About the job

Job summary

Are you ready to work in one of the most interesting cyber security environments and share your experience to support national security?

Cyber security plays an integral role in protecting the UK against external and internal threats, acting as a deterrence to ensure that our Armed Forces have the strong cyber defences they need.

Cyber Defence and Risk (CyDR) is at the forefront of Cyber Security and Information Technology within Defence and is responsible for enabling Defence through the provision of specialist assurance and cyber security services across UK Defence including industry partners, other Government Departments and our international allies. Services provided by CyDR include:

• MOD defensive cyber strategy development
• Development of cyber security policy
• Managing and driving mitigation of Departmental cyber risk
• Security assurance and accreditation support and advice

CyDR sits within the Defence Digital team who provide digital and technology services to our Armed Forces.  Defence Digital operates at scale, with an annual budget in excess of £2Bn and a diverse team of 2,500 colleagues, it aims to make our Armed Forces some of the most technologically advanced in the world.

With a fantastic growing team of military and civilian staff operating across the UK it is a great time to be a cyber security professional in the Ministry of Defence.

If you can see yourself contributing to the world of CyDR the next chapter of your career may be with us!

This post is advertised at 37 hours per week.

Strategic Command is going through a significant transformation programme which aims to improve the way the Command conducts its business and delivers for Defence and the nation. As a consequence of this, all posts within Strategic Command Headquarters and in time the wider organisation, are/will be subject to review and potential changes as we continuously improve across the period of the transformation programme. These changes may be minor or could be more substantive and will generate new opportunities.  Throughout, the Command’s transformation programme is committed to following the MOD’s framework on managing and supporting people through the change process and places an emphasis on early and open consultation and engagement with the Command’s personnel and Trade Unions.

This post is eligible for a Digital Skills Allowance of up to £9,000 per annum. Eligibility for this allowance will be assessed at interview against 4 core technical skills only and reviewed annually in line with MOD policy.

Job description

Effective policy is essential to delivering cyber security across the wider Defence community. To be effective it must be properly considered, clearly articulated and coherent. The role will therefore bring together all aspects of business-focused Information and Cyber Security policy for the department and its stakeholders (including industry partners) and ensure that policy and guidance is sustainable and forward looking.

The Cyber Security Policy Manager (Business Delivery) works within the Governance, Risk and Compliance team within the Cyber Defence and Risk Directorate and is responsible to the Cyber Security Policy Assistant Head for ensuring:

• The coordination and maintenance of departmental non-technical policy and guidance pertaining to cyber security, including to the wider Defence community.
• Engagement with core stakeholders.

We are a small, highly specialised team, performing a critical role in Defence Digital. This is an exciting opportunity to join us and be part of our journey!

Responsibilities:

• Development and maintenance of Defence policy and guidance relating to information and cyber security focussed on business delivery.
• Ensure coherence and clarity of policy.
• Maintain understanding of future technology direction to ensure policy is forward looking.
• Maintain close liaison with key stakeholders across Defence and other government departments, to support wider policy activities.
• Identification, assessment and presentation of data to support evidence-based security policy.
• Analysis of new and forthcoming legislation or regulations to identify potential impact and ensure organisational security policies are compliant.
• Support departmental and wider work to develop mechanisms to drive continuous improvement and encourage the sharing of best practice in policy development.
• Fulfilment of desk-level Training Requirements Authority duties for relevant training course.
• Represent Cyber Security Policy team interests at internal and external meetings as required.
• Line management of Policy staff, ensuring workloads are balanced efficiently, resource issues are escalated in a timely fashion and personnel are professional and motivated.
• Support the development of mechanisms to drive continuous improvement and encourage the sharing of best practice.

Person specification

If you have the following knowledge, skills and experience, we would love to hear from you!

Desirable qualifications: CISMP, CISSP or CCP; BSc or HND or equivalent in an ICT or Engineering related discipline.

Desirable memberships: CIISec (formerly IISP) or BCS

Desirable experience or knowledge of:

• Cyber Security Governance
• Cyber Security Policy and Standards
• Cyber Security Legal & Regulatory Environment & Compliance
• Risk understanding and mitigation

Dependent on the business need, there may be a requirement to travel to meetings within the UK (or potentially occasional overseas visits). This post does not offer any assistance with relocation allowances.

Due to security requirements this post is open to SOLE UK NATIONALS ONLY

Where business needs allow, some roles may be suitable for a combination of office and home-based working.  This is a non-contractual arrangement where all employees will be expected to spend a minimum of 60% of their working time in an office, subject to local estates capacity.  Requirements to attend other locations for official business, or carry out detached duty in another MOD workplace, will also count towards this level of attendance. Applicants can request further information regarding how this may work in their team from the Vacancy Holder (see advert for contact details). DBS cannot respond to any questions about working arrangements.

Benefits

Alongside your salary of £43,080, Ministry of Defence contributes £11,631 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

This vacancy is using Success Profiles and will assess your Behaviours, Experience and Technical skills.

To apply please complete the CV template provided on the CS Jobs dashboard. You will be assessed against your relevant, skills, knowledge and experience which demonstrates the essential criteria listed within this advert.

All applicants will also need to provide a personal statement (max. 1250 words) and it is essential that this includes evidence of the following essential criteria. Each one will be scored 1-7 and make up part of your overall score to assess your suitability to be invited to interview:

1. Demonstrate your understanding of development and maintenance of policy and guidance relating to information and cyber security.

2. Demonstrate experience of cyber security governance and cyber/information risk management.

3. Demonstrate experience in developing and maintaining relationships, both internally and with partner organisations.

4. Demonstrate understanding of mechanisms to drive continuous improvement.

Interviews

We’ll assess you against these behaviours and technical skills during the interview process:

Behaviours

• Leadership
• Making Effective Decisions 

Technical Skills

• Protective security
• Information risk assessment and risk management
• Applied security capability
• Threat Understanding

The Government Security Profession Career Framework used in this vacancy can be found at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/864752/Government_Security_Profession_career_framework.pdfhttps://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/864752/Government_Security_Profession_career_framework.pdf.

The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk

As a result of the changes to the UK immigration rules which came into effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical.

The role currently being advertised has not been assessed as business critical and is therefore NOT open to applications from those who will require sponsorship under the points based system. Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.