About the job

Job summary

Could you help us keep the Department's systems, data, people, processes, places, and supply chains secure? Do you want to be part of a diverse and expanding area of work? Are you self-motivated, willing to learn, develop and work towards qualifications while delivering in a vital role?

Join the Department’s Security Policy & Standards Team and help us protect and secure some of the most critical parts of the UK Government.

The Department for Work and Pensions (DWP) is responsible for the delivery of welfare, pensions and child maintenance across the UK. Most people in Britain encounter DWP at some point in their lives, and it is the UK’s biggest public service department and data controller, we operate on a scale that is almost unmatched anywhere in Europe.

To support the important work that DWP delivers, we are looking for new security professionals to help us keep the Department secure by ensuring we have the right security policies and standards in place.

Job description

The Security Policy and Standards Team are responsible for managing the creation, development, and evaluation of DWP Security Policies and Standards which set the security parameters for the Department to operate securely and effectively. They define the measures that help to protect DWP, its infrastructure and its staff from physical, personnel and cyber threats.

In addition to ensuring DWP’s security policies and standards are regularly reviewed and updated, keeping pace with the everchanging risk landscape, the team works closely with a range of projects and initiatives across DWP, ensuring our security policies and standards are embedded within new technologies and processes by design.

The post holder will be part of an experienced and passionate team which is spread across the country. This is an exciting opportunity to develop your capability in security policy, and to play an active role in ensuring DWP’s security policies and standards are fit for purpose and remain effective in supporting the Department deliver its strategic objectives.

Responsibilities

In the Security Policy & Standards Lead role you will:

• Manage the development, delivery and maintenance of a framework of security policies and standards to address each aspect of DWP’s security needs, working with specific internal and external expert domains.
• Ensure the Departmental security policy and standards portfolio complies with security obligations, statutory requirements, industry developments, best practice and international standards (e.g. Government Security Standard 007; NIST Cybersecurity Framework), and legal obligations and is continually evolving to evidence best practice and respond to emerging threats and risks.
• Manage the development of new security policies and standards, and maintenance of our current security policies and standards, to address all aspects of DWP’s security requirements, ensuring reviews are undertaken as scheduled.
• Develop and manage the Security Policy & Standards review process, ensuring that the portfolio continues to meet current and emerging business needs, priorities and necessary updates as threats evolve.
• Maintain the governance of the DWP’s portfolio of security policies and standards, through regular reporting to Senior Leadership Team, and other governance boards.
• Ensure the security policy team has the skills, capability and resource to provide advice and support to the business on security policy matters.
• Collaborate with and influence senior managers across DWP business areas to gain top down buy in for Security Education and Awareness activities across DWP.
• Be seen as a leader by your team by applying a consistent vision, energy and drive that motivates the team to meet business objectives, setting them in the context of wider security and Departmental objectives.
• Create and champion an environment of continuous improvement across the team, where learning from feedback, security risks, events, incidents, investigations, and trends becomes integral to business design and processes.
• Build peer and senior relationships that lead to proactively contributing and feeding information into the senior leadership team.

In addition, you will be encouraged and supported to work towards professional certifications that will be relevant to your role, continuously learn new skills and knowledge and to develop your management capability.

Person specification

Essential criteria

• Experience of stakeholder management, and the ability to engage effectively across all areas of DWP;
• Have demonstrable experience of providing strong leadership, direction and decision making, with the proven ability to steer senior conversations.
• Effective and proven communication skills, with experience of building strong working relationships with colleagues and senior stakeholders to achieve progress on shared objectives and delivery.
• Strong track record in managing competing priorities and deadlines, according to business demands.

Desirable Experience

• Experience of industry standards and relevant legislation for information security and resilience policies and control frameworks such as the ISO27000 series, NIST, the Data Protection Act, and the legal and regulatory framework in which they operate.
• Experience in the concepts and application of information security, and of current IT security, with practical experience of data protection and information risk principles and technologies, with the ability to explain the purpose and provide advice and support
• Experience of updating policies and standards to ensure they reflect internal organisational changes, HMG, and/or industry best practice advice.

Benefits

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

Location

Applicants should apply for suitable posts where they can travel to and from their home office location daily within a reasonable time.   

Please be aware that this role can only be worked in the UK and not overseas. Relocation costs will not be reimbursed 

Hybrid Working

This job role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home.  This is a voluntary, non-contractual arrangement and your office will be your contractual place of work. The number of days that anyone will be able to work at home will be determined primarily by business need but personal circumstances and other relevant circumstances will also be taken into account. If you are successful, any opportunities for hybrid working, including whether a hybrid working arrangement is suitable for you, will be discussed with you prior to you taking up your post.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Experience.

Application

As part of the application process you will be asked to complete a CV detailing work history, achievements in role and qualifications and a personal statement (1250 words max). Further details around what this will entail are listed on the application form.

Please see the candidate pack for more details about the selection process.

Sift

Your application will be sifted on the evidence contained within your Personal Statement, taking into account the context provided by the CV.

Should a large number of applications be received, an initial sift may be conducted using the lead Essential Criteria relating to policy drafting and experience. (see responsibilities section). Candidates who pass the initial sift will be progressed to interview.

Interview

Successful candidates will be invited to a video interview. Candidates will be assessed on the Behaviours listed in the advert. Candidates will be expected to deliver a short 5 minute presentation at interview. The subject title will be provided to candidates who are invited to an interview.

Sift and Interview dates

Sifting will take place W/C 5th Feb 24

Interviews W/C 19th Feb 24 

Outcomes W/C 26th Feb 24

Further Information Find out more about Working for DWP A reserve list may be held for a period of 6 months from which further appointments can be made. Any move to DWP from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk If successful and transferring from another Government Department a criminal record check may be carried out.  In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf. However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading.  Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment.  A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government. The Civil Service values honesty and integrity and expects all candidates to abide by these principles. Please ensure that all examples provided in your application are taken directly from your own experience and that you describe the examples in your own words. Applications will be screened and if evidence of plagiarism or copying examples/answers from other sources is found, your application will be withdrawn. Internal DWP candidates may also face disciplinary action. Before applying for this vacancy, current employees of DWP should check whether a successful application would result in changes to their terms & conditions of employment, e.g. mobility, pay, allowances. Civil Servants that would transfer into DWP from other government organisations, following successful application, will assume DWP's terms & conditions of employment current on the day they are posted, unless DWP has stated otherwise in writing. New entrants are expected to join on the minimum of the pay band. Reasonable Adjustment At DWP we value diversity and inclusion and actively encourage and welcome applications from everyone, including those that are underrepresented in our workforce. We consider visible and non-visible disabilities, neurodiversity or learning differences, chronic medical conditions, or mental ill health. Examples include dyslexia, epilepsy, autism, chronic fatigue, or schizophrenia. If you need a change to be made so that you can make your application, you should: Contact Government Recruitment Service via DWPrecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs. Complete the “Reasonable Adjustments” section in the “Additional requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional. If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.