Contents Location About the job Benefits Things you need to know Apply and further information Location Southampton About the job Job summary The Information Security (InfoSec) Manager leads a multi-disciplinary team of security specialists responsible for safeguarding the organisation's information, physical assets, personnel, and cyber infrastructure. This team provides internal security consultancy services, ensuring security best practices are integrated throughout projects and operational processes. The Maritime and Coastguard Agency (MCA) implements the governments maritime safety policy in the United Kingdom and works to prevent the loss of life and occurrence of pollution on the coast and at sea. Safer lives. Safer Ships. Cleaner Seas. Our vision is to be a world-leading organisation, accelerating the transition to sustainable shipping with non-negotiable safety standards. We put our people, our customers and our planet at the heart of everything we do. We are committed to giving all our colleagues purpose, professionalism and pride in what we do. We work in supportive, diverse and inclusive teams. We want everyone to feel valued and supported to achieve their potential at MCA. This culture of inclusion is underpinned by our staff networks groups covering, Womens, LGBTQI, Race, Carers, Mental Wellbeing and volunteer Respect Ambassadors. Job description The Information Security Manager will: Lead and manage a team of security specialists with diverse expertise (information, physical, personnel, cyber, technical) to implement continuous improvement activities across the organisations assets. Provide security advice and guidance on a range of subjects, balancing business requirements with strategic and national security objectives Champion the strategic direction for the security team, aligning with the overall security strategy and organisational objectives. Drive a continuous process of identifying security needs, applying appropriate solutions, and verifying ongoing effectiveness of controls to safeguard business priorities. Serve as an authoritative point of escalation and subject matter expertise on a broad range of security topics. For further information about the role and responsibilities, please see the attached role profile. Person specification About You You will need the following experience: Robust knowledge & experience of technical security architecture and security tooling, including protection, prevention, detection, response and recovery solutions Proven experience gathering security requirements, applying appropriate/proportionate security controls in alignment security policy, to address business objectives, with the ability to articulate the residual risk to the business as required Proven experience in risk management including communicating risk to technical and non-technical stakeholders, of varying levels, through varying mediums. Strong understanding of a range of security standards/regulations (ISO 27001, NIST 800, GovS007, UK GDPR etc) across all areas of information security e.g. physical, personnel & cyber, and how these can be applied to deliver effective information security as a multilayering of appropriate/proportionate controls across all areas to minimize impacts of security incidents. Proven knowledge in threat understanding including context, identifying existing or emerging threat to assets and using that to inform security decisions. Additional Information This role will be based in Southampton HQ. MCA supports flexible working and operates a hybrid working model between home and office for this role, giving you greater flexibility over where and when you work. The expectation is that you will spend a minimum 60% of your working time based at your principal workplace or out on official business. Details of the arrangement will be discussed further with your line manager. There may be a requirement for occasional travel on official duty within the UK, which may involve overnight stays. Notice will be given prior to travel. Digital and Data Profession Pay Framework This role is part of the Government Digital and Data profession and utilises an enhanced CapabilityBased Pay Framework which provides access to a Digital and Data allowance. The base pay is £54,857. In addition to this, the role includes a Digital and Data allowance of up to £25,543. The value of allowance awarded will be based on an assessment of your skills and experience as demonstrated through the selection process. Here are more details on the pay framework. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Developing Self and Others Seeing the Big Picture Technical skills We'll assess you against these technical skills during the selection process: Security Architecture (Skill Level: Practitioner) Applied Security Capability (Skill Level: Practitioner) Information Risk Assessment & Risk Manager (Skill Level: Practitioner) Protective Security (Skill Level: Working) Threat Understanding (Skill Level: Working) Benefits Being part of our brilliant Civil Service means you will have access to a wide range of fantastic benefits. We offer generous annual leave, attractive pension options, flexible working, inclusive working environments and much more to support a healthy work/life balance. Click here to get a copy of the MCA Staff Benefits Brochure. Find out what it's like to work at the Maritime and Coastguard Agency. Things you need to know Selection process details This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills. How to Apply As part of the application process, you will be required to complete a CV and a Personal Statement. Further details around what this will entail are listed on the application form. Within your CV and Personal Statement please demonstrate your knowledge and experience of: Technical security architecture and security tooling, including protection, prevention, detection, response and recovery solutions Gathering security requirements, applying appropriate/proportionate security controls in alignment security policy, to address business objectives, with the ability to articulate the residual risk to the business as required Risk management including communicating risk to technical and non-technical stakeholders, of varying levels, through varying mediums. A range of security standards/regulations (ISO 27001, NIST 800, GovS007, UK GDPR etc) across all areas of information security, and how these can be applied to deliver effective information security as a multilayering of appropriate/proportionate controls across all areas to minimize impacts of security incidents. Threat understanding including context, identifying existing or emerging threat to assets and using that to inform security decisions. Your Personal Statement will be limited to a maximum of 1250 words. It is essential when submitting your Personal Statement that you provide as much detail as possible, and utilise the full word count given, against the essential criteria outlined above as this will be used in conjunction with your CV to assess candidate suitability to move to the next round in the recruitment process. Sift and Interview Dates The sift is due to take place from the 06th January 2024. Interviews/assessments will take place from the 20th January 2024. This interview will be conducted via face to face at our Southampton office. Further details will be provided to you should you be selected for interview. We will try to meet the dates set out in the advert. There may be occasions when these dates will change. You will be provided with sufficient notice of the confirmed dates. The selection process will be designed specifically for the role. As a result, your assessment will include: An interview. A presentation / technical assessment. Youre encouraged to become familiar with the role profile, as you may be assessed against any of the criteria recorded within. Reasonable Adjustments As a Disability Confident Leader employer, we are committed to ensuring that the recruitment process is fair, accessible and allows all candidates to perform at their best. If a person with a visible or non-visible disability is substantially disadvantaged, we have a duty to make reasonable changes to our processes. Complete the Assistance required section in the Additional requirements page of your application form to tell us what changes or help you might need during the recruitment process. For instance, you may need wheelchair access at an interview, or if youre deaf, a Language Service Professional. If you need a reasonable adjustment so that you can complete your application, you should contact Government Recruitment Service via dftrecruitment.grscabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs. Document Accessibility If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section. This job advert contains links to the DfT Careers website. Our website provides useful guidance and information that can support you during the application process. If you cannot access the information on our website for any reason, please email DRGCommsdft.gov.uk for assistance. Further Information For more information about how we hire, and for useful tips on submitting your application for this role, visit the How We Hire page of our DfT Careers website. You can find detailed information about the recruitment process and what to expect when applying for a role. Pre-employment Checking Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicants details held on the IFD will be refused employment. A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5-year period following a dismissal for carrying out internal fraud against government. Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This job is broadly open to the following groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Apply and further information This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window). Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job contact : Name : Digital Resourcing Team Email : DigitalResourcingdft.gov.uk Recruitment team Email : dftrecruitment.grscabinetoffice.gov.uk Further information If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, in the first instance, you should contact Government Recruitment Services via email: dftrecruitment.grscabinetoffice.gov.uk If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission: Visit the Civil Service Commission website Here Attachments Role Profile - Information Security Manager Opens in new window (pdf, 171kB) Share this page Print Email Facebook Twitter LinkedIn GMail