Archives: Jobs

Bristol, South West England, BS1 6PN

The Infrastructure and Platforms Service is responsible for delivering the underlying structure required for the digital solutions which allow The Planning Inspectorate to achieve its objectives.

The Inspectorate’s Digital platform portfolio has evolved over recent years to a fully cloud-based set of services. The core of our solutions is found in Azure / M365, with Microsoft Surface and Apple iPhone client devices. We have a number of bespoke products as well as off the shelf applications and we work alongside several partner organisations who provide telephony, hardware support, and help desk services.

This role leads a small team of Infrastructure Engineers in providing a top-quality service to our users. You will be ensuring the systems supported by the team are available, secure, and functioning well. You will also ensure our users have working devices and access to the applications and tools needed to carry out their jobs.

The Planning Inspectorate has a long and proud history in ensuring a fair planning system for England. The work we do has a significant impact on people’s lives, the communities where they live and the economy.

We want our colleagues to be able to work more flexibly and more collaboratively, exploring new and innovative ways to improve the way we provide services.

For further information on the Planning Inspectorate, please see the information pack attached.

There are some important attributes that we are looking for in anyone joining the team. You must have a collaborative approach and a passion to communicate effectively. You will take accountability and ownership and have the ability to coach, mentor, reflect and to give and receive feedback. You will be flexible and adaptable and be passionate about having ‘The Customer’ at the heart of what you do. You will have a flexible communication style and be able to explain issues to your colleagues in the Digital and Data Service and to both technical and non-technical stakeholders in the wider organisation. This is a fast-paced environment, but we recognise the value of a work-life balance for our people. You will not just be part of a team but a community that supports each other. 

In a typical week you will: plan the team’s workload, including your own, and carry out line management duties; work proactively with Service Managers and Architects on the roadmap for the Service; be involved in cross-departmental meetings to understand workstreams and manage resources accordingly.

You may need to respond quickly to problems or incidents using both your technical and interpersonal skills to investigate, communicate, and resolve issues, delegating tasks to the team as required.

You will also be part of an on-call rota.

While the minimum attendance in Temple Quay House for office staff is 12 days per year, the team is typically on-site more frequently to perform key tasks and provide on-site support to other staff. The successful candidate will need to agree appropriate attendance levels for themselves and the team with the Service Manager.

For full information on the role and assessment process please refer to the candidate pack attached.

Hybrid working

All of our office-based roles are contractually located at Temple Quay House in Bristol. Most of our roles are able to work in a hybrid manner and you will be expected to attend Temple Quay House at least 12 days a year. Depending on your role, you may be required to attend more often than 12 days a year either permanently or temporarily to ensure we deliver our services in the most efficient and effective way for our customers. If you would like to discuss our Hybrid Working Policy in more detail. Please contact us at [email protected]

Essential Criteria

• Problem-solving experience and excellent communication, customer engagement, and inter‐personal skills.
• Experience of Microsoft Azure management, including but not limited to configuring environments for additional services, building, and commissioning additional services, maintaining a secure environment and patch management.
• Experience of managing and maintaining a Microsoft 365 environment including, but not limited to, policy management and deployment, security, and application deployment.
• Experience of implementing and managing monitoring tools.
• Knowledge of backup tools andanti-virus software.
• Experience of IT service management tools (preferably ServiceNow).
• Experience of working within SLAs and ITIL processes.
• Knowledge of Cyber Security issues and the challenge facing organisationsin the digital enabled world and how to prepare the organisation to reduce the risk of malicious attacks.  
• Awareness of key change management processes.
• Relevant professional qualification at practitioner or advanced level (e.g., BCS Certificate in VeriSM, ITIL Practitioner, Microsoft Certificate) or willingness to study for a qualification within a reasonable length of time.
• The post holder will be expected to manage and participate in a 24/7 on-call rota for out of hours support for critical infrastructure. With a full team in place this equates to being on-call for one 7-day week in four. An on-call allowance is provided.

Desirable Criteria

• Experience of Active Directory (preferably including Azure Active Directory) and Group Policy administration.
• Experience of managing Windows Server 2003 – 2012 environments including patching and monitoring.
• Knowledge of virtualization technology, in particular VMWare.
• Experience of configuring and supporting infrastructure equipment such as switches and routers.
• An understanding of Service Management Framework principles and processes.
• Knowledge of the Government’s Digital strategies and codes of practice.
• Awareness and understanding of industry standard security issues and processes. An understanding of ISO27001 would be an advantage.
• Understanding of Data Protection regulations.

We’ll assess you against these behaviours during the selection process:

• Delivering at Pace
• Changing and Improving
• Managing a Quality Service
• Leadership

We’ll assess you against these technical skills during the selection process:

• M365, Azure, MS Server Management
• Service Monitoring and Service Level Agreement Management

• Flexible working options, including flexi-time, part-time, compressed hours and home working if suitable for the role.
• A working culture which encourages inclusion and diversity.
• There is a choice of excellent pensions schemes. More information about pensions can be found at https://www.civilservicepensionscheme.org.uk
• 25 days annual leave increasing by 1 day per year up to 30 days after 5 years, plus 1 privilege day to mark the King’s birthday. In addition to the usual bank holidays.
• Generous family friendly policies.
• Fast and modern IT kit which utilises Microsoft Office 10 and O365, enabling seamless working from home and collaboration across team

Bristol, South West England, BS2 0ES : Cardiff, Wales, CF10 1EP : Leeds, Yorkshire and the Humber, LS1 4AP : Salford, North West England, M3 5BS : Newcastle upon Tyne, North East England, NE98 1ZZ : Telford, West Midlands (England), TF3 4NT

At HMRC, we are already one of the most digitally advanced tax authorities in the world and have one of the largest IT infrastructures and data sources in the UK. With 50 million customers to serve, over 60 thousand colleagues to support, and £600 billion to collect to fund UK PLC, our IT operation is huge. Operating on a stage this big would faze many, and it is not for everyone. But, for those who are up to the challenge, we offer unique and unparalleled opportunities to work with some of the latest technologies and make a real, lasting difference.

We are undergoing a major transformation programme, which includes a significant investment in digitisation. This means customers can do more for themselves online, in real time, on computers, tablets and smartphones.

Now is a great time to join us as we establish a team of outstanding people in the field of Enterprise or Security Architecture, Risk Management and Security Testing, who will create and run these new and improved technology services. This is a chance to work on services that matter and affect the lives of millions of citizens.

See what it’s like to work at HMRC: find out more about us or ask our colleagues a question. Questions relating to an individual application must be emailed as detailed later in this advert.

The Team 

Our Cyber Security Technical Services (CSTS) multidisciplinary team supports HMRC to assess business and reputational risks and are responsible for ensuring everyone has capability to fulfil their security responsibilities and develop individual capability to detect, prevent and respond to security risks and threats.

We continually adapt and evolve to emerging technologies, the ever-changing threat and risk landscape to meet HMRC/HMG business needs.

We are part of an active and encouraging cyber security community, within HMRC and across government.

The Role

As a Senior Cyber Security Professional working within Security Testing, you will play a leading role in providing security testing, vulnerability assessment and continual security compliance capabilities in order to secure HMRC’s services and to ensure the best possible technical security risk-based advice is given to our customers.

As part of role you will also lead packages of work and contribute to wider CSTS services as required.

You will work collaboratively with key business & technical stakeholders, to deliver appropriate security testing risk based technical security advice and guidance, to enable the secure delivery of HMRC solutions and services.

This is an exciting time to join us and the chance to work on services that matter and affect the lives of millions of citizens.

Broadly, we would expect the successful candidate to align with the Government Security Professional for Security Testing and Vulnerability Management Framework .

Responsibilities

• Engage with internal and external partners to manage and provide appropriate security Testing and assurance to the required standard and in accordance with policy and regulations.
• Scope, conduct, or support security assessments, pen testing and other non-functional security testing, appropriately recording and sharing any findings.
• Provide Vulnerability management and continual security compliance expertise across on premise and cloud-based solutions.
• Work collaboratively with project managers and programme leads to provide subject matter expertise on a range of security testing requirements.
• Act as escalation point to deal with security testing related incidents.
• Research, identify, validate, and embrace new technologies and methodologies.
• Champion consistency across the business in support of our “one team” ethos.
• Lead assessments of threats and vulnerabilities determine deviations from acceptable/defined baselines.
• Communicate threat, vulnerabilities, and risk information to stakeholders in a clear and concise manner.
• Assist in the development and delivery of Security testing documentation sets.
• Research and assess new threats and security/vulnerability alerts, and recommend remedial actions.

Essential Criteria:

• Understanding and experience of how technical security is applied in real life environments, technical security controls, threats and vulnerabilities (incl. threat vectors) and current IT and security best practice approaches.
• Passion for security testing and continual development within this area.
• Related Industry accreditations such as CREST, Offensive Security, SANS/GIAC or equivalent recognised qualifications with relevant IT Security experience.
• Experience at managing and/or conducting a wide range of testing in different environments with different complexity.
• Using vulnerability management/scanning tooling, compiling reports, and conducting regular scanning and assessment activities.
• Building relationships with stakeholders, using strong communication skills to communicate effectively at all levels to technical and non-technical audiences.
• Internal team engagement, working collaboratively, sharing knowledge, advising, and training colleagues.

Desirable Criteria:

Ideally you will also have knowledge, understanding and/or experience of:

• Detailed understanding of penetration testing tools and techniques.
• Compiling Security testing reports, with the ability to work with stakeholders to determine real impact and probability of exploits being successful.
• Developing and delivering change and successful delivery of technical security aspects of projects.
• IT infrastructure (hardware, databases, operating systems, local area networks etc.) and application architectures.

These posts require a minimum of SC Security Clearance and candidates must be prepared to undertake this level of security vetting if not already held.

Please be aware that if the required standard of vetting for the role is not granted, the offer will be removed, and you will be released from the role.  This is likely to result in you being placed into the redeployment pool if another suitable position is unavailable.  The vetting process can take some months and can be intrusive. Please speak with the vacancy holder if you have any questions regarding the vetting process before you apply.

Related Industry accreditations such as CREST, Offensive Security, SANS/GIAC or equivalent recognised qualifications with relevant IT Security experience

We’ll assess you against these technical skills during the selection process:

• Technical Aptitude
• Security Testing Scenario
• Competency in general security questions

Gloucester, South West England, GL1 1DQ

Would you like to help HM Land Registry (HMLR) deliver its ambitious new Counter Fraud Strategy – which will play a fundamental role in protecting the Land Register, a key part of the national economic infrastructure?

As a Counter Fraud Officer, you will help protect HMLR and the register of title against fraud, analysing and evaluating data from various designated sources to produce appropriate outcomes to defend against fraud or illegality.  You will deliver and assist in the development of counter-fraud policy and strategy within HMLR and promote the counter fraud strategy.

We’ll fully support your development and help you work towards a relevant counter-fraud qualification 

This is an exciting opportunity available in Gloucester, with a minimum requirement of 26 hours per week for part time hours up to full time hours of 37 hours per week.

Whilst HM Land Registry are in the process of developing a hybrid working culture, allowing employees to work both in a home and office environment, whilst meeting customer and organisational needs, there can be no guarantee that hybrid working will be available within CFG in the long term. The successful candidate will have an opportunity to realise any of these benefits, although initial induction into the role and training will require 100% face to face attendance in Gloucester. Induction is planned over a period of 6 months (extendable where required) and the degree of office attendance required will be reviewed over the course of this and may be amended based upon individual progress.

Some travel and overnight stays may be required to other HM Land Registry offices for internal meetings or training subject to current government guidance, and this should be taken into account when applying.

HMLR ensures people’s land and property rights are guaranteed and protected in one of the most active property markets in the world. As part of our highly regarded Counter Fraud Group (CFG) you could be contributing to this important and exciting work every day, operating against the ever-evolving, ever-changing fraud threat HMLR faces.

Counter Fraud Group plays a critical part in protecting the integrity of the register and undertakes an important role in the HMLR counter fraud strategy. The role involves cross departmental working, assessment of fraud risk and identification of risk controls, analysis of data and a need to understand fraud related issues.

The successful candidate will be able to analyse and evaluate data from various designated sources and produce appropriate outcomes to defend against fraud or illegality. You will deliver and assist in the development of counter-fraud policy and strategy within HMLR and to further the counter fraud strategy. You will work towards a relevant counter-fraud qualification and develop yourself against Government Counter Fraud Standards.

Your main duties will include:

• To analyse, evaluate record and disseminate data using systems and processes as required including producing reports and intelligence products in compliance with internal and legislative data handling restrictions
• To accurately maintain the CFG databases
• To help create systems, processes and strategies for fraud prevention and investigation
• To work with internal stakeholders to ensure a good working relationship and proportional response to fraud prevention
• To liaise with other counter-fraud organisations, including the preparation of intelligence and evidential products in compliance with appropriate legislation
• Assist senior officers when required
• Administrative duties
• Other duties as required

You will be accountable for:

• Making sure relevant information is accurately recorded and managed in accordance with strict security principles
• Researching and creating products and outcomes which can be easily communicated to relevant parties
• Liaising with internal stakeholders, law enforcement agencies, other counter-fraud organisations and internal partners where appropriate
• Creating and / or improving policy, practice and procedure for work relating to the main duties (subject to consultation with the team)
• The accurate and effective investigation of internally and externally sourced information
• The complete and accurate recording of data, including linking of information where appropriate
• The standard of reports drafted and data capture
• The accuracy, timeliness and appropriateness of information given to stakeholders
• The quality and effectiveness of stakeholder engagement
• Adherence to relevant legislation in the collation and recording of data

2 GCSE’s in Mathematics and English Language at Grade C/Level 4 or above or an equivalent qualification (O-Level at Grade C or above, CSE at Grade 1)

We’ll assess you against these behaviours during the selection process:

• Working Together
• Making Effective Decisions
• Managing a Quality Service

#WeAreHMLR

At HM Land Registry our vision is a world leading property market as part of a thriving economy and a sustainable future. We are unique in terms of the economic and social impacts of our work, our ability to make a positive difference to the lives of our customers, our sense of mission, and our great people. They are the foundation of all we have achieved and all we aspire to in the future. We want our people to feel proud to work for HM Land Registry and able to fulfil their full potential.

We have a strong and positive culture, a commitment to inclusivity, an emphasis on continuous learning and development, and flexible ways of working. We offer competitive pay and annual leave, attractive pension options and a wide range of other benefits.

• We have integrity– we value honesty, trust and doing the right thing in the right way.
• We drive innovation– we are forward-thinking, embrace change and are continually improving our processes.
• We are professional– we value and grow our knowledge and professional expertise.
• We give assurance– we guarantee our services and provide confidence to the property market.

You can find more information on our rewards package on our website.

This post can be based at our sites in either Ryton-on-Dunsmore (CV8 3EN), Durham (DL15 8DS) or Harrogate (HG3 1UF). Hybrid working opportunities can also be discussed prior to you taking up your post. This role is also available as a designated homeworking role.

This post is open to applicants who can meet the College’s nationality, UK residency and vetting requirements.

About us:

We’re the professional body for the police service in England and Wales. We work with everyone in policing to set standards, to share knowledge and good practice and to support the development of police officers and staff. Our mission is to drive a consistent approach across policing where the public and the service expect it, to boost professionalism and to improve leadership at every level.

Although we’re a small organisation, our work has a big reach. We are uniquely placed to work both with national policing organisations and local forces to support frontline officers, staff and volunteers in their day-to-day roles.

We offer a supportive and inclusive environment for people to thrive. Our extensive flexible-working policy, employee wellbeing support, family friendly policies, employers network for equality and inclusion (ENEI) membership and status as a disability confident employer means everyone can bring their whole self to work.

We look forward to reading your application for the role of Physical Security Manager.

The selected candidate will be the subject matter expert for the College and its people for Physical Security (including Counter Terrorism), reporting to the Senior Information Risk Owner (SIRO) on matters of risk. Be responsible for proportionate and robust policy, guidance and advice based on evidence regarding the threat and risks to the college whilst balancing the operational needs of the College.

Some of your responsibilities will include:

• Serving as lead contact for appropriate agencies . Liaising and horizon scanning, intelligence gathering and evaluation of the main threats and risks to the College, its people on and off site, and including oversees travel, and physical assets.
• Responsibility for overseeing the day-to-day implementation of all physical security policy and guidance; responding to, and investigating where appropriate, any incidents including security breaches occurring.
• Fostering and developing collaborative responsibility for embedding physical security compliance across the business through the development and implementation of training, toolkits, and workshops.

To be successful in this role you’ll need:

• Experience of preparing Operation Requirements or physical security reviews including recommendations, subsequent application and management.
• Experience relating to the core functionality of the Police National Computer as amanagement and operational support tool within the College of Policing.
• Experience of crime prevention, operational requirements and both planned and spontaneous operations.

Please see the attached job description which contains full details of the role.

We’ll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Delivering at Pace
• Making Effective Decisions
• Seeing the Big Picture
• Working Together

We’ll assess you against these technical skills during the selection process:

• Preparing Operation Requirements or physical security reviews including recommendations, subsequent application and management
• Crime prevention, operational requirements and both planned and spontaneous operations.
• Experience relating to the core functionality of the Police National Computer as a management and operational support tool
• Experience of crime prevention, architectural design, planning, or engineering
• Disciplinary or incident investigation

The College is a great place to work. We’re passionate about our people and offer a wide range of benefits, including (but not limited to):

• Defined benefit pension scheme with an average employer contribution of 27%
• Up to 30 days holiday (this is in addition to 8 public holidays and 2.5 privilege days)
• Continued professional development and structured career paths
• Enhanced maternity, paternity and adoption leave
• Flexi-time (for certain grades)
• A range of flexible working arrangements
• Benenden Healthcare
• National Dental Plan
• Discounts for on-line shopping
• Free employee support line
• Interest free season ticket loans
• Rewards and recognition scheme

We also have a number of thriving staff networks that provide the opportunity for advice, support and to drive change. A place to get your voice heard, share experiences and challenge our working practices to ensure equality of opportunity for all.

This post can be based at our sites in either Ryton-on-Dunsmore (CV8 3EN), Durham (DL15 8DS) or Harrogate (HG3 1UF). Hybrid working opportunities are also available as well is designated homeworking. This will be discussed prior to you taking up your post.

This post is open to applicants who can meet the College’s nationality, UK residency and vetting requirements.

About us:

We’re the professional body for the police service in England and Wales. We work with everyone in policing to set standards, to share knowledge and good practice and to support the development of police officers and staff. Our mission is to drive a consistent approach across policing where the public and the service expect it, to boost professionalism and to improve leadership at every level.

Although we’re a small organisation, our work has a big reach. We are uniquely placed to work both with national policing organisations and local forces to support frontline officers, staff and volunteers in their day-to-day roles.

We offer a supportive and inclusive environment for people to thrive. Our extensive flexible-working policy, employee wellbeing support, family friendly policies, employers network for equality and inclusion (ENEI) membership and status as a disability confident employer means everyone can bring their whole self to work.

We look forward to reading your application for the role of Business Continuity Manager.

The selected candidate will be responsible for managing, co-ordinating and supporting effective Business Continuity arrangements and responses for the College of Policing, including policy, procedures, awareness and guidance. They will oversee and manage consistent and robust Unit and Site plans to ensure the safety and well-being of College staff (and customers) and to safeguard and provide resilience for College of Policing information, assets and estate.

Some of your responsibilities will include:
•    Develop, oversee and manage effective Business Continuity arrangements for all of the College units and sites to provide resilience for the College in the event of any incident requiring activation of BC plan and in accordance with Cabinet Office Security Policy Framework requirements.
•    Develop, deliver and review engagement activities to promote, embed and maintain a proactive business continuity culture across the College.
•    Develop and foster a collaborative approach with key stakeholders and senior managers to ensure that Business Continuity arrangements are co-ordinated and aligned with systems and activities to ensure consistency of approach with BC.

To be successful in this role you’ll need:
•    Experience of communicating confidently at all levels within and external to the College including the need to advise and guide senior members of staff
•    Detailed knowledge and understanding of Business Continuity requirements and best practise.
•    Proven ability to effectively manage competing priorities and business areas with conflicting business needs and priorities

Please see the attached job description which contains full details of the role.

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Communicating and Influencing
• Delivering at Pace
• Making Effective Decisions
• Working Together

We’ll assess you against these technical skills during the selection process:

• Detailed knowledge and understanding of Business Continuity requirements and best practise.
• Ability to solve problems and develop workable solutions
• Proven ability to effectively manage competing priorities and conflicting business needs and priorities
• Proficient and able to communicate and guide confidently at all levels
• Ability to prioritise own work and the work of others to ensure deadlines are met

The College is a great place to work. We’re passionate about our people and offer a wide range of benefits, including (but not limited to):

• Defined benefit pension scheme with an average employer contribution of 27%
• Up to 30 days holiday (this is in addition to 8 public holidays and 2.5 privilege days)
• Continued professional development and structured career paths
• Enhanced maternity, paternity and adoption leave
• Flexi-time (for certain grades)
• A range of flexible working arrangements
• Benenden Healthcare
• National Dental Plan
• Discounts for on-line shopping
• Free employee support line
• Interest free season ticket loans
• Rewards and recognition scheme

We also have a number of thriving staff networks that provide the opportunity for advice, support and to drive change. A place to get your voice heard, share experiences and challenge our working practices to ensure equality of opportunity for all.

Croydon, Manchester

The role sits within Home Office Cyber Security (HOCS) within Digital, Data and Technology (DDaT) under Corporate & Delivery within the Home Office.

HOCS provide a central cyber security function for the whole of the Home Office. HOCS work across the department to identify cyber security risks and find resolutions to manage those risks until deemed acceptable.

As a Head of Cyber Delivery, you will coordinate across multiple delivery teams to deliver a large and complex business outcome to improve the security posture of the Home Office. You will be expected to deliver to cost and quality standards, managing risks and dependencies across multiple teams, rather than acting as a dedicated member of a single product delivery team. You will also leverage supplier frameworks where necessary and own senior stakeholder relationships, using your ability to influence and translate technical security concepts.

You will be expected to work with flexibility, selecting and applying techniques from different delivery methodologies depending on the requirements of the business outcome you are working towards. You will use your experience of working in security, technology and / or a digital environment to get the best out of the delivery teams and drive continuous improvement.

You will be responsible for identifying and implementing appropriate governance mechanisms for your cross-cutting deliveries, advising on how any existing governance processes can be complimented. You will recommend and agree optimal decision-making thresholds with key stakeholders and lead on ensuring that timely decisions are made across multiple teams to ensure successful delivery.

You will work with multiple senior stakeholders across the organisation, including drivers of Home Office policy, members of the DDaT community and colleagues in Home Office Commercial where contracts need organising and negotiating. As a leader within the delivery community, you will provide technical leadership, guidance, and support to others.

You will also be expected to drive contributions to DDaT and cross-government communities of practice, sharing your knowledge, setting good practice and providing an example of what good looks like.

Your main day to day responsibilities will be: 

•    Taking insight from individual delivery plans to translate a complex product roadmap for an end to end outcome into a delivery plan, ensuring appropriate sequencing of the work across teams

•    Identifying and implementing appropriate governance mechanisms to support complicated delivery, enabling timely decisions, and preventing governance duplication

•    Balancing central delivery oversight and governance with local accountability for delivery within the product team

•    Delivering in line with capacity and availability of many product teams, leveraging supplier frameworks and managing budgets and spending to make informed decisions on resources and team profiles

•    Owning senior stakeholder relationships across the business, influencing Product Managers across many teams in order to achieve business outcomes

•    Ensuring quality is considered in all trade-offs and conversations in planning and delivery, understanding the potential impacts on quality of demands placed on product delivery teams

•    Using your delivery expertise to actively manage risks, issues and dependencies across multiple delivery teams, acting as the final escalation point for risks raised by the delivery teams

•    Using feedback loops, data analysis and experiments to iteratively improve the outcome being delivered

•    Act as an effective and collaborative member of the Home Office Cyber Security (HOCS) Senior Management Team

•    Working with the Head of Role for Delivery to define delivery strategies at department or organisational level, aligning to business goals.

Other day to day activities 

You will also be expected to carry out the following day to day activities:

•    Conducts project status with CISO in support of strategic goals

•    Identifying and driving forward the development of delivery capabilities within the delivery organisation, including continuous professional development and exploitation of new and emerging industry leading techniques and approaches

•    Demonstrating a strong understanding of which elements of a delivery methodology would best work within a given context to deliver successfully

•    Provide support and guidance to more junior members of the delivery community.

Essential Skills

You’ll have a demonstrable passion for delivery with the following skills or some experience in:

•    Delivery of cyber security improvement programmes

•    Ability to balance multiple competing priorities and coordinate across multiple delivery teams to deliver value

•    Working at senior leadership level, establishing and maintaining extensive stakeholder networks across the organisation and actively engaging other senior leaders to gain understanding and buy-in on complex strategies and technical plans

•    Strong financial management skills in order to leverage budget, prioritise business needs and make key decisions

•    Creating and maintaining an overall delivery plan that highlights forecasts/estimates and confidence levels, whilst taking into account the many individual delivery plans

•    Using experience of technology delivery and technical practices to help translate technical concepts to non-technical stakeholders

•    Applying previous experience to identify, understand and analyse key metrics in order to improve team delivery

•    Sufficiently understanding an organisation to identify the right people who can make the right decisions and at the right time, defining what good governance looks like within a delivery context

•    Acting as the Delivery Manager for one or more delivery teams at the same time through a complete delivery lifecycle (prepare, deliver, improve)

The skills listed below are reflective of the Home Office DDaT Profession Skills and Competency Model (based on the industry standard SFIA framework). Please see below for the relevant skills required for your role:

Strategy and Architecture

•    Information Strategy
o    Governance – level 4 
•    Business Strategy and Planning
o    Financial and Commercial Management – level 4
o    Business Risk Management (BURM) – level 4

Change and Transformation

•    Business Change Implementation
o    Project Management (PRMG) – level 5

Skills and Quality

•    Quality and Conformance
o    Quality Management (QUMG) – level 3

Relationships and Engagement

•    Stakeholder Management
o    Relationship Management (RLMT) – level 6

Desirable Skills

Ideally you will also have the following skills or some experience in:

•    Providing support for more junior members of the community in working with multiple delivery teams to deliver against business outcomes

•    Contributing to a Community of Practice

•    Presenting at conferences / meetups

Presentation

At interview Candidates will be required to deliver a brief presentation. You will have the opportunity to prepare prior to interview. Further details will be provided closer to the scheduled interviews.

• A qualification in a recognised delivery methodology (e.g. Scrum, Lean Kanban, SAFe, Prince 2)
• Relevant security/technical delivery management or security/technical project management experience

We’ll assess you against these behaviours during the selection process:

• Seeing the Big Picture
• Leadership
• Communicating and Influencing

We’ll assess you against these technical skills during the selection process:

• Governance – level 4
• Business Risk Management (BURM) – level 4
• Project Management (PRMG) – level 5
• Quality Management (QUMG) – level 3
• Relationship Management (RLMT) – level 6

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

East Midlands (England), East of England, London (region), North East England, North West England, Scotland, South East England, South West England, Wales, West Midlands (England), Yorkshire and the Humber

This position is based nationally

We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit: https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.

Security Risk and Assurance Practitioner

Cyber Security Risk and Assurance Practitioner (HEO)

The MoJ Information Security Team sits at the heart of the Ministry of Justice, enabling good security practices through the provision of security policies, guidance, and education, by understanding cyber security risks from all parts of the Ministry of Justice and providing assurance to the departmental SIRO, the Permanent Secretary, and other senior stakeholders that these risks are being effectively managed in the delivery of MoJ objectives.

The role of the Cyber Security Risk and Assurance Practitioner is to support the central MoJ Information Security Team in carrying out cyber security assurance, highlighting non-compliance with required standards and raise and communicate cyber security risks arising from control gaps.

The Cyber Security Risk and Assurance Practitioner may also provide advice to others on good risk management practices to enable them to manage residual risk well, identify trends resulting from risk and assurance activities and use these to propose and deliver improvements to processes, policies, and guidance, and enable senior team members to resolve tactical requests to the team.

All members of the team are expected to help develop the MoJ Security Function as a centre of excellence for the department and to contribute to building a brilliant and diverse team that is a welcoming place for all.

Typical role expectations and responsibilities

Manage the implementation and delivery of security assurance processes, including GovAssure and supplier assurance activities. Communicate assessment and assurance outcomes to stakeholders in ways that support effective security, risk management and decision-making, and advise stakeholders on their approach to risk assessment in the context of their business outcomes.

Work with Justice Digital and Information Assurance colleagues, or third-party suppliers, to gather evidence of the performance of technical services and organisational processes against security baselines, controls, and requirements, using key performance indicators.

Provide an informed opinion on Cyber Security risks and the adequacy of controls in place, with a focus on business-critical services, based on the outcomes of evidence gathered.

Align risk decisions and advice with relevant regulation, policy, and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk. Understand when risks need to be escalated to more senior stakeholders and take responsibility for doing this.

Contribute to the development and enablement of security policy and security culture by collaborating with the Security Policy, Culture, Awareness and Education team, providing insight on the trends identified from security assurance activities. Assure the ongoing appropriateness of policy in accordance with regulation and wider departmental and government policies. Support risk-related work and enable compliance and governance.

Support and take part in building the network of security partners across government and national technical authorities, and within industry.

Contribute to submissions and reports for senior MoJ officials and support efforts needed to respond to requests and advisories received from government partners.

Monitor the efficiency and effectiveness of security processes across the organisation, make continuous improvement recommendations and deliver these as appropriate.

May include line management responsibilities for more junior team members.

About you:

You will need experience of working well within a security, technology, or risk team.

You will be well informed about cyber security and technology, showing willingness to build your awareness of current and emerging technologies and their impact on existing security practices.

You will be able to communicate well with a variety of stakeholders at all levels and relay technical information to a non-technical audience.

You will possess strong analytical and problem-solving skills, adopting a positive approach and displaying flexibility of mind when encountering new situations.

You will display attention to detail and discretion in dealing with confidential topics.

You will need to be methodical and inquisitive, probing for information where appropriate to understand the business context and reasoning. You will be able to challenge to security decisions made by your stakeholders and support others to do so.

Behaviours

We’ll assess you against these behaviours during the selection process:

•    Managing a Quality Service
•    Delivering at Pace
•    Developing Self and Others
•    Making Effective Decisions
•    Changing and Improving

East Midlands (England), East of England, London (region), North East England, North West England, Scotland, South East England, South West England, Wales, West Midlands (England), Yorkshire and the Humber

This position is based nationally

We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit: https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.

Cyber Security Risk and Assurance Lead (SEO)

The MoJ Information Security Team sits at the heart of the Ministry of Justice, enabling good security practices through the provision of security policies, guidance and education, by understanding cyber security risks from all parts of the Ministry of Justice and providing assurance to the departmental SIRO, the Permanent Secretary and other senior stakeholders that these risks are being effectively managed in the delivery of MoJ objectives.

The role of the Cyber Security Risk and Assurance Associate is to lead the programme of cyber security assurance for their assigned area of the organisation, highlighting non-compliance with required standards and providing appropriate challenge to the owners of cyber security risks arising from control gaps.

The Cyber Security Risk and Assurance Lead may also mentor and support others in good risk management practices to enable them to manage residual risk well, identify trends resulting from risk and assurance activities and use these to initiate and lead improvements to processes, policies and guidance, and own the resolution of tactical requests to the team.

All members of the team are expected to help develop the MoJ Security Function as a centre of excellence for the department and to contribute to building a brilliant and diverse team that is a welcoming place for all.

Typical role expectations and responsibilities

Lead the implementation and delivery of security assurance processes, including GovAssure and supplier assurance activities for their assigned area, to support the overarching assurance programme. Lead on the communication of assessment and assurance outcomes to stakeholders in ways that support effective security, risk management and decision-making, and advise stakeholders on their approach to risk assessment in the context of their business outcomes.

Play a leading role working with Justice Digital and Information Assurance colleagues (or supervise third party suppliers) to gather evidence of the performance of technical services and organisational processes against security baselines, controls and requirements, using key performance indicators.

Analyse relevant data to provide an informed opinion on the quality of evidence provided and effectiveness of controls in place, with a focus on business-critical services and associated operational areas.

Identify and report on trends arising from assurance assessments in their assigned area of the organisation and make sure appropriate remediation plans are in place and being actively managed.

Lead on ensuring that Cyber Security risks for the business area are appropriately documented and reflect outcomes of the assurance work to enable senior stakeholders to make appropriate evidence-based decisions.

Align risk decisions and advice with relevant regulation, policy and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk. Escalate risks to more senior stakeholders when needed and take responsibility for closure of follow up actions.

Provide input into the development and enablement of security policy and security culture by collaborating with the Security Policy, Culture, Awareness and Education team through insights on trends identified from security assurance activities. Assure the ongoing appropriateness of policy in accordance with regulation and wider departmental and government policies. Lead risk-related work and enable compliance and governance.

Play a leading role in building the network of security partners across government and national technical authorities, and within industry.

Contribute to submissions and reports for senior MoJ officials and play a leading role in efforts needed to respond to requests and advisories received from government partners.

Monitor the efficiency and effectiveness of security processes across the organisation, and lead continuous improvement efforts, including improving methods of escalation or reporting where necessary.

May include line management responsibilities for more junior team members.

About you:

You will need experience of working well within a security, technology or risk team, and preferably be able to demonstrate successful prior experience of leading, mentoring and motivating a small team. You will be able to demonstrate examples of your own motivation to grow your leadership and management skills and abilities.

You will demonstrate an understanding of cyber security and technology, showing willingness to continue to grow your awareness of current and emerging technologies and their impact on existing security practices.

You will be able to communicate well and confidently with a variety of stakeholders, up to board level, and relay technical information to a non-technical audience.

You will possess excellent analytical and problem-solving skills, adopting a positive approach and displaying flexibility of mind when encountering new situations.

You will display attention to detail and discretion in dealing with confidential topics and senior stakeholders.

You will need to be analytical and inquisitive, probing for information where appropriate to understand business context and reasoning. You will be a trusted partner for your areas of the organisation and demonstrate an understanding of how to appropriately challenge security decisions, including those made by senior stakeholders.

How to Apply

We will be recruiting using Success Profiles Frameworks.

Behaviours

We’ll assess you against these behaviours during the selection process:

•    Managing a Quality Service
•    Delivering at Pace
•    Developing Self and Others
•    Making Effective Decisions
•    Changing and Improving
•    Leadership

Technical skills

We may assess your current level of knowledge of cyber security and risk management during the selection process.

Please refer to Job Description

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Making Effective Decisions
• Leadership
• Developing Self and Others
• Managing a Quality Service
• Delivering at Pace

• Access to learning and development
• A working environment that supports a range of flexible working options to enhance your work life balance
• A working culture which encourages inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%
• Annual Leave
• Public Holidays
• Season Ticket Advance

London

The Security Education and Awareness Communications Lead post works closely with the DSR team, MOD Top Level Budgets and Cross-Government partners to develop and deliver impactful internal communications to help prevent security incidents, improve security culture and protect Defence Personnel and our assets around in the UK and Overseas.

 The post has 3 areas of focus:

• The Planning and Delivery of security communications, including focused campaigns and activity to enable security policy

• Stakeholder management internally with TLBs and externally with Cross-Government partners in the SEAC and Cabinet Office.

• Enabling activity that seeks to improve security awareness activity such as better understanding audiences through supporting security culture surveying and developing approaches to gain and better understand the effect on audiences.

This position is advertised at 37 hours per week

• End to end delivery of proactive security awareness campaigns across MOD using OASIS (Campaign) planning tool.
• Provide communications expertise to DSR Senior leadership, support the communication of new, and changes to existing Departmental security and resilience policy and support ad hoc security communications activities.
• Create and maintain a yearly Security communications plan for MOD.
• Run quarterly Security Awareness, Behaviours and Education Working Group.
• Support development and delivery of Security Culture survey activity.
• Manage development Measurement and Evaluation of security communications activity.
• Represent MOD at Cross-Government Security communications forums.
• Enable MOD Top Level Budgets in their own security communications and culture activities
• Collaborate with internal stakeholders, including the Directorate of Defence Communications, Cyber Defence and Risk, and the Cyber Confident teams.
• Chair fortnightly security communications and culture update meeting with Senior Leadership Team.

Essential Skills, Knowledge and Experience:

• Experience in planning, coordinating, and delivering effective communications plans.
• Excellent interpersonal and relationship building skills.
• Expert written and verbal communications skills.
• Comfortable dealing with a range of stakeholders and negotiating and influencing at all levels.
• Good at listening and understanding stakeholder needs.
• Ability to work under pressure, manage competing priorities and changing deadlines.
• Good knowledge of the communications landscape, and the role of digital communication in internal communication.
• Self-motivated and able to see opportunities to improve and develop.
• Willing to help out and support other team members.
• Excellent planning, organisational and time management skills.

 Desirable Experience

• Experience managing intranets, events (including logistics) and other communication activities.
• An interest in Defence Security and Resilience Culture
• Relevant knowledge of Security and Resilience Processes and Policies

Security Vetting:

Applicants must be willing to undergo the Developed Vetting process.  Owing to the nature of the role this is a reserved post.

We’ll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Managing a Quality Service
• Changing and Improving
• Leadership

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%