Job summary
Here at the Ministry of Housing, Communities & Local Government (MHCLG), .�
Whether it's through the homes we live in, the work of our local councils, or the communities we�re all part of, our work is at the top of the political agenda. We have ambitious and far-reaching outcomes to achieve this year and, if you�re thinking of joining us, there�s never been a more exciting time.�
We have over 3,500 staff who are based in 20 offices across the UK and this Cyber Security role sits in the heart of the Technology team within our Digital Directorate.
Our aim is to provide high quality Digital services for our staff, typically using evergreen cloud services. Delivering this responsibility comes with a high demand for adoption of new technologies, systems and applications that require security review and scrutiny to ensure the department operates in a safe and secure environment that is overseen by centralised security products such as a SIEM, vulnerability scanners and security validation tools.
Security has never been more important in delivering services for our staff and citizens and the Department is committed to meeting the objectives set out in the Government Cyber Security Strategy. Now is an extremely exciting time to join our Cyber team as we use a modern tech stack, specialist external suppliers and a growing number of internal staff to mature our capabilities and deliver Departmental objectives.
We particularly welcome candidates from an ethnic minority background and other underrepresented groups to apply, as we work to continually improve our ability to represent the places and communities we support through our work.�
�including our culture, ways of working, career progression and staff benefits. You can also to learn about the work we're doing.�
Job description
As an Operational Security Manager, you'll:
� provide cyber security advice and guidance to the Department, acting as the Champion and face of the team across numerous forums to enhance and maintain the positive perception and visibility of the Cyber Security Team
� lead on the development and maintenance of Security Policies and associated documentation
� lead on supporting all internal and external stakeholders in the alignment to the Policies and associated documentation
� provide Cyber Security input to governance forums as required, including Change Advisory Boards and Technical Design Authorities
� conduct periodic checks of various technologies and processes across stakeholders in an internal/external audit capacity, subsequently supporting those stakeholders in the development and implementation of remediation plans
� lead on the development and maintenance of the Departments cyber security oversight of, and support to, its ALBs
� lead on the conduct of GovAssure and wider Department alignment to the NCSC CAF
� input to the Cyber Security KPIs and Metrics across all areas of responsibility
� work with the Head of Security Awareness to design and implement cyber security awareness campaigns
� act as the overarching lead, join up and work with other elements of the team to support them in service adoption and improvement across all areas including Secure by Design, Supplier Security, Vulnerability Management and Security Operations Centre (SOC). This may on occasion include directly supporting across these teams where required
� collaborate with, and mentoring of, peers and stakeholders where appropriate
Person specification
We will use the essential criteria below to evaluate you during the recruitment process. Make sure your CV and cover letter details how you meet the criteria.
As an Operational Security Manager, you�ll have:
� significant experience in an Information Security/Assurance related role(s)
� knowledge of relevant laws, regulations, and industry/HMG standards including GDPR, NCSC CAF, Cyber Essentials and ISO27001, with a strong understanding of information security principles, concepts, and best practices
� experience with risk assessment methodologies and tools
� familiarity with security principles and technologies for cloud hosted services such as AWS, Azure and SaaS
� strong knowledge of typical threats and attack vectors with appropriate remediation methods
� excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders
� developed problem solving skills including addressing complex technical security and process challenges that ensure delivery at pace to an appropriate risk appetite
� professional certifications, such as CISSP, CISM, CRISC or equivalent experience
� experience leading deep dives into adherence against processes, policies and procedures that are mandated for suppliers, services and teams to use in delivery of Digital services
Behaviours
We'll assess you against these behaviours during the selection process:
1. Making Effective Decisions
2. Managing a Quality Service
3. Communicating and Influencing
Benefits
Alongside your salary of �56,748, Ministry of Housing, Communities and Local Government contributes �16,439 towards you being a member of the Civil Service Defined Benefit Pension scheme.
4. Learning and development tailored to your role
5. An environment with flexible working options
6. A culture encouraging inclusion and diversity
7. A with an employer contribution of