of security incidents or critical incidents of a similar nature. These may be in any or all of the following security fields; Law Enforcement, Cyber, Physical, Personnel, Information or Technical.

Desirable criteria:

Any analytical qualifications or experience of either tactical or strategic analysis (e.g. GIS, i2, PowerBi).

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Leadership
• Working Together

We only ask for evidence of these behaviours on your application form:

• Changing and Improving

Alongside your salary of £27,080, Ministry of Defence contributes £7,311 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

You will have regular access to learning and development and continuous ‘on the job’ training and events. In addition, you will also be joining a team which has a strong culture for encouraging inclusion and diversity.

DSR also encourages flexible working. This job role may be suitable for hybrid working, which is where an employee works part of the week in their assigned office part of the week from home. This is a voluntary, non-contractual arrangement and your office will be your contractual place of work. The number of days that anyone will be able to work at home will be determined primarily by business need but personal circumstances and other relevant circumstances will also be taken into account. If you are successful, any opportunities for hybrid working, including whether a hybrid working arrangement is suitable for you, will be discussed with you prior to you taking up your post.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

The post does not offer relocation expenses.

External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment by 31st December 2022. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

MOD Recruitment Satisfaction Survey – we may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Notice sets out how we will use your personal data and your rights.

National

This role is a critical part of our Cyber Regulation team  which protects consumers by driving an increase in the cyber and security resilience measures of Ofgem-regulated companies. You will play an important role in managing Cyber Regulation projects, activities and communications whilst working closely with the senior leadership team and a wide range of public and private sector stakeholders.

Your work will enable a number of programmes designed to protect consumers across Great Britain by reducing risk and enhancing the cyber resilience of the electricity and downstream gas sectors. You will be central to our internal governance, risk management, planning and delivery.

Joining a multidisciplinary team as a Senior Cyber Project Manager, you’ll contribute to projects with high strategic impact that are critical to Great Britain’s critical national infrastructure.  It’s a role that involves extensive collaborative working – often on complex subject matter. You’ll need to be an accomplished project / programme delivery manager (accustomed to working with agile and/or waterfall methodologies) and it’s likely you hold a professional qualification in this. Ideally you will have a strong passion for cyber security or related area. You’ll be a highly motivated self-starter who can work independently and in teams, who appreciates the need for excellent communication, engagement, collaboration with different stakeholders, ability to write concisely – driving the appropriate balance between robust governance arrangements and not over-burdening participants. You should have a positive track record of managing and delivery of projects, e.g. developing and executing plans; managing risks and issues; driving and motivating diverse teams; use of project methodologies and tools; and reporting effectively. You should already hold or prepared to undergo SC vetting process, in accordance with national security vetting procedures.

You will have the opportunity to be a part of the ‘Project Management and Delivery’ and/or ‘Cyber’ professions within Ofgem which are both teams of highly skilled and collaborative individuals who are there to support you alongside a fantastic offering of learning and development in order for you to grow your personal and professional development.

Ofgem is proud to be an equal opportunity employer. We embrace diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of open and fair competition, merit and business need.

#LI-Remote

Ofgem is committed to making a positive difference for energy consumers through effective regulation of the market and close working with suppliers to ensure sustainable energy for consumers and businesses in the UK.

It is vital that operational systems and networks in the electricity and downstream gas sectors in Great Britain remain resilient against cyber and related security threats.

This role will be part of the Cyber Regulatory Team, within the Cyber Profession within Ofgem, tasked with implanting regulations for Operators of Essential Services (OES), to improve security and resilience. The role expects working involvement with Ofgem directorates, governmental departments and other Competent Authorities, as well as industry.

The key purpose of the role is to manage the delivery of Cyber initiatives, projects, activities and communications. The role will maintain and develop robust internal governance, risk management, delivery reporting, and resourcing.

You will be expected to be a self-starter, working with a diverse stakeholder client base, including permanent and contract resource. The complexity or breadth of products or teams will vary in this role, depending on the context. As a Cyber Delivery Manager, you will be expected to directly manage and/or support the delivery of multiple projects and complex products, made up of different teams and stakeholder interest. You will also be expected to provide leadership and oversight over a broader portfolio of projects.

This role will require a collaborative approach in working with colleagues both within Ofgem and with any co-sourcing partners, we may be working with. The candidate will have an extensive programme and project management experience and a pragmatic approach that balances the need for governance and rigour, while not over-burdening the stakeholders.

Within Ofgem this role is known as Senior Cyber Delivery Manager.

Key Outputs and Deliverables

• Programme and project management: Drive programme and projects to deliver on key milestones by developing and maintaining robust plans and roadmaps, covering key aspects, for example: producing plans (e.g. for Assurance, Incident & Compliance programme); deliverables and milestones; resource planning & management; roadmaps and timescales; status.
• Risk management and data management: Develop and maintain pertinent registers/logs, further driving options, actions and improvements e.g. upkeep and maintenance of the NIS OES Register; risks, assumptions, issues and dependencies (RAID) for programme/project; asset register. On anticipating risks, issues and dependencies – create viable options by articulating benefits, risks and impacts on options to minimise/highlight any disruptions/reputational damage in the decision making process
• Contract management and finance administration
• Co-ordinate stakeholder engagement activities: facilitating stakeholder engagements, panels, committees, workshops, events and forums.
• Reporting: Producing Cyber Regulatory and internal cyber reporting

Professional Development Lead (PDL)

For those with the additional responsibility of Personal Development Lead, the remit will include but not be limited to:

• Mentors and coaches staff on personal and professional development in line with the professional standards and behavioural framework for their profession.
• Undertakes their PDL responsibilities in line with Ofgem’s Diversity and Inclusion commitments, championing inclusivity in their approach.
• Collates 360 degree feedback from staff’s colleagues in a thorough and timely manner holding colleagues to account for providing high quality feedback.
• Assesses feedback against the behavioural framework and recommends overall performance rating to the Head of Profession based on sound, constructive and inclusive evidence.
• Delivers high impact and empathetic performance conversations with staff for effective performance management including poor performers.
• Acts as first point of contact in the event of deployment disputes prior to escalation to the Head of Profession.
• Advises staff on deployment opportunities as needed.
• Supporting deployment choices, as part of flexible resourcing.
• Performance management and assessment.

• Educated to degree level in programme/project management or holds one or more professional qualification in programme/project management (e.g. Prince 2, Agile, Scrum Master, CISMP, CISSP, CISM, or equivalent)  or relevant professional experience.
• Substantial programme management experience, working on their own and in teams, is meticulous, self-starter, ability to write concisely and communicate at all level
• Proven delivery experience in agile and/or waterfall concepts, with excellent communication, interpersonal, stakeholder management skills
• Experienced in developing robust plans/roadmaps, RAID, target operating models and can demonstrate use of project management and analytical tools
• Ability to manage resource, motivate teams, inspires and empowers others with experience in managing multiple project portfolio
• Ability to write and/or develop options, clearly articulating benefits, risks and impacts on options to minimise or highlight any disruptions or reputational damage in the decision making process
• Either holds or ability to achieve SC clearance

We’ll assess you against these behaviours during the selection process:

• Leadership
• Managing a Quality Service
• Delivering at Pace

We’ll assess you against these technical skills during the selection process:

• Please see Candidate Pack for more details.

Alongside your salary of £43,650, OFGEM contributes £11,785 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working (currently 1 day a week in the office but is in review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.

National

As Great Britain’s regulator for the energy industry, Ofgem exists to ensure a safe, secure and sustainable energy supply to British households and businesses.

Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system – a goal that everyone wants to achieve. Whatever your role, you’ll be playing your part in creating new energy solutions that are great for customers, and great for the environment.

This position will be part of the Cyber Security Profession at Ofgem, which comprises our Cyber Regulatory team, and our Security, Privacy and Resilience team. Underpinning the vision to improve the behaviour of energy sector participants and deliver greener, fairer outcomes for consumers, the Cyber Profession provides a dynamic environment which enables and inspires at all levels, to protect users’ security of energy supply, citizens & business energy data, and Ofgem’s internal people and operations.

As Ofgem’s Cyber Security Associate, you will take an active role in improving security and resilience within Ofgem and throughout the Downstream Gas and Electricity (DGE) sector. In addition to standard cyber security information technology principles, this is an exciting opportunity to actively participate in, and learn about cyber security with an operational technology emphasis, and be part of a growing and vibrant sector.

There will be the opportunity to develop policy, risk, and regulatory oriented skills (such as engagement, cyber regulation, assurance, data protection, privacy and policy), and operational and technical cyber skills (such as security operations, cyber architecture, and operational technology). This is a stimulating and rewarding role, and we are looking for a candidate with a strong interest in security and/or cyber security to be involved in ground-breaking work. Working in the internal Security, Privacy and Resilience (SPaR) team, you will be involved in keeping Ofgem secure. This could include participating in incident response activities, researching cyber threat intelligence, developing security policies and procedures relating to data protection and management of information, and multiple assurance type activities, such as risk assessments and impact assessments.

This is a great opportunity for someone that is keen, ambitious and seeking a new challenging, yet exciting role. If you have experience in cyber security, have worked within an IT environment, the Civil Service, or have completed or are completing further education or qualifications within a relevant field, please apply.

Ofgem offers incredibly flexible working practices, enabling you to manage your work/life balance successfully. There is also a great culture, with an approachable and friendly senior leadership team who are there to support you in your role.

Ofgem also has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. We want to bring different perspectives and experiences to our work, so everyone is welcome – as an inclusive workplace, our employees are comfortable bringing their authentic selves to work.

From day one within the Cyber Profession, you will take an active role in improving security and resilience within Ofgem and throughout the Downstream Gas and Electricity (DGE) sector. In addition to standard cyber security information technology principles, this is an exciting opportunity to actively participate in and learn about cyber security with an operational technology emphasis and be part of a growing and vibrant sector.

We offer a wide range of flexible working opportunities, including flexible resourcing – rotating around the different teams within the Cyber Profession.

There will be the opportunity to develop policy, risk, and regulatory orientated skills (such as engagement, cyber regulation, assurance, data protection, privacy and policy) and operational and technical cyber skills (such as security operations, cyber architecture, operational technology). You can be assured that the roles are stimulating and rewarding, and you will be involved in ground-breaking work. And it’s important to us that we recruit from a wide range of backgrounds – bringing different perspectives and experiences to our work.

Working in the internal Security, Privacy and Resilience (SPaR) team you will be involved in keeping Ofgem secure. This could include participating in incident response activities, researching cyber threat intelligence, developing security policies and procedures relating to data protection and management of information, and multiple assurance type activities such as risk assessments and impact assessments.

Our Cyber Regulatory team interfaces with the DGE sector. You may work alongside Cyber Researchers to investigate the latest in cyber technology, support our Cyber Advisors by engaging with Operators of Essential services to ensure cyber resilience is achieved and maintained throughout the DGE sector, and assist our Inspectors with the NIS (Network and Information Systems regulation) inspection programme. There will be the potential for sites visits where you can see the operational technology (e.g. substations) the sector is working to protect.

You will receive training and support with regular feedback on your progress. Your training opportunities are comprehensive and flexible. You will have the opportunity to attend a wide variety of internal and external training courses, covering an array of soft skills, as well as more role-specific courses.

Ofgem offers many diverse groups you can participate in such as the Women’s Network, Young Professionals Network, LGBT + Network, Culture Club, and many more. If you are a driven and ambitious individual looking to kickstart your career in cybersecurity and contribute to a diverse and inclusive organisation, we would love to hear from you. The candidate will have a chance to live Ofgem’s values by participating in programmes of work to promote and build a diverse and inclusive workforce within the Cyber Profession and directorates within Ofgem. Your voice and ideas will be important here.

Security, Privacy and Resilience 

• Working with the Incident Response team in maintaining the data breach log and assessing incidents/breaches. 
• Carry out open-source intelligence including collaborative working. 
• Development of cyber incident playbooks, use cases, etc. 
• Write, review, or contribute towards risks assessment in a digital service.  
• Review and maintain Data Privacy Impact Assessments and other data protection collateral. 
• Provide security risk advice, guidance, and support to the business. 
• Assist with department security education and awareness. 

Cyber Regulatory 

• Collaborating and working with Cyber Advisors on the NIS Directive, its application across the DGE sector and engaging with Operators of Essential Service (OES).  
• Visiting OES operational sites (e.g., generation site) with the Engagement or Assurance teams. 
• Assessing RIIO (Revenue=Incentives+Innovation+Outputs) submissions from a cyber perspective. 
• Collaborating with Cyber Security Architects on DGE cyber architecture guidance. 
• Researching cyber related technologies. 
• Collaborating and working with the Assurance team on cyber related inspections. 
• Contribute to the development of cyber security programme and project plans, management of workflows and maintaining a programme risk log.

General

• Research and implement practises that promote a diverse workforce within Cyber. 

Strong interest in security and/or cyber security.

These opportunities would suit individuals who have previous experience within fields such as cyber security, or similar such as within an IT environment, the Civil Service or have completed or are completing further education or qualifications within a relevant field.

Willing to be flexible, learn quickly, and deliver on a number of different projects.

Good analytical and problem-solving skills.

Able to communicate (in person, over video/phone, and written) effectively and build strong relationships within a team.

Either holds, or has the ability to achieve, SC clearance

We’ll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Working Together
• Developing Self and Others

We’ll assess you against these technical skills during the selection process:

• Please refer to the Candidate Pack attached for full details.

Alongside your salary of £23,450, OFGEM contributes £6,331 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working (currently 1 day a week in the office but is in review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.

Multi-location from one of our FSA Offices (Belfast, Cardiff or York), or home based in the UK. Please be aware that this role can only be worked within the UK and not overseas. Travel across the UK will be required on an occasional basis, possibly with overnight stays.

The Food Standards Agency (FSA) puts information and data at the centre of its work to keep food safe. We believe that consumer trust relies on openness and transparency, as well as security around the safeguarding of sensitive information. We are looking for a Security Risk and Governance Lead who can help us deliver a resilient security service. From assurance and governance to the provision of security advice and the delivery of a security-forward culture, you’ll help to champion this important area throughout the FSA.

Leading on security risk management, you will work with stakeholders across the FSA, offering advice, apply our security capabilities and drawing on your expertise to better mitigate identified risks. You will lead a small team that delivers a crucial service within the organisation, and will have the opportunity to develop and lead on a varied portfolio of work, from security incident management to engagement with cross-government organisations. As you engage with this wide-ranging stakeholders, your talent for effective communication will enable you to make the necessary impact, and influence those around you into committing to better security awareness. You’ll have the vision to pick out the key actions that will guide our actions as we seek to delivery better data security across the organisation. Your decisions, influence, and leadership will all enable the FSA to better deliver these crucial services and, ultimately, position itself to better engage with its core mission of ‘food you can trust’.

Please read the attached Candidate Pack to discover further details about the role, our organisation, who we are looking for and the criteria we will assess against during the selection process. We look forward to receiving your application and wish you every success.

We’ll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Communicating and Influencing
• Managing a Quality Service

Our candidate pack details the benefits that the FSA has to offer. Please also refer to the attached Terms and Conditions statement.