Cyber and Information Security Lead

We are seeking experienced and highly skilled individuals to join our dynamic team as Cyber and Information Security Leads. The successful candidate(s) will play a pivotal role in ensuring the safeguarding of our critical information and data assets. This is a unique opportunity for a professional with a holistic approach to data protection and security, coupled with strong stakeholder management skills. This role encompasses information assurance, designing and implementing comprehensive security strategies, policies, and procedures to protect our programmes, projects, and live digital services from cyber and security threats.
Responsibilities will include:
Strategy: Develop and maintain cyber and information security strategy, ensuring alignment with business objectives and industry best practices.
Security Controls: Lead the implementation and management of cyber and information security controls across different areas, including programmes, projects, and live digital services.
Security Assessments: Conduct regular security assessments and audits to identify vulnerabilities and recommend appropriate countermeasures
Governance: Provide input to Governance Boards, manage challenging stakeholders, and lead on contract deliverables, acting as a point of escalation for issues.
Relationships: Build and maintain strong relationships with customers, monitor client contracts' progress, and evaluate and address information assurance risks for customers.
Supplier Management: Build, manage, and oversee third-party supplier management relationships.
Guidance: Provide expert support and guidance to internal teams in addressing security issues while ensuring compliance with applicable security standards and regulations.
Other responsibilities include:
+ Lead the development and implementation of robust cybersecurity measures for ongoing and upcoming projects and live services.
+ Conduct cyber risk assessments and provide security guidance
+ Promote and implement secure-by-design principles
+ Support GPG as part of GovAssure activities
+ Monitor and respond to security incidents
+ Manage relationships across government, suppliers, and vendors., Please note terms and conditions are attached. Please take time to read the document to determine how these may affect you.
A reserve list may be held for a period of 12 months from which further appointments can be made.
Any move to Cabinet Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk
Please note that this role requires SC clearance, which would normally need 5 years UK residency in the past 5 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.
For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting
If successful and transferring from another Government Department a criminal record check may be carried out.
In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service / Disclosure Scotland on your behalf.
However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading.
For further information on the Disclosure Scotland confidential checking service telephone: the Disclosure Scotland Helpline on and ask to speak to the operations manager in confidence, or email Info@disclosurescotland.co.uk
Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment.
A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.
New entrants are expected to join on the minimum of the pay band.
Reasonable adjustments
If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.
If you need a change to be made so that you can make your application, you should:
+ Contact Government Recruitment Service via cabinetofficerecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs.
+ Complete the ‘Assistance required’ section in the ‘Additional requirements’ page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'contact point for applicants' section.
Feedback will only be provided if you attend an interview or assessment.

Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements
This job is broadly open to the following groups:
+ UK nationals
+ nationals of the Republic of Ireland
+ nationals of Commonwealth countries who have the right to work in the UK
+ nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
+ nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
+ individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
+ Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Proven experience in a similar lead cyber and information security role covering data protection/information security, GDPR implementation, risk and issue management, governance processes, assurance, reporting, and stakeholder management.
+ Strong understanding of security principles, technologies, and methods.
+ Knowledge of ISO/NIST suite, project management, and change management.
+ Managing services through outsourced contracts
+ A self-starter who works well independently with limited supervision.
+ Ability to manage high workloads and competing deadlines.
+ Excellent problem-solving, analytical, and communication skills.
+ Comfortable working with a high degree of ambiguity and changing priorities
Desirable Criteria:
+ Understanding of implementing security controls in enterprise solutions, developing shared services, and relevant security/data protection certifications.
+ Knowledge of cloud security best practices
+ Knowledge of HMG security policy and framework, + Communicating and Influencing
+ Delivering at Pace
+ Making Effective Decisions

Technical skills
We'll assess you against these technical skills during the selection process:
+ Technical 1 – Communication
+ Technical 2 – Designing Secure Systems
+ Technical 3 – Enabling and informing risk-based decisions

The Government People Group exists to work with departments, professions, and functions to build a modern, effective Civil Service.
We support the government workforce with the right skills and capability. We are working with leaders to get the right people in the right jobs, with the right skills and continuous learning to excel in their roles.
We provide leadership, and in turn, create leaders with exceptional line management capability across departments, influencing partners in the wider public sector and beyond. This involves getting our retention and reward strategy right, to nurture specific skills, and create pride and resilience in our workforce.
Our role is also to provide system leadership across central government in pulling together back office services. Collectively, we help support the Cabinet Office’s priority to drive efficiencies, and reforms that will make government work better, to ultimately provide a better service to the public.
GPG Platforms, Data and Interoperability (PD&I) Directorate is at the forefront of providing first-class platforms and services for over 400,000 civil servants, covering recruitment, data analysis, skills, and learning solutions. As a crucial part of the team, you'll be reporting to the Head of Architecture Services, contributing to the development and innovation of shared service platforms within the government.

Alongside your salary of £53,400, Cabinet Office contributes £14,418 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
+ Learning and development tailored to your role.
+ An environment with flexible working options.
+ A culture encouraging inclusion and diversity.
+ A Civil Service Pension which provides an attractive pension, benefits for dependants and average employer contributions of 27%.
+ A minimum of 25 days of paid annual leave, increasing by one day per year up to a maximum of 30.