Job Summary
Addressing cyber risk is a top priority for the MOD. In response to the growing global threat, the Royal Navy (RN) is about to implement a major cyber transformation programme, so this is a great opportunity for strong cyber professionals with excellent communication and influence skills to be part of an exciting and challenging change programme.
The Head of Cyber Governance, Risk and Compliance role is key to identifying, understanding and advising upon the mitigation of RN Cyber Risk. You will oversee the generation and analysis of cyber risk metrics, used to support investment decisions and target security culture education and awareness campaigns.
As a Civil Servant, working in the MOD, you’ll also have access to our range of excellent benefits, including flexible working, great discount schemes, generous leave allowance and a market-leading Civil Service pension.
This post is eligible for a Digital Skills Allowance of up to £18,000 per annum. Eligibility for this allowance will be assessed at interview against 4 core technical skills only and reviewed annually in line with MOD policy.
Passionate about using your skills to make a critical difference? Your next career move could be here.
This position is advertised at 37 hours per week.
Job Description
In this role, you’ll provide thought-leadership and insight to enable Navy operations and outputs, to be appropriately secure and resilient. You’ll need to understand Navy’s compliance against standard cyber security frameworks, as defined by MOD. You’ll engage proactively with stakeholders across Navy Command, in the governance of cyber security risk, developing an understanding of compliance levels and ensuring cyber risks are under effective management.
You’ll lead a team, developing the core skills and expertise, so that they can develop and maintain a wider understanding of cyber risks and capabilities, across RN’s complex and challenging environments.
Responsibilities Will Include
1. Own the governance, risk, and compliance (GRC) aspects of cyber security within Navy Command.
2. Ensure that a suitable control framework is in place to manage security and technology risks within appetite. Covering areas, including policies & standards, supply chain risk, operational risk, user education and operational resilience / business continuity oversight.
3. Act as the subject matter expert regarding security and technology compliance requirements and standards, including NIST and ISO27001.
4. Ensure security and risk consultancy is provided to support business activities.
5. Share subject matter expertise and support the wider Navy Digital Team and business stakeholders.
6. Line management of several direct reports within the team. Resource management across the team, ensuring that the relevant workload is delivered as agreed.
7. Carry out cyber security assurance on RN Capabilities and the supply-chain risk.
8. Maintain personal skills in the context of technology, GRC, best practices and the strategic direction of Navy Command.
9. Support the development of mechanisms to drive continuous improvement and encourage the sharing of best practice.
10. Maintain close liaison with key stakeholders across Defence and other government departments, to support wider policy activities.
11. Deputise for the Chief Information Security Officer (CISO) when required.
Person specification
This senior leadership role will require excellent communication and influencing skills and experience. In addition, individuals should have relevant skills and experience in at least one of the following areas: information security governance and management, risk assessment and information risk management, technical security architecture or Information and Communication Technology (ICT) assurance.
We are committed to encouraging and enabling our staff to develop in and above their role and we will support you in undertaking further learning and development opportunities, within your designated field and beyond. Wherever possible, we will provide upskill learning options and further training to support your continuous professional development.
Desirable Qualifications, Accreditation, Memberships Or Skills
1. Certificate in Information Security Management Principles (CISMP)
2. Certified Information Security Systems Professional (CISSP)
3. Certified Cyber Professional (CCP)
4. Membership of CIISP, CIISec, BCS or recognised equivalent
Ideally, You’ll Have The Following
1. The ability to build long term relationships with key internal and external stakeholders.
2. Highly effective networking and the ability to advise and influence people.
3. Experience of leading and managing a team.
4. Ability to communicate effectively to a variety of audiences, synthesising information to portray key messages and facilitate effective decision making.
This post is eligible for a Digital Skills Allowance of up to £18,000 per annum. Eligibility for this allowance will be assessed at interview against 4 core technical skills only and reviewed annually in line with MOD policy.
This job role may be suitable for hybrid working, which is an informal, non-contractual and voluntary arrangement, blending a balance of attendance in the workplace (your permanent duty station, which is based on business assessment of where the work is best done) and working from home as a personal choice (if the role is suitable for this). If you are successful, any opportunities for hybrid working will be discussed with you prior to you taking up your post.
Dependent on the business need, there may be a requirement to travel to meetings within the UK (or potentially occasional overseas visits).
If not already held, successful candidates will be required to undergo DV clearance. Please note this position is open to sole UK Nationals only.
Behaviours
We'll assess you against these behaviours during the selection process:
1. Changing and Improving
2. Leadership
3. Communicating and Influencing
Technical skills
We'll assess you against these technical skills during the selection process:
1. Information risk assessment and risk management
2. Applied security capability
3. Protective security
4. Threat understanding
Benefits
Alongside your salary of £70,540, Ministry of Defence contributes £20,435 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
#J-18808-Ljbffr