About the job

Job summary

The Integrated Corporate Services (ICS) is a new shared corporate service, launched in July 2023. It provides corporate services (HR, Finance, Digital, Commercial, Security and Estates) across the Department for Energy Security & Net Zero (DESNZ) and the Department for Science, Innovation & Technology (DSIT).  

Our team of just over 300 professionals will be leading the way in how these functions will be delivered in the future. Our ambition is to be the leading provider of integrated corporate services for government and set the standard for quality, efficiency, and innovation in our field. 

We offer great working benefits including a world-class pension, flexible working options and a career where your learning and development is taken seriously. We are enormously proud to be a Disability Confident Leader employer. We support candidates with adjustments throughout our recruitment process. Information about disability confidence and just some examples of the adjustments that you can request can be found in the reasonable adjustment section below.    

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy. 

Find Out More 

You can also follow our LinkedIn Careers Page: https://www.linkedin.com/showcase/desnz-careers/  

Job description

Are you interested in joining a high-performing team of security professionals?  If you are ready to challenge yourself and become a member of a specialist security team, then we have a great opportunity for you!

We need an organised, proactive, and flexible individual to provide Cyber Security Risk Management functions for the Departmental Security Unit (DSU), supporting colleagues across both the Department for Science Innovation & Technology and Department for Energy Security & Net Zero in the DSU.

The post holder will need to:

• Recommend security design across several projects or technologies, up to an organisational or inter-organisational level.

• Have a deep and evolving level of technical security expertise, so you can act as an exemplar.

• Make and influence important business and architectural decisions.

• Research, identify, validate and adopt new technologies and methodologies.

• Be a recognised subject matter expert and demonstrate this expertise by solving complex issues and problems.

• Further the profession, demonstrating and sharing best practice within and outside the organisation.

• Identify, understand, and mitigate cyber-related risks.

• Identify and evaluate security risks to information, systems and processes.

Person specification

Key responsibilities:

Your main day to day responsibilities will include (but are not limited to):

• Independently undertake risk management activities within a given area of practice or expertise, within established security and risk management governance structures.

• Lead the analysis and derivation of business-supporting security needs, undertake Cyber Security related risk assessments, conduct tailored threat assessment and other risk management activities, and ensure activities are consistent with applicable regulations and legislation.

• Provide tailored advice to a range of stakeholders on how to remedy identified risks by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise.

• Provide expert security advice that highlights Cyber Security related risks, so risk or service owners can make well-informed and auditable decisions.

• Support the planning, development, implementation and management of organisation-wide policies, processes, and procedures for the management of cyber security risk. Protecting the organisation’s assets and business services.

• Review internal controls following any security breach, providing advice on how to remediate any vulnerabilities discovered. Agreeing and overseeing remedial solutions, controls and safeguards that are the most appropriate and beneficial for the organisation.

• Lead, mentor, and support others to perform to their full potential and drive succession planning.

Skills and experience:

Have a demonstrable passion for Cyber & Information Security, with the following skills or experience:

• Information Risk Assessment & Risk Management: Review risk assessments using appropriate methods and can inspect and report security characteristics of systems.

• Applied security capability: Elicit security requirements based on straightforward approaches such as threat/vulnerability/impact analysis. Can use control frameworks appropriately understanding their strengths and limitations.  

• Threat understanding - Evidence-based knowledge, including context, about an existing or emerging threat to assets that can be used to inform decisions.

• Protective Security - Keep knowledge up to date. Champions protective security within the wider security function, providing advice to others.

• Have a deep and evolving level of technical security expertise, so you can act as an exemplar.

• Be able to communicate and influence at all levels of the business.

• Research, identify, validate and adopt new technologies and methodologies.

• Be a recognised expert and demonstrate this expertise by solving unprecedented issues and problems.

• Further the profession, demonstrating and sharing best practice within and outside the organisation.

Benefits

Alongside your salary of £52,985, Department for Energy Security & Net Zero contributes £14,305 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

As part of the application process you will be asked to complete a CV, personal statement and any technical skills required. 

Further details around what this will entail are listed on the application form.

Please use your personal statement (in no more than 750 words) to address how your technical, information and cyber security skills and experience align to the job description.

Applications will be sifted on CV, Personal Statement and any technical skills required. 

In the event of a large number of applicants, applications will be sifted on the personal statement. 

Candidates who pass the initial sift may be progressed to a full sift, or progressed straight to assessment/interview.

The interview will consist of behaviour and technical questions. 

Sift and interview dates

Expected Timeline subject to change

Sift dates: w/c 05/08/2024

Interview dates: w/c 12/08/2024

Interview Location: MS Teams.

Candidates are asked to note the above timetable, exercising flexibility through the recruitment and selection process.

Further Information

For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting

This role is full time only. Applicants who wish to work an alternative pattern are welcome to apply however your preferred working pattern may not be available and you should discuss this with the vacancy holder before applying.

Reasonable Adjustment

We are proud to be a disability confident leader and we welcome applications from disabled candidates and candidates with long-term conditions.

We fully support adjustments throughout our recruitment process and we encourage candidates to discuss their adjustment needs by emailing the job contact which can be found under the contact point for applicants section.

We do not have an exhaustive list of adjustments that we support but just some examples include additional time to complete your application form, behaviour questions up to 72 hours prior to interview and having extra time at interview. 

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

If successful and transferring from another Government Department a criminal record check may be carried out.

New entrants are expected to join on the minimum of the pay band.

A location based reserve list of successful candidates will be kept for 12 months. Should another role become available within that period you may be offered this position.

Please note terms and conditions are attached. Please take time to read the document to determine how these may affect you.

Any move to the Department for Energy, Security and Net Zero  from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility https://www.childcarechoices.gov.uk

DESNZ does not normally offer full home working (i.e. working at home); but we do offer a variety of flexible working options (including occasionally working from home). 

DESNZ cannot offer Visa sponsorship to candidates through this campaign.

DESNZ holds a Visa sponsorship licence but this can only be used for certain roles and this campaign does not qualify.

In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service /Disclosure Scotland on your behalf.

However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading. 

For further information on the Disclosure Scotland confidential checking service telephone: the Disclosure Scotland Helpline on 0870 609 6006 and ask to speak to the operations manager in confidence, or email Info@disclosurescotland.co.uk 

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment. 

A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

Feedback

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.