Contents Location About the job Benefits Things you need to know Apply and further information Location Portsmouth, PO2 8BY About the job Job summary Addressing cyber risk is a top priority for the MOD. In response to the growing global threat, the Royal Navy (RN) is about to implement a major cyber transformation programme, so this is a great opportunity for strong cyber professionals with excellent communication and influence skills to be part of an exciting and challenging change programme. The Head of Cyber Governance, Risk and Compliance role is key to identifying, understanding and advising upon the mitigation of RN Cyber Risk. You will oversee the generation and analysis of cyber risk metrics, used to support investment decisions and target security culture education and awareness campaigns. As a Civil Servant, working in the MOD, youll also have access to our range of excellent benefits, including flexible working, great discount schemes, generous leave allowance and a market-leading Civil Service pension. This post is eligible for a Digital Skills Allowance of up to £18,000 per annum. Eligibility for this allowance will be assessed at interview against 4 core technical skills only and reviewed annually in line with MOD policy. Passionate about using your skills to make a critical difference? Your next career move could be here. This position is advertised at 37 hours per week. Job description In this role, youll provide thought-leadership and insight to enable Navy operations and outputs, to be appropriately secure and resilient. Youll need to understand Navys compliance against standard cyber security frameworks, as defined by MOD. Youll engage proactively with stakeholders across Navy Command, in the governance of cyber security risk, developing an understanding of compliance levels and ensuring cyber risks are under effective management. Youll lead a team, developing the core skills and expertise, so that they can develop and maintain a wider understanding of cyber risks and capabilities, across RNs complex and challenging environments. Responsibilities will include: Own the governance, risk, and compliance (GRC) aspects of cyber security within Navy Command. Ensure that a suitable control framework is in place to manage security and technology risks within appetite. Covering areas, including policies & standards, supply chain risk, operational risk, user education and operational resilience / business continuity oversight. Act as the subject matter expert regarding security and technology compliance requirements and standards, including NIST and ISO27001. Ensure security and risk consultancy is provided to support business activities. Share subject matter expertise and support the wider Navy Digital Team and business stakeholders. Line management of several direct reports within the team. Resource management across the team, ensuring that the relevant workload is delivered as agreed. Carry out cyber security assurance on RN Capabilities and the supply-chain risk. Maintain personal skills in the context of technology, GRC, best practices and the strategic direction of Navy Command. Support the development of mechanisms to drive continuous improvement and encourage the sharing of best practice. Maintain close liaison with key stakeholders across Defence and other government departments, to support wider policy activities. Deputise for the Chief Information Security Officer (CISO) when required. Person specification This senior leadership role will require excellent communication and influencing skills and experience. In addition, individuals should have relevant skills and experience in at least one of the following areas: information security governance and management, risk assessment and information risk management, technical security architecture or Information and Communication Technology (ICT) assurance. We are committed to encouraging and enabling our staff to develop in and above their role and we will support you in undertaking further learning and development opportunities, within your designated field and beyond. Wherever possible, we will provide upskill learning options and further training to support your continuous professional development. Desirable qualifications, accreditation, memberships or skills: Certificate in Information Security Management Principles (CISMP) Certified Information Security Systems Professional (CISSP) Certified Cyber Professional (CCP) Membership of CIISP, CIISec, BCS or recognised equivalent Ideally, youll have the following: The ability to build long term relationships with key internal and external stakeholders. Highly effective networking and the ability to advise and influence people. Experience of leading and managing a team. Ability to communicate effectively to a variety of audiences, synthesising information to portray key messages and facilitate effective decision making. This post is eligible for a Digital Skills Allowance of up to £18,000 per annum. Eligibility for this allowance will be assessed at interview against 4 core technical skills only and reviewed annually in line with MOD policy. This job role may be suitable for hybrid working, which is an informal, non-contractual and voluntary arrangement, blending a balance of attendance in the workplace (your permanent duty station, which is based on business assessment of where the work is best done) and working from home as a personal choice (if the role is suitable for this). If you are successful, any opportunities for hybrid working will be discussed with you prior to you taking up your post. Dependent on the business need, there may be a requirement to travel to meetings within the UK (or potentially occasional overseas visits). If not already held, successful candidates will be required to undergo DV clearance. Please note this position is open to sole UK Nationals only. Behaviours We'll assess you against these behaviours during the selection process: Changing and Improving Leadership Communicating and Influencing Technical skills We'll assess you against these technical skills during the selection process: Information risk assessment and risk management Applied security capability Protective security Threat understanding Benefits Alongside your salary of £70,540, Ministry of Defence contributes £20,435 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. Our benefits include: Learning and development tailored to your role with a dedicated minimum of 5 days per year 25 days paid annual leave rising (by 1 day per year) to 30 days upon completion of five years service Ability to roll up to 10 days annual leave per year In addition to eight public holidays per year, you will also receive leave for HM The Kings birthday A Civil Service pension Parental and Adoption Leave Discounts on a range of services within and external to the civil service Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, Company discounts with Virgin, Vodafone, and Microsoft Office. In year rewards and thank you schemes such as vouchers and gift cards A culture encouraging inclusion and diversity Find out more here - Discovermybenefits Equality and Diversity Our people are at the heart of everything we do. Its vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so were proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please just let us know in your application or at any stage throughout the process if this is something you want to explore. Strategic Command is going through a significant transformation programme which aims to improve the way the Command conducts its business and delivers for Defence and the nation. As a consequence of this, all posts within Strategic Command Headquarters and in time the wider organisation, are/will be subject to review and potential changes as we continuously improve across the period of the transformation programme. These changes may be minor or could be more substantive and will generate new opportunities. Throughout, the Commands transformation programme is committed to following the MODs framework on managing and supporting people through the change process and places an emphasis on early and open consultation and engagement with the Commands personnel and Trade Unions. Please Note: Expenses incurred for travel to interviews will not be reimbursed. Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts. Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/. The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments. MOD Recruitment Satisfaction Survey We may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Policy Notice sets out how we will use your personal data and your rights. Things you need to know Selection process details This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills. To apply, please complete the CV template provided on the CS Jobs dashboard. The sift will be conducted on your CV, assessed against your relevant skills, knowledge and experience for the role and on your personal statement, assessed against the essential criteria listed below. All applicants will also need to provide a personal statement (max. 1250 words) and it is essential that this includes evidence of the following essential criteria. Each one will be scored 1-7 and make up part of your overall score to assess your suitability to be invited to interview: 1. Describe your experience of managing cyber security governance, risk and compliance aspects within an organisation. 2. Provide an example of when you have shaped and influenced cyber security strategy, policy or processes. 3. Tell us about your ability to create, build and maintain strong working relationships with both internal and external stakeholders. 4. Describe your experience of leading, managing and developing resources, teams and staff. Interviews Well assess you against these behaviours, technical skills & experience during the interview process: Presentation You will be asked to prepare and deliver a 5-minute (max) presentation on a role-related subject. Further details will be sent prior to interview. Behaviours Changing and Improving Leadership Communicating & Influencing Technical Skills Information risk assessment and risk management Applied security capability Protective security Threat understanding The Government Security Profession Career Framework and the Cyber Security Advisory - Risk Manager Principal role used in this vacancy can be found at: Government Security Profession career framework. The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3mod.gov.uk. As a result of the changes to the UK immigration rules which came in to effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical. This role does not meet that category and we will not sponsor a visa. It is therefore NOT open to applications from those who will require sponsorship under the points based system. Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn. Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements Open to UK nationals only. Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Apply and further information This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job contact : Name : Defence Digital Talent Acquisition Team Email : ukstratcomdd-hr-talentacqdelmod.gov.uk Recruitment team Email : DBSCivPers-ResourcingTeam3mod.gov.uk Further information Please ensure you read the attached candidate information document prior to completing your application. If you are dissatisfied with the service you have received from DBS, or believe that DBS has failed to follow the recruitment process in line with the Civil Service Commission principles of selection for appointment on merit on the basis of Fair and Open competition, you can raise a formal complaint by writing to DBS at the following address: Defence Business Services, Scanning Hub, Room 6124, Tomlinson House, Norcross Lane, Blackpool, FY5 3WP. If after raising your complaint with DBS you remain dissatisfied you can complain directly to the Civil Service Commission at the following address:, Civil Service commission, Room G/8, 1 Horse Guards Road, London, SW1A 2HQ Or by email: infocsc.gov.uk Attachments 20230519 - UKStratCom - Candidate Info Pack Opens in new window (pdf, 534kB) MOD Candidate Pack 2024 Opens in new window (pdf, 1562kB) Share this page Print Email Facebook Twitter LinkedIn GMail