About the job

Job summary

The Central Data and Digital Office (CDDO) is part of the Cabinet Office and leads the digital, data and technology (DDaT) function for government. Find out more at the CDDO here.

Securing Government Services in CDDO (our team) works across the government to help organisations improve their cyber security posture and reduce common risks. Our purpose is to “make things secure”. We develop government-tailored technical security guidance and provide insights and advice. We are responsible for delivering the cross-government Secure by Design approach, which is a key outcome in the Government Cyber Security Strategy and commitment to the Digital Strategy (Transforming for a digital future: 2022 to 2025 roadmap for digital and data). 

Our work in CDDO is user-focused, dynamic and forward-looking - making our organisation an exciting and innovative place to work.

Job description

You will be a Technical Security Assurance Expert in the Securing Government Services team, where you will work with government departments to provide risk management and assurance consultation on the security posture of services and products based on recognised security industry standards. 

You will work with the National Cyber Security Centre (NCSC) and Cabinet Office Government Security Group (GSG) to make government digital services secure and resilient through tailored technical guidance and advice, and will play a key role in driving the Government Cyber Security Strategy and delivery of strategic priorities.

As a lead technical security assurance specialist in CDDO, you will:

• deliver security risk-driven assessments of services or products in accordance with an appropriate methodology.
• perform security due diligence of technology products.
• review reporting, including key performance indicators, and act as key decision maker for the delivery of technical security capabilities against requirements. 
• ensure alignment with government security policy frameworks and industry objectives and standards, and liaise with senior stakeholders on how these can be met.
• interact with stakeholders across organisations, teams, or communities.

Person specification

We are interested in people who have:

• experience in defining and implementing processes to verify conformance to security and/or legal and regulatory requirements.
• experience in carrying out security controls gap assessment, capability maturity assessment and compliance checks in accordance with an appropriate methodology.
• good working knowledge of current cyber security risks and experience implementing security solutions for infrastructure, network and application security.
• ability to interact with a broad cross-section of personnel to explain and enforce security measures.
• experience in planning and managing delivery of a security work programme.
• experience in facilitating workshops to gather, understand and analyse information as part of carrying out reviews / audits. 
• relevant industry qualifications and accreditations e.g. Certified Cyber Professional (CCP), Certified Information Systems Security Professional (CISSP), ISO27001 Lead Auditor.

Benefits

The benefits of working at CDDO

There are many benefits including:

• flexible hybrid working with flexi-time and the option to work part-time or condensed hours
• a Civil Service Pension with an average employer contribution of 27%
• 25 days of annual leave, increasing by a day each year up to a maximum of 30 days 
• an extra day off for The King’s birthday
• an in-year bonus scheme to recognise high performance
• career progression and coaching, including a training budget for personal development
• paid volunteering leave 
• a focus on wellbeing with access to an employee assistance programme
• job satisfaction from making government services easier to use and more inclusive for people across the UK
• advances on pay, including for travel season tickets
• death in service benefits
• cycle to work scheme and facilities
• access to children's holiday play schemes across different locations in central London
• access to an employee discounts scheme
• 10 learning days per year
• volunteering opportunities (5 special leave days per year)
• access to a suite of learning activities through Civil Service learning

CDDO offers hybrid working for all employees. This means that everyone does some working from home and also spends some time in their local office. You’ll agree to your hybrid working arrangement with your line manager in line with your preferences and business needs.

Any move to the Central Digital and Data Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

Things you need to know

Selection process details

The standard selection process for roles at CDDO consists of:

• a simple application screening process - We only ask for a CV and cover letter of up to 750 words. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “person specification” section listed above. Additionally, provide specific examples of your past experiences that demonstrate your proficiency in the behaviors mentioned below
• A scenario exercise. Comprehensive details will be shared with the shortlisted candidates.
• a 90-minute video interview including the scenario presentation at the beginning.

In the event we receive a high number of applications, we will conduct an initial sift on the lead criteria which is: 

• Experience in defining and implementing processes to verify conformance to security and/or legal and regulatory requirements.

Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.

In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We’ll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.

For this role we’ll be assessing you against the following Civil Service Behaviours: 

• making effective decisions
• leadership
• communicating and influencing
• working together

Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.

A reserve list will be held for a period of 12 months, from which further appointments can be made.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.