Contents Location About the job Benefits Things you need to know Apply and further information Location Bristol, Darlington, Leeds, Manchester, Wolverhampton About the job Job summary Here at the Ministry of Housing, Communities and Local Government. (MHCLG), we work on things that make a real difference to peoples lives. Whether it's through the homes we live in, the work of our local councils, or the communities were all part of, our work is at the top of the political agenda. We have ambitious and far-reaching outcomes to achieve this year and, if youre thinking of joining us, theres never been a more exciting time. We have over 3,500 staff who are based in 20 offices across the UK. As a cyber assurance risk advisor for MHCLG youll sit within the heart of our internal cyber security team, part of the technology function within the digital directorate, who are responsible for cyber security, core IT digital tools, networks, SAP and IT infrastructure/hosting. You will be part of a team that is growing to meet the needs of the Department as it further embraces cloud technologies and products. Cyber is responsible for the overall cyber security of the Departments services, applications and suppliers so has a broad remit and a mission to keep us safe from a variety of threats plus help others build and deliver services securely. We aim to provide high quality digital services using a mix of internal and external teams to deliver evergreen cloud services. Delivering this responsibility comes with a high demand for adoption of new technologies, systems and applications that require security review and scrutiny to ensure the department operates in a safe and secure environment. We particularly welcome candidates from an ethnic minority background and other underrepresented groups to apply, as we work to continually improve our ability to represent the places and communities we support through our work. Find out more about what it's like to work in a digital, data and technology role at MHCLG including our culture, ways of working, career progression and staff benefits. You can also read the MHCLG Digital blog to learn about the work we're doing. Job description The primary responsibility of this cyber role is to review third party suppliers and products, such as SAAS applications, however, will also include occasional involvement in the review of IT systems, services and applications developed or purchased by the department, identifying any security issues, design flaws and making security recommendations in line with industry security best practices and the HMG Security Policy Framework. Supported by our technical teams, architects and engineers you will provide high quality cyber security advice and guidance across all matters relating to proposed digital services, applications and suppliers. As a Cyber Assurance Risk Advisor, youll: analyse security requirements, taking account of both internal and external guidance, policy and regulations assist with developing /promoting information security policies to achieve security outcomes within a defined scope and in line with cross-government policies and the new GovAssure service assist with designing and implementing security awareness campaigns be part of the assurance process, identifying security threats, vulnerabilities and hazards to the departments suppliers, systems, services, or processes to inform risk assessments and design of security features use your increasing knowledge and expertise in assurance to make decisions on the levels of risk the Department is being exposed to and recommendations of how to remediate these within particular systems, suppliers, applications or services support and conduct cyber security risk assessments, cyber security audits and cyber security incident management support cyber security operations processes in accordance with organisational policies and standards and business requirements assist in managing contracts, suppliers or services related to cyber security work with other teams to help them create services that are secure by design promote good cyber security practices across the Department and support product teams to ensure their services continue to be secure as they are run and updated to meet new business requirements Person specification We will use the essential criteria below to evaluate you during the recruitment process. Make sure your CV and cover letter details how you meet the criteria. As a Cyber Assurance Risk Advisor you'll have: demonstrable experience in information security, information assurance, or a related role hold recognised and relevant qualifications. This may include qualifications such as CISMP or ISO27001 Internal Auditor, however this is for a guide only. an understanding of information security principles, concepts, and best practices knowledge of relevant laws, regulations, and industry standards, such as GDPR, NIST, ISO 27001, NCSC Cyber Assessment Framework etc. knowledge of risk assessment methodologies and tools in cyber security familiarity with security principles and technologies for cloud hosted services such as AWS, Azure and SaaS excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders It would be great if youre also keen in developing your cyber security and technical design skills further. We actively support your learning and development in achieving additional qualifications that enhance your skillset. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Communicating and Influencing Delivering at Pace Benefits Alongside your salary of £44,590, Ministry of Housing, Communities and Local Government contributes £12,917 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Selection process details This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Experience. MHCLG want to bring in a diverse workforce at all levels. Our application system is designed to remove as much bias as possible from the recruitment system this means that a hiring manager does not know your name, your details, see your whole application in one go (or have your CV at review stage unless stated otherwise). CV and Cover Letter Declaration We recruit based on your knowledge and skills, and not background, gender or ethnicity - this is called name blind recruitment. Please remove references to your: name/title educational institutions age gender email address postal address phone number nationality/immigration status You will need to merge your CV and covering letter into one document. When submitting your application Applied will ask you to upload a CV, when doing this you should upload your merged document of your CV and covering letter. Most of our campaigns utilise multiple assessors and so it is possible that your application would be viewed by different assessors. In the event that we receive a large number of applications, we may conduct an initial sift using the lead sift question listed in the advert. Candidates who pass the initial sift may be progressed to a full sift, or progressed straight to interview. Lead sift question (Experience) - Confirm you have demonstrable experience relevant to the role, and describe the process you would use to conduct a cyber security assurance review of a third Party SAAS product? At sift, through your CV and covering letter we will be assessing: Experience Technical Your covering letter should be no more than 1 page referencing how you meet the criteria set out in the person specification. The interview will be of a blended nature consisting of the following success profiles elements: Behaviours: Making Effective Decisions, Communicating and Influencing, Delivering at Pace Experience Technical In full the campaign will test the below Success Profile Elements: Experience: Experience will be tested at sift and through interview questions which will be based around the essential skills and criteria as listed in the person specification Technical: Technical will be tested at sift and through interview questions which will be based around the essential skills and criteria as listed in the person specification Behaviours: Making Effective Decisions, Communicating and Influencing, Delivering at Pace We do not consider direct CV applications you must apply for this role via the application link on Civil Service Jobs : Please note that near miss offers may be made at the lower grade to candidates who do not meet the grade criteria for this campaign. Group 1 DDaT roles MHCLG has implemented the DDaT capability framework for Group 1 roles. Applicants that are successful at the sift stage will be required to complete a capability assessment at interview. MHCLG will honour completed capability assessments for this role from other Government Departments for existing Civil Servants. Please provide a copy of your capability assessment to the Hiring Manager when applying. If you have any queries on pay, please contact the Hiring Manager. Salary is determined by performance at interview, within the range advertised. Each experience or technical skill is assessed between 1-3, representing working towards, at or above the job level requirements. You are awarded a proficiency level accordingly, and you will be given opportunities at least once a year to re assess your capability and progress through the pay scale within your grade. An additional digital allowance may be payable depending on level of assessed capability. Candidates moving from another government department have the option to retain their current salary where the principle for implementation is there is no detriment where existing pay exceeds the indicative level. Where individuals are at a lower salary than their assessed level, they will receive an upward adjustment. SEO Group 1 DDaT salary The salary for this role will between £44,590 - £48,509 (National) depending on the proficiency level assessment An additional digital allowance may be payable depending on the level of assessed capability up to £6,665 For applicants in receipt of existing allowances, we will assess each case individually and aim to match the digital allowance implemented with no detriment For existing civil servants, the usual policy on level transfer and promotion will apply and is non-negotiable Please note that the average employer pension contribution is based upon the National minimum salary for this role. Should your agreed starting salary for this role be different, the average employer pension contribution will be calculated accordingly. If you are a Secondee, this will not apply as you will remain on your home organisations terms and conditions. Benefits Transfers across the Civil Service on or after 4 October 2018 : Any move to MHCLG from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk. For further information about the benefits available to MHCLG employees, please see the attached Candidate Pack. Location Wolverhampton Darlington Manchester Bristol Leeds There may be opportunities for candidates to work flexibly depending on the business needs. This will be discussed with the vacancy manager on a case-by-case basis if you are successful for the role. Please note: The Darlington Economic Campus is a pioneering new cross-government hub which will bring together people across departments and public organisations to play an active role in the most important economic issues of the day. The work of the Campus will make a real difference to people both across the UK and internationally. There will be substantial career opportunities and exciting prospects - a career at the Campus means you will be working at the heart of Government, with access to the benefits and fantastic opportunities offered by the civil service. This role is based at MHCLG and we will be joined on the campus by: HM Treasury Department for International Trade Department for Business, Energy and Industrial Strategy Office for National Statistics Department for Education For further information on the DEC, please take a look at the attached DEC candidate pack. Sift and Interview dates Sifting is envisaged to take place from Friday 21/02/2025 with interview dates to be confirmed. All interviews are currently being held remotely via videocall. Reserve List In the event that we identify more appointable candidates than we currently have posts available, we will hold applicant details on a reserve list for a period of 6 months from which further appointments can be made. This may include roles at a lower grade. Candidates placed on a reserve list will be informed of this. Due to the length of time CTC checks can take, our HR Shared Services team will contact reserve list candidates for London based roles to commence CTC checks. Those candidates who do not wish to remain on the reserve list should contact recruitmentlevellingup.gov.uk to be removed from the reserve list. SC (Security Check) : Important note Successful candidates must meet the security requirements before they can be appointed. The level of security needed is Security Check and the process can take up to 8 weeks to complete. Please note that successful candidates will need to pass the Security Check this requires you to have been resident in the UK for the past 5 years. Please refer to the MHCLG Notes on Security Clearance section of our Candidate Pack for further information on Security Check (SC). Candidates should also note that with effect from 1 st August 2018 the department will also check all applicants who are successful at interview, against the Internal Fraud Database (IFD) held by the Cabinet Office. In accordance with the Civil Service Internal Fraud Policy, any applicant who is included on the IFD will be refused employment by MHCLG. Please see the Candidate Pack for further information on the Internal Fraud Database. Before starting your application its very important to make sure that you are eligible to apply and meet the Civil Service nationality requirements. All candidates are expected to read the information provided in the MHCLG candidate pack regarding nationality requirements and rules Candidate Pack Information Please see attached Candidate pack for further information. Internal Fraud Database The Internal Fraud function of the Fraud, Error, Debt and Grants Function at the Cabinet Office processes details of civil servants who have been dismissed for committing internal fraud, or who would have been dismissed had they not resigned. The Cabinet Office receives the details from participating government organisations of civil servants who have been dismissed, or who would have been dismissed had they not resigned, for internal fraud. In instances such as this, civil servants are then banned for 5 years from further employment in the civil service. The Cabinet Office then processes this data and discloses a limited dataset back to MHCLG as a participating government organisations. MHCLG then carry out the pre employment checks so as to detect instances where known fraudsters are attempting to reapply for roles in the civil service. In this way, the policy is ensured and the repetition of internal fraud is prevented. For more information please see- Internal Fraud Register Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This job is broadly open to the following groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Apply and further information Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job contact : Name : Digital Data Jobs Recruitment Team Email : digitaldatajobscommunities.gov.uk Recruitment team Email : digitaldatajobscommunities.gov.uk Attachments 1a. MHCLG Candidate Pack Opens in new window (pdf, 835kB) 1b. Candidate Guidance Opens in new window (pdf, 355kB) 1c. Success Profiles Candidate information Opens in new window (pdf, 936kB) Darlington Economic Campus Career Pathways Opens in new window (pdf, 452kB) Apply at advertiser's site Share this page Print Email Gmail Facebook LinkedIn