About the job

Job summary

The Government People Group exists to work with departments, professions, and functions to build a modern, effective Civil Service.

We support the government workforce with the right skills and capability. We are working with leaders to get the right people in the right jobs, with the right skills and continuous learning to excel in their roles.

We provide leadership, and in turn, create leaders with exceptional line management capability across departments, influencing partners in the wider public sector and beyond. This involves getting our retention and reward strategy right, to nurture specific skills, and create pride and resilience in our workforce.

Our role is also to provide system leadership across central government in pulling together back office services. Collectively, we help support the Cabinet Office’s priority to drive efficiencies, and reforms that will make government work better, to ultimately provide a better service to the public.

GPG Platforms, Data and Interoperability (PD&I) Directorate is at the forefront of providing first-class platforms and services for over 400,000 civil servants, covering recruitment, data analysis, skills, and learning solutions. As a crucial part of the team, you'll be reporting to the Head of Architecture Services, contributing to the development and innovation of shared service platforms within the government.

Job description

We are seeking experienced and highly skilled individuals to join our dynamic team as Cyber and Information Security Leads. The successful candidate(s) will play a pivotal role in ensuring the safeguarding of our critical information and data assets. This is a unique opportunity for a professional with a holistic approach to data protection and security, coupled with strong stakeholder management skills. This role encompasses information assurance, designing and implementing comprehensive security strategies, policies, and procedures to protect our programmes, projects, and live digital services from cyber and security threats.

Responsibilities will include:

Strategy: Develop and maintain cyber and information security strategy, ensuring alignment with business objectives and industry best practices.

Security Controls: Lead the implementation and management of cyber and information security controls across different areas, including programmes, projects, and live digital services.

Security Assessments: Conduct regular security assessments and audits to identify vulnerabilities and recommend appropriate countermeasures

Governance: Provide input to Governance Boards, manage challenging stakeholders, and lead on contract deliverables, acting as a point of escalation for issues.

Relationships: Build and maintain strong relationships with customers, monitor client contracts' progress, and evaluate and address information assurance risks for customers.

Supplier Management: Build, manage, and oversee third-party supplier management relationships.

Guidance: Provide expert support and guidance to internal teams in addressing security issues while ensuring compliance with applicable security standards and regulations.

Other responsibilities include:

• Lead the development and implementation of robust cybersecurity measures for ongoing and upcoming projects and live services.
• Conduct cyber risk assessments and provide security guidance
• Promote and implement secure-by-design principles
• Support GPG as part of GovAssure activities
• Monitor and respond to security incidents
• Manage relationships across government, suppliers, and vendors.

Person specification

To be successful in this role, you should possess the following skills and qualities:

Essential Criteria:

Proven experience in a similar lead cyber and information security role covering data protection/information security, GDPR implementation, risk and issue management, governance processes, assurance, reporting, and stakeholder management.

• Strong understanding of security principles, technologies, and methods.
• Knowledge of ISO/NIST suite, project management, and change management.
• Managing services through outsourced contracts
• A self-starter who works well independently with limited supervision.
• Ability to manage high workloads and competing deadlines.
• Excellent problem-solving, analytical, and communication skills.
• Comfortable working with a high degree of ambiguity and changing priorities

Desirable Criteria:

• Understanding of implementing security controls in enterprise solutions, developing shared services, and relevant security/data protection certifications.
• Knowledge of cloud security best practices
• Knowledge of HMG security policy and framework

Additional information:

A minimum 60% of your working time should be spent at your principal workplace. Although requirements to attend other locations for official business will also count towards this level of attendance.

Benefits

Alongside your salary of £53,400, Cabinet Office contributes £14,418 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

Application process

As part of the application process, you will be asked to complete:

1. A CV setting out your career history, with key responsibilities and achievements.
2. A Personal Statement against the skills and experience (maximum 500 words)

Your CV and Personal Statement are your opportunities to show us how your experience means that you meet the criteria for this role. Your CV should cover your skills, qualifications, job history, and achievements to date and your Personal Statement is the chance to further expand on this and give specific examples of where you have demonstrated the desired skills. Giving examples rather than just saying you're experienced with a certain requirement will strengthen your statement and enable the sift panel to understand more about your suitability for the role.

Should a large number of applications be received, an initial sift may be undertaken using the CV. Candidates who pass the initial sift may be progressed to a full sift, or progressed straight to assessment/interview.

Selection process 

During the blended interview you will be assessed against your experience the behaviours that are contained within this advert and three technical questions. 

Expected timeline (subject to change)

Expected sift date – w/c 04/03/24
Expected interview date/s – w/c 18/03/24 and/or 25/03/24
Interview location - virtual

Further information

Please note terms and conditions are attached. Please take time to read the document to determine how these may affect you.

A reserve list may be held for a period of 12 months from which further appointments can be made.

Any move to Cabinet Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

Please note that this role requires SC clearance, which would normally need 5 years UK residency in the past 5 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.

For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting

If successful and transferring from another Government Department a criminal record check may be carried out.

In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure Scotland on your behalf.

However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading. 

For further information on the Disclosure Scotland confidential checking service telephone: the Disclosure Scotland Helpline on 0870 609 6006 and ask to speak to the operations manager in confidence, or email Info@disclosurescotland.co.uk

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment. 

A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

Offers above the band minimum are subject to our assessment of your skills and experience as demonstrated at interview. Salaries over the band minimum will be paid as a non-pensionable allowance.

Reasonable adjustments

If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. 

If you need a change to be made so that you can make your application, you should: 

• Contact Government Recruitment Service via cabinetofficerecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs. 
• Complete the ‘Assistance required’ section in the ‘Additional requirements’ page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'contact point for applicants' section.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.