About the job

Job summary

As the Deputy Director for Cyber Security, you will play a key role in leading the implementation of this strategy within the Joint Cyber Unit; a collaborative effort between DHSC and NHS England. Your responsibilities will span policy development, risk management, and regulation, shaping the future of Cyber Security in the sector.

The Joint Cyber Unit is an integral part of the Joint Digital Policy Unit (JDPU), leading policy in areas like AI, data, and technology adoption across health and care. Your contributions to the team will directly impact sector-wide productivity, and will be felt throughout the sector and the NHS.

This role offers the opportunity to make a real impact on patient and people in care safety and outcomes at national scale across a health and care sector of approximately 140,000 organisations. While we already have an overarching national strategy there still remains much work to effectively manage cybersecurity through the complexity of the health and care system. You will lead on setting cyber policy as well as operating a risk and assurance function for the health and care sector. You will also lead on regulatory policy and enforcement for cyber security in health and care under the Network and Information Systems (NIS) Regulations.

The Joint Cyber Unit is more than just a team; it's a community committed to safeguarding patients and people in care. We invite you to be part of this stimulating and engaging journey, contributing to impactful policy interventions and shaping the future of Cyber Security  in health and care.

Job description

The Deputy Director, Cyber Security is a unique opportunity to develop your knowledge in digital and data and gain hands-on experience of implementation and delivery whilst continuing to build and develop your expertise and experience in policy and strategy.

You will play a key senior leadership role on the cyber agenda for health and care. Reporting to the National Chief Information Security Officer (NCISO).

Key Responsibilities

As Deputy Director Cyber Security your key responsibilities will Include: 

• Parliamentary accountability and ensuring a first-class service to Ministers and top of the office in relation to briefing and advice on cyber security. 
• Taking forward the publication and implementation for a new cyber security strategy for the health and social care system, driving a long-term approach to building resilience and capability; 
• Overseeing the Policy and Strategy team whose functions include developing technology policy for cyber security in the system; cyber workforce policy; policy on different sectors within the system including cyber security in primary care and adult social care; and longer-term strategic planning and horizon scanning;
• Overseeing the work of the Cyber Risk, Standards and Assurance Team.  You will work to strengthen cyber governance and management of cyber risk across the system, including providing timely, accurate and salient risk reporting to senior boards and risk committee. You will also oversee and steer the adoption and implementation of NCSC’s Cyber Assessment Framework as the standard for cyber security across health and care.  
• Overseeing the Incidents and Regulatory Team. Ensuring the health and care system has robust and tested plans for resilience in the event of a significant cyber or data security incident. Leading work across government, regulatory bodies and the health and care system to develop and use a wider range of levers and incentives to improve cyber resilience in the sector.  This will include expanding and improving the use of our regulatory levers under the Network Information Systems Regulations.

As a member of the Senior Leadership Team you will be expected to:

• Lead by example and display excellent leadership qualities and behaviours and leading through change.
• Value and promote equality, diversity and inclusion and be committed to delivery of work whilst maintaining a positive culture and the wellbeing of your staff and colleagues.
• Work collaboratively particularly with the Band 9 Deputy Director leading work on compliance and engagement as well as with partners in NCSC and the Data Security Centre.

As a senior leader you will be expected to:

• Take a leading role in any major cyber incident, supporting the cross-government response. This will include, providing voluntary out of hours cover on an occasional basis.

Person specification

It is important through your CV and Statement of Suitability that you give evidence and examples of proven experience of each of the following 

Essential criteria:

• Proven leadership experience, with the ability to empower and motivate others in a dynamic environment and across organisational boundaries, with an engaging, adaptable, leadership style;
• Exceptional policy and strategy experience. Ideally you should have led teams to develop complex strategy and policy and have a very good understanding of and direct experience of parliamentary processes and the development of legislation and regulation;
• Strong commercial and financial insight, with proven ability to seek out efficiency and value for money;
• Highly developed interpersonal and influencing skills, with the credibility and ability to build excellent relationships with key stakeholders across organisational boundaries and evidence of a collaborative approach;
• An ability to cope and be resilient under pressure, working at pace to drive effective delivery and to be responsive to new risks and emerging priorities;
• Excellent written and oral communication skills with a proven ability to present complex issues simply and effectively.

Desirable:

• Knowledge and experience of cyber security technology, user behaviours and how to manage systematic vulnerabilities and mitigations.
• Knowledge and understanding of HM Government coupled with an ability to confidently navigate Whitehall and ALBs, capable of drawing upon and establishing networks

Benefits

Alongside your salary of £75,000, Department of Health and Social Care contributes £27,000 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

Application

To apply for this post please submit the following documents no later than 23:55 on Wednesday 21st February 2024.

1. A CV (which is for information purposes only)  setting out your career history, with key responsibilities and achievements. Please ensure you have provided reasons for any gaps within the last two years.
2. A Statement of Suitability (no more than 1250 words) explaining how you consider your personal skills, qualities and experience provide evidence of your suitability for the role, with particular reference to the criteria in the person specification.

Applications will be sifted against personal statements. Please note that your CV is for information purposes only and will not be scored.

Failure to submit both documents will mean the panel only has limited information on which to assess your application against the criteria in the person specification.  

As part of the online application process, you will be asked a number of diversity-related questions. If you do not wish to provide a declaration on any of the particular characteristics, you will have the option to select 'prefer not to say'. The information you provide when submitting your application will help us monitor our progress towards the Civil Service becoming the most inclusive employer by 2025. 

Please note that we are unable to provide feedback to those candidates who are not shortlisted for interview. Written feedback will be made available (on request) to those candidates who attend interview.

If you are unable to apply online please contact scscandidate.grs@cabinetoffice.gov.uk

Selection Process

A panel chaired by Phil Huggins, Director Cyber Security, DHSC will assess your application to select those demonstrating the best fit with the role by considering the evidence you have provided against the criteria set out in the ‘Person Specification’ section. Failure to address any or all of these may affect your application. 

Phil will be supported by a selection panel made up of other senior stakeholders for the role, full details of this panel will be shared with shortlisted candidates.

Alongside other departments, DHSC is committed to making the Civil Service more inclusive and recognises the value of diverse interview panels. Helping candidates, particularly those from diverse backgrounds, to feel comfortable and at ease during the interview process, to reduce bias and increase the objectiveness of decisions. In line with the Civil Service’s Inclusive Board initiative we aim to ensure that, as well as being gender diverse, DHSC’s interview panels for Senior Civil Service will include at least one panellist who is from an ethnic minority background and/or who has a physical or non-physical disability (which may not be visible). 

Shortlist

You will receive an acknowledgment of your application through the online process. 

The panel will select a shortlist of candidates whose applications best demonstrate suitability for the role, by considering the evidence provided against the essential criteria set out in the ‘Person Specification’.

Candidates applying under the Disability Confident Scheme and A Great Place to Work for Veterans Scheme who meet the minimum selection criteria in the job specification are guaranteed an interview. 

The timeline later in this pack indicates the date by which decisions are expected to be made, all candidates will be advised of the outcome as soon as possible thereafter, and we will advise on any delays. 

Shortlisted candidates who attend an interview will also be offered verbal feedback from a member of the interview panel.

Assessment

If you are shortlisted, you will be asked to take part in a series of assessments which will include a staff engagement exercise. These assessments will not result in a pass or fail decision. Rather, they are designed to support the panel’s decision making and highlight areas for the panel to explore further at interview.

Discussion with Vacancy Holder

Shortlisted candidates may have the opportunity to speak to the vacancy holder, Phil Huggins, Director Cyber Security, DHSC prior to the final interview. This is an informal discussion to allow candidates to learn more about the role, and is not part of the assessment process.

Interview

You will be asked to attend a panel interview in order to have a more in-depth discussion of your previous experience and professional competence in relation to the criteria set out in the Person Specification

Shortlisted candidates will be asked to prepare a 5-minute presentation at interview on a scenario issued to them 30 minutes ahead of their panel interview. This presentation will be designed to assess each candidate’s experience with briefing Ministers.  Full details will be provided prior to interview. 

You will be asked a series of questions at interview around the following behaviours and the essential criteria earlier in this pack.

Interviews will take place in person at 39 Victoria Street, London, full details of the interview format will be provided to shortlisted candidates prior to interview.

Feedback

If unsuccessful at any stage, please contact scscandidate.grs@cabinetoffice.gov.uk at Government Recruitment Service to request feedback on your application or interview.

A reserve list will be held for up to 12 months, which we may use to fill future suitable vacancies for candidates who are considered appointable following interview.

Security

Successful candidates must undergo a criminal record check. People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.