Cyber Security Risk Management Lead
Met Office
About the job
Job summary
We’re looking for an exceptional Cyber Security Risk Management Lead to help us make a difference to our planet.
As our Cyber Security Risk Management Lead, the job may be suitable for hybrid working, which is where an employee works part of the week in the office and part of the week from home. This is a voluntary, non-contractual arrangement and the location advertised will be your contractual place of work.
Our opportunity is full time, 37 hours per week. Our people are at the heart of what we do and we'll do our best to agree a working pattern that works for everyone.
Why join us?
The Met Office is accredited as a 'Great Place to Work UK 2023' and in addition has achieved a place on both the UK's 'Best Workplaces in Tech' and 'Best Workplaces for Women' lists.
We invest in our people to unlock their full potential. As our Cyber Security Risk Management Lead, we will support you to develop and thrive to be the best you can be. We champion positive physical and mental health in the workplace and are committed to being an inclusive organisation, providing a working culture that actively values an equal and diverse workforce.
Who we are:
We provide critical weather services and world-leading climate science to deliver extraordinary impact and benefit across the globe. Our work helps people make better decisions to stay safe and thrive.
Together:
- We’re a force for good - focusing on our environmental and social impact
- We’re experts by nature - always learning and developing to do things better
- We live and breathe it - putting our purpose at the heart of decision-making
- We’re better together - understanding partnerships and inclusivity make us greater
- We keep evolving - pushing boundaries to make tomorrow better for our customers
Find out more about our values - https://bit.ly/3fokaRD
Job description
Job Purpose:
As a Cyber Security Risk Management Lead in the Security and Information Risk Advisor team you will be able to identify, understand, and offer appropriate solutions to mitigate cyber-related risks. Enabling service owners to make well informed, risk based decisions.
Key responsibilities include:
- Independently undertaking risk management activities within a given area of practice or expertise
- Leading the analysis and derivation of business-supporting security needs, undertake Cyber Security related risk assessments, conduct tailored threat assessment and other risk management activities, and ensure activities are consistent with applicable regulations and legislation
- Providing tailored advice to a range of stakeholders on how to remedy identified risks by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise
Providing expert security advice that highlights Cyber Security related risks, so risk or service owners can make well-informed and auditable decisions
Person specification
Essential Qualifications, Skills & Abilities:
1. Expert by nature – Demonstrable experience of applying cyber security risk management to enable appropriate and secure business outcomes.
2. Keep evolving – You keep abreast of cyber security developments and can apply your gained knowledge to new or existing problems.
3. Better together – Evidence of developing effective relationships to support security outcomes across a wide range of stakeholders.
Desirable Qualifications, Skills & Abilities:
- Membership of a relevant institution or body
- Relevant industry qualifications and accreditations. For example:
- Certified Information Systems Security Professional
- Certified in Risk and Information Systems Control
- Certified Information Security Management Principles
3. Relevant HM Government qualifications or accreditations.
4. Knowledge and application of recognised standards/requirements such as:
- NIST:CSF
- NIS Directive
- GovAssure
- ISO27005/31000
Benefits
Alongside your salary of £38,838, Met Office contributes £10,486 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
Things you need to know
Selection process details
How to apply:
If you share our values, we’d love to hear from you. Apply below using your CV and a Cover Letter/Supporting Statement which evidences how you meet each of the essential criteria - we recommend candidates use the CARL (Context, Action, Result and Learning) method for presenting evidence of skills.
Closing date 03/03/2024 at 23:59 with interviews commencing from 25/03/2024. You will hear from us once the closing date has passed.
If successful, please note we are unable to offer expenses for travel to your normal place of work. This post is contractually aligned to Exeter HQ, please ask at interview if you would like extra clarity on how often this requirement is likely to be.
How we can help:
If you are considering applying and need support to do so, please contact us via Careers@metoffice.gov.uk. You can request adjustments either within your application or by contacting us. Should you be offered an interview, please be aware there may be a selection exercise which could include a presentation, written test or a scenario-based activity. You can select in your application to be considered under the Disability Confident Scheme. To be invited to interview/assessment under this scheme, your application must meet the essential criteria for the role.
We understand that great minds don’t always think alike and as an equal opportunities employer we welcome applications from those with all protected characteristics. We recruit on merit, fairness, and open competition in line with the Civil Service Code.
We can only accept applications from those eligible to live and work in the UK - please refer to GOV.UK for information. We require Security clearance, for which you need to have resided in the UK for at least 3 of the last 5 years to be eligible. You will need to achieve full security clearance within your first 6 months with us.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).
See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
This job is broadly open to the following groups:
- UK nationals
- nationals of the Republic of Ireland
- nationals of Commonwealth countries who have the right to work in the UK
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
- Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Working for the Civil Service
Please note this Post is NOT regulated by the Civil Service Commission. The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.