Contents Location About the job Benefits Things you need to know Apply and further information Location The Drinking Water Inspectorate is an independent regulator within Defra and has a landing area in 2 Marsham Street which is rechargeable to the water industry. Generally, employees are employed based on working in London, however we support flexible working. About the job Job summary The Drinking Water Inspectorate (DWI) is the independent regulator of drinking water quality in England and Wales. Established by Parliament in 1990, the strategic objective is to protect public health and maintain public confidence by securing safe and clean drinking water, now and for future generations. The powers and duties under which the Inspectorate operates are established in legislation and are wide-ranging, covering all aspects of the quality and sufficiency of water together with duties in regard of network and information systems of public water supplies as delegated by the Secretary of State and Welsh ministers. Statutory duties in relation to private supplies for the provision of technical advice to local authorities and the authority of appeal are provided on behalf of the Secretary of State and Welsh ministers. The Inspectorate produces its own independent reports for ministers in both England and Wales; reporting on the operational performance of the water companies that it regulates in both countries, and on the performance of local authorities in their duties with respect to private water supplies. These cover assessment of the results of monitoring of drinking water supplied by the water companies month by month; investigation of notified events; and site visits and meetings with companies to audit technical operating practices, procedures and policies for compliance with regulation and enforcement notices. In addition to the statutory function, further non-statutory functions are provided, including an evidence programme; consumer and media advice on information about drinking water safety and regulation as well as the running of an independent website. Job description The Network and Information Systems Regulations (NIS) (2018) extended the original Drinking Water Supply regulations to include greater emphasis on the security and reliability of information systems which control drinking water production or delivery, with particular regard to the modern-day threat of cyber security. The main responsibility of the DWI NIS team is to ensure that the 17 drinking water companies in England and Wales (that are currently within scope of the NIS regulations) take appropriate and proportionate technical and organisational measures to manage any risks posed to the security of their network and information systems. This includes the cyber and physical security of assets on which their essential service of drinking water provision relies. The Inspectorate regularly needs to respond to an evolving risk picture, or incidents which impact on the water network. Therefore the post holder will need to be flexible and able to adapt quickly to changing work priorities and may be required to participate in the Inspectorates response to a security incident. This may include out of hours working on occasion, but the Inspectorate makes every effort to allow for individual personal circumstances and offers a range of flexible working options including remote working and some working from home. Evaluation of annual self assessments by Operators of Essential Service (OES) against the Cyber Assessment Framework. Logging and assessment of any reported incidents from the sector. Scoping of, preparation for and completion of verification audits with selected OESs. Making recommendations regarding any enforcement action that might be required to address gaps in compliance. Preparation of new and revision of existing guidance for OES on meeting the requirements of NIS. Preparation of the annual reports on compliance against NIS and the activities of the Inspectorate in England and Wales for Ministers. Routine liaison with Inspectorate colleagues, Defra, Welsh Government and OESs. Contribution towards regular internal performance and financial reports. Person specification The role requires a candidate to drive continuous improvements in cyber resilience across the drinking water sector and on an interpersonal level, the post holder should have an enquiring mind with good communication and influencing skills and the ability to make effective decisions. NIS Inspectors are involved in a wide range of tasks which includes the evaluation of technical information about the operation and monitoring of network and information systems (Information Technology and Operational Technology) used for drinking water production. Inspectors will be expected to use their technical expertise to drive continuous improvement in the sector and to ensure that each company complies with their regulatory obligations. Companies carry out a self-assessment using the NCSC Cyber Assessment Framework (CAF) which each company is required to submit to the Inspectorate annually. Inspectors will review the self-assessment reports from each company to verify the evidence behind the conclusions, together with their improvement plans, project milestone reports, improvement notice updates, capital investment plans, audit reports, and technical risk assessments. It is the role of the Inspector to verify any shortfalls in company performance or non-compliance with the NIS regulations appropriately and the plans to address them. Supported by the Principal Inspector, Inspectors will be required to carry out enforcement activity when required. The enforcement process involves an escalation process of liaison, guidance and advice, moving to formal requests (Notices) for information, through Notices to legally require system improvement, to Penalty Notices for non-compliance of up to £17m. The Inspector will also be assigned company incident reports, which will require audit and assessment against the regulatory requirements as part of the role. Occasional flexibility may be required to attend site or participate in an emergency incident response. Inspectors are responsible for the quality and content of regular liaison meetings (quarterly) which take place with each water company in person and on MS Teams. Quality records need to be maintained to demonstrate a real time view of company progress and the quality of engagement. On an interpersonal level, the post holder should have an enquiring mind with good communication and influencing skills and the ability to make effective decisions. The Inspector will engage regularly with stakeholders such as NCSC, Defra Security, DSIT, other Competent Authorities. The NIS Inspector will deliver the audit plan as set by the Principal Inspector which will include a variety of in person and desk top audits, as well as third party assisted audits using contractors, where necessary. The work of the Inspector will by supported by the NIS Team Performance Analysts who will use internal and external data sources to track company and sector performance, projects, notice completion and milestones as well as threat and vulnerability reports. The Inspector will be required to interpret this data to produce reports for Ministers and Senior Stakeholders in addition to their regulatory activity. The Inspectorate offers any successful candidates relevant world class training courses in cyber security and operational technology as part of a tailored personal development plan. Additionally, the post holder will be expected to be proactive in maintaining and expanding their knowledge as technology and cyber risks presented to water supply evolves. Candidates should be aware that there is an additional requirement for: Time and project management skills in order to deliver the audit programme to schedule. Technical knowledge of water supply and/or cyber security. Experience within water industry, cyber security or working for a regulator. A tertiary level qualification in a subject related to water supply or cyber security. Knowledge of effective governance of risk assessment and mitigation systems. Ability to communicate and collaborate successfully with a range of stakeholders and colleagues. Good IT skills with familiarity with software such as Excel and Power BI. Licences As travelling is an integral part of the job, often to areas not served by public transport, candidates should have a valid driving licence. Qualifications A tertiary level qualification and/or significant experience in a subject related to water supply, industrial control systems or cyber security. Memberships Successful candidates will be expected to hold, or already be working towards, chartership with a relevant professional body. Behaviours We'll assess you against these behaviours during the selection process: Changing and Improving Making Effective Decisions Managing a Quality Service Seeing the Big Picture We only ask for evidence of these behaviours on your application form: Changing and Improving Benefits Alongside your salary of £41,220, Department for Environment, Food and Rural Affairs contributes £11,941 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. Learning and development tailored to your role. An environment with flexible working options. A culture encouraging inclusion and diversity. A Civil Service pension with an employer contribution of 28.97%. Things you need to know Selection process details This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Strengths and Experience. Application Process As part of the application process you will be asked to complete: A name-blind (anonymous) CV with details of your full job history, experience and qualifications. 1 x Behaviour Statement (250 word max). Personal Statement. Please use the Personal Statement (750 word max) to set out your reasons for applying for the role of an Inspector Network and Information Systems (Cyber Security). Please detail your experience and explain how your current skills are transferable. Further details around what this will entail are listed on the application form. Sift Should a large number of applications be received, an initial sift may be conducted using the CV. Candidates who pass the initial sift may be progressed to a full sift or progressed straight to assessment/interview. Sift and interview dates to be confirmed. Interview If successful at application stage, you will be invited to interview where you will be assessed on behaviours, strengths and a written exercise. The written exercise needs no prior preparation and is used to measure an applicant's experience in the water industry/cyber security. A presentation or additional exercise may also be assessed. Interviews to be held remotely by MS Teams. Location As part of the pre-employment process for this post, successful candidate(s) will be able to agree a contractual workplace from those locations listed in this advert. The agreed contractual workplace is then the substantive and permanent place of work for the successful candidate(s). Where the location is National the successful appointee should discuss and agree an appropriate contractual location in line with both Defras location policy and site capacity, prior to proceeding with pre-employment processes. Successful applicants currently employed by the hiring Defra organisation for this post may choose to remain in their current contractual location or may choose to change contractual location to one of those listed above. This should be discussed and agreed prior to proceeding with pre-employment processes. The agreed amount of time spent at a workplace for this post will reflect the requirement for Civil Servants to spend at least 60% of their working time in an organisation workplace with the option to work the remaining time flexibly from home. Working time spent at a workplace may include time spent at other organisational locations including field-based operational locations, together with supplier, customer or partner locations. This is a non-contractual agreement which is consistent with common Civil Service expectations. Travel costs to non-contractual workplaces will be subject to departmental travel and subsistence policies. Travel costs to contractual workplaces are the responsibility of the employee. The successful candidate is required to carry out all their duties from a UK location, and cannot do so from an overseas location at any time. Defra includes the core department, APHA, RPA, Cefas and VMD. Reserve List A reserve list may be held for a period of 12 months from which further appointments can be made. Merit Lists Where more than one location is advertised, candidates will be posted in merit order by location. You will be asked to state your location preference on your application. Salary New entrants to the Civil Service are expected to start on the minimum of the pay band. The internal roles rules apply to existing Civil Servants, i.e. level transfers move on current salary or the pay range minimum, transfers on promotion move to new pay range minimum or receive 10% increase. Either case is determined by whichever is the highest. Visa Sponsorship Statement Please take note that Defra does not hold a UK Visa & Immigration (UKVI) Skilled Worker License sponsor and are unable to sponsor any individuals for Skilled Worker Sponsorship. Criminal Record Check If successful and transferring from another Government Department, a criminal record check may be carried out. In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf. However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grscabinetoffice.gov.uk stating the job reference number in the subject heading. Reasonable Adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should: Contact Government Recruitment Service via defrarecruitment.grscabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs. Complete the Assistance required section in the Additional requirements page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if youre deaf, a Language Service Professional. Accessibility If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section. Internal Fraud Database Check Applicants who are successful at interview will be, as part of pre-employment screening subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicants details held on the IFD will be refused employment. A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5-year period following a dismissal for carrying out internal fraud against government. NSV For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting Childcare Vouchers Any move to Defra from another employer will mean you can no longer access childcare vouchers. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This job is broadly open to the following groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Apply and further information This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window). Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job contact : Name : Business Performance Unit - Drinking Water Inspectorate Email : dwi.enquiriesdefra.gov.uk Telephone : 03300416501 Recruitment team Email : defrarecruitment.grscabinetoffice.gov.uk Further information If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, in the first instance, you should contact: Government Recruitment Services via email: defrarecruitment.grscabinetoffice.gov.uk If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission: https://civilservicecommission.independent.gov.uk/contact-us/ to visit Civil Service Commission. Share this page Print Email Facebook Twitter LinkedIn GMail