GOVTALENT.UK

Risk Lead

This opening expired 3 months ago.

Department for Business and Trade

Location(s):
Belfast, Birmingham, Cardiff, Darlington, Edinburgh, London, Salford
Salary:
£42,450 to £57,550
Job grade:
Senior Executive Officer
Business area:
Information Technology (IT), Project Delivery, Analytical, Other
Contract type:
Permanent
Working pattern:
Full-time, Part-time

About the job

Job summary

About us  

The Department for Business and Trade (DBT) is the department for economic growth. The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support businesses to invest, grow and export, creating jobs and opportunities across the country. DBT Cyber work to improve the security of the systems and processes that affect the operation of the Department.  The Governance Risk and Compliance (GRC) team were established to create a safer Cyber landscape to deliver DBTs vision, and do this through establishing good practice in new information projects, reviewing compliance and setting standards for  

About the role  

 As a Risk Lead, you will be part of a team responsible for the Cyber Risk aspect of Cyber Security within DBT.  Reporting to the Risk Manager Principal, the role will collaborate with the other teams in Cyber and the broader DDaT community. The GRC team is responsible for cyber risk management, maintaining in-house system security assurance, running cyber security training throughout the department, managing, and complying with policies and standards, and audit management and response. The Cyber Security Risk Manager identifies, understands, and mitigates cyber-related risks. They provide risk and service owners with advice to help them make well informed risk-based decisions.  Where risks need to be accepted by the Department, they will support escalation of the risks to the Senior Information Risk Owner (SIRO) for acceptance.You’ll need to possess integrity and be able to communicate across all levels and professions within the Department.  Working with teams that are under pressure to provide the most informed risk assessment possible to decision makers.  It will take strong collaboration skills to work across the Department and with external stakeholders to protect and promote a governed, Cyber risk aware and compliant DBT

Job description

About you 

Main responsibilities  

 You will be an experienced risk assurance professional who can: 

  • Independently undertake risk management activities within a given area of practice or expertise, making use of established security and risk management governance structures and where necessary developing new ones.
  • Undertake Cyber Security related risk assessments as part of the IRAP (Information Risk Assurance Process), conduct tailored threat assessment and other risk management activities, to ensure activities are consistent with applicable regulations, legislation, good practice, and Government guidance.
  • Provide tailored advice to a range of stakeholders on how to mitigate identified risks by proportionately applying security good practice.  Ensuring credible advice that is well referenced to published guidance and standards and drawing on the breadth of expert support available.
  • Provide expert security advice that highlights Cyber Security related risks, so risk or service owners can make well-informed and auditable decisions.   

Person specification

Skills and experience   

 It is essential that you have:   

  You’ll have demonstrable skills and experience of:   

  • Professional information security certification – CISSP or similar, or willingness to attain.  
  • Experience in a risk management and assurance role. 
  • Solid knowledge of information security frameworks.  
  • Effective verbal and written communication skills.  

  It is desirable that you have:   

  • Experience working within large, complex organisations 
  • Broad understanding of cloud-based technical environment.  
  • Problem-solving and analytical skills.  

Benefits

Alongside your salary of £42,450, Department for Business and Trade contributes £11,461 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

How to apply 

 As part of the application process you will be asked to upload a two page CV and complete a 500 word personal statement outlining how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer. 

   Sift will be from week commencing 17th June 2024 

Interviews will be from week commencing 1st July 2024

 Please note these dates are indicative and may be subject to change. 

 If there is a high volume of applications, we will sift looking at your Personal statement only. You may then be progressed to full sift or straight to interview.    

 How we interview 

 At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. This will include a risk assessment exercise.   

Technical Skills  

  • Information Risk Assessment Frameworks and methodology 
  • Risk Management   

 Behaviours:    

  • Making Effective Decisions  
  • Working Together 
  • Communicating and Influencing  

 Find the role on government security framework:https://www.gov.uk/government/publications/the-government-security-profession-career-framework.   

 How we offer  

Offers may be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for.  

  This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn.  Checks will also be made against:  

  • departmental or company records (personnel files, staff reports, sick leave reports and security records)  
  • UK criminal records covering both spent and unspent criminal records  
  • your credit and financial history with a credit reference agency  
  • security services record  
  • location details   

  More about us  This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average.  Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.  You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure on our website.  Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!  



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Added: 3 months ago