About the job

Job summary

The Government Security Function (GSF) oversees the delivery of protective security across Government. Our Mission is to enable Government to protect citizens and provide vital public services by understanding and managing security risks. We set the strategy and standards for Government Security, monitor departmental security performance, manage pan-government security incidents, support the delivery of key security capabilities and lead the Government Security Profession.

The Government Security Group (GSG) is the centre of the Security Function, based within the Cabinet Office. This role offers an exciting opportunity to work in a fast-paced, dynamic team, with a breadth of stakeholders including in other Government departments, the National Technical Authorities and the Agencies, and to contribute to delivering improved security across Government. 

The Cyber Directorate was formed in September 2022 following an independent review of GSG capability and priorities. A new Cyber Director post was created within GSG and existing teams leading three deputy directors, each leading the following teams: Cyber Operations and Assurance, Cyber Transformation, and Cyber Policy and Solutions.

We are responsible for delivering the first Government Cyber Security Strategy. Our purpose is to make Government’s critical functions significantly hardened to common attacks by 2025, and all government organisations across the public sector resilient to known vulnerabilities and attack methods no later than 2030. 

GSG’s culture embraces a diverse workforce: we come from all walks of life. GSG values the fact that our different backgrounds, cultures, genders, experiences and ways of working ultimately bring us together as a more effective team. We strive for a collegiate and inclusive working culture that means our voice at every level is heard. Each one of us has a part to play in helping the Government to keep the UK secure. 

GSG also wants to do better at recognising that we have responsibilities outside of work – so that we not only work hard, but we work smart – whether that’s full time, part-time or job sharing, we work flexibly. We promote hybrid working with a combination of time spent in the office and at home, where appropriate.

GSG is committed to being an equal opportunities employer. We value and welcome diversity. We will not tolerate harassment or other unfair discrimination on grounds of sex, marital status, race, colour, nationality, ethnic origin, disability, age, religion or sexual orientation. We promote and support the diversity of our workforce, promote learning and development, and celebrate our successes. 

Job description

This post leads our work in evaluating and improving cyber security across government and is responsible for the Assurance, Engagement and Red teams. We are now coming to the end of the first year of our new Assurance regime, GovAssure, and you will be responsible for bringing GovAssure through its second year of run, evaluation of the results and improvement for the next year. As part of our plan to transition to continuous assurance, you will be responsible for evaluating control library solutions, working with departments to understand their experience and build an enduring solution to embed assurance in day to day business. 

The post works closely with stakeholders in NCSC, CDDO, and the Cyber GSEC as well as stakeholders across the government security community and is responsible for directing relationship management through the Engagement team, who work with portfolios of government departments to understand security challenges and manage consultation including departmental journeys through GovAssure. As part of holistic assurance, the post also manages the Red team, who coordinate a programme of adversary simulation testing. You will be responsible for overseeing programme and integrating assurance techniques into departmental practice, building a community and mainstreaming testing in government.

The teams work with the Operations team to support understanding of broader government vulnerabilities and incidents and provide surge capacity for crisis management. 

We have a strong focus on building an inclusive environment where every member of the team feels valued and able to share their experiences and skills, and welcome applications from candidates who share this ethos. You will gain a unique insight into the cyber security challenges facing Government and its partners, and will work with National Technical Authorities, the national security community and industry to tackle these challenges.

The post holder will need a strong understanding of cyber security, in particular assurance frameworks and real world experience of cyber defence. Relationship management with multiple stakeholders will be critical and you will be responsible for a team of 20. 

Our cyber posts attract a skills based DDAT pay lead. This post is subject to a DDAT skills assessed non pensionable pay lead. In certain circumstances exceptional candidates may be eligible for a higher starting salary.

Person specification

Responsibilities will include:

• Directing the GovAssure programme, including working with departments to understand the scoping and challenges of the scheme, and directing service delivery in support through partners.
• Reporting on progress of delivery and development through stakeholder engagement and programme reporting through the Programme Management Office.
• Evaluating continuous improvement of GovAssure and working on new ways to embed continuous assurance.
• Directing analysis of the year 1 results to understand the challenges of government and prioritising the security development needs of departments, working with the Programme Management Office to build metrics for evaluating progress against the Government Cyber Security Strategy.
• Communicating the progress and results to government fora, working with departments to understand and build on the results, and presenting on the scheme more widely including international partners and industry.
• Prioritising engagement activity across government, building relationships and tooling with other security organisations to deconflict engagement activity and better assist departments, and improving collective data exploitation; building reciprocal processes with the Engagement and Incident teams including exercising. 
• Coordinating a prioritised programme of Red Team activity and developing stakeholder relationships to fully realise the benefits, including closer alignment with broader assurance.
• Growing and supporting a dynamic, inclusive and dedicated team, building technical skills and providing opportunities to excel and develop. 

Essential Skills

• Strong understanding of cyber security, particularly assurance frameworks including the CAF. Experience working in fast-paced environments, managing tight deadlines and senior stakeholder relationships within or around cyber organisations.
• Strong interpersonal skills and experience of working across organisational boundaries with a range of stakeholders.
• Supportive leadership skills and experience of growing and developing diverse teams.
• Strong, persuasive communication skills and the ability to distil and summarise complex information to a range of different audiences.

Additional information:

A minimum 60% of your working time should be spent at your principal workplace. Although requirements to attend other locations for official business will also count towards this level of attendance.

Benefits

Alongside your salary of £64,700, Cabinet Office contributes £17,469 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Experience.

Application process

As part of the application process you will be asked to complete a CV and personal statement. Further details around what this will entail are listed on the application form. 
To apply, please supply a name blind CV, 500 word personal statement, and 4 submissions on the following Civil Service Behaviours:

• Making Effective Decisions
• Changing and Improving
• Communicating and Influencing 
• Leadership

Should a large number of applications be received, an initial sift may be undertaken using the lead Behaviour, Making Effective Decisions. Candidates who pass the initial sift may be progressed to a full sift, or progressed straight to assessment/interview. 

Selection process

At interview, you will be assessed on the following Civil Service Behaviours:

• Making Effective Decisions
• Changing and Improving
• Communicating and Influencing 

Expected timeline (subject to change)
Expected sift date – w/c 23rd June
Expected interview date/s – w/c 7th and 14th July
Interview location - either in person in London or remote via Google Meet

Further Information

A reserve list may be held for a period of 12 months from which further appointments can be made.

Any move to Cabinet Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

If successful and transferring from another Government Department a criminal record check may be carried out.

In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service/Disclosure Scotland on your behalf.

However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading. 

For further information on the Disclosure Scotland confidential checking service telephone: the Disclosure Scotland Helpline on 0870 609 6006 and ask to speak to the operations manager in confidence, or email Info@disclosurescotland.co.uk 

Please note that this role requires DV clearance, which would normally need 10 years’ UK residency in the past 10 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.

For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting

New entrants are expected to join on the minimum of the pay band.

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment. 

A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

Please note terms and conditions are attached. Please take time to read the document to determine how these may affect you.

Reasonable Adjustment

If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. 

If you need a change to be made so that you can make your application, you should: 

Contact Government Recruitment Service via cabinetofficerecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs. 

Complete the ‘Assistance required’ section in the ‘Additional requirements’ page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.