Senior Information and Cyber Security Risk Analyst

Details
-----------

Reference number

463390

Salary

£43,765 \- £53,220
SEO \- National: £43,765 \- £48,375; London: £47,785 \- £53,220 (pro\-rata for part\-time hours)

This vacancy is offered on the Government Digital and Data Framework and can include an allowance of up to £6,650\.
A Civil Service Pension with an employer contribution of 28\.97%
GBP

Job grade

Senior Executive Officer### Contract type

Permanent### Business area

DESNZ \- Integrated Corporate Services \- Operations### Type of role

Security### Working pattern

Flexible working, Full\-time, Job share, Part\-time### Number of jobs available

1
Contents
------------

• Location


• About the job


• Benefits


• Things you need to know


• Apply and further information

Birmingham, Bristol, Cardiff, Darlington, Edinburgh, London, SalfordAbout the job
-----------------

Job summary

ICS

The Integrated Corporate Services (ICS) is a shared corporate service. It provides corporate services (HR, Finance, Digital, Commercial, Security and Estates) across the Department for Energy Security \& Net Zero (DESNZ) and the Department for Science, Innovation \& Technology (DSIT).

Our team of over 400 professionals will be leading the way in how these functions will be delivered in the future. Our ambition is to be the leading provider of integrated corporate services for government and set the standard for quality, efficiency, and innovation in our field.

We offer great working benefits including a world\-class pension, flexible working options and a career where your learning and development is taken seriously. We are enormously proud to be a Disability Confident Leader employer. We support candidates with adjustments throughout our recruitment process. Information about disability confidence and just some examples of the adjustments that you can request can be found in the reasonable adjustment section below.

The Civil Service is committed to attract, retain and invest in talent wherever it is

found. To learn more please see the Civil Service People Plan and the Civil Service D\&I Strategy.

Find Out More

You can also follow our LinkedIn Careers Page: https://www.linkedin.com/showcase/desnz\-careers/

Job description

The Role and Our Team

Are you interested in joining a high performing team of security professionals? If you are ready to challenge yourself and become a member of a specialist security team, then we have a great opportunity for you. We need an organised, proactive and flexible individual to provide Information and Cyber Security Risk Management and Assurance functions across two departments — the Department for Energy Security \& Net Zero and the Department for Science, Innovation \& Technology — and within the Departmental Security Unit (DSU), including support to Arm’s Length Bodies. While some elements of this role can be delivered remotely, the successful candidate will be expected to work from our contracted office a minimum of 40\-60% of their time.

The Senior Cyber Advisor provides senior, cross\-cutting information and cyber security advice across ICS, partner departments and Arm’s Length Bodies (ALBs).

Operating above practitioner level, the role blends technical understanding, policy application, assurance delivery and stakeholder engagement, supporting secure, risk\-based decision\-making and the effective implementation of government security standards.

The post holder will lead defined areas of security work, support delivery of the GovAssure process, manage and maintain security policy, line manage staff, and act as part of the cyber duty officer rota.

This vacancy is being offered on the Government Digital and Data Framework and can include an allowance of up to £6,650 over time depending on skills, qualifications, and experience. Further details on the framework can be found on https://ddat\-capability\-framework.service.gov.uk/role/security\-architect

Person specification

Key Responsibilities

Senior Cyber \& Information Security Advisory
•

Provide authoritative advice on cyber and information security risks affecting systems, services, programmes and suppliers.
•

Translate technical security issues into clear, proportionate advice for non\-technical stakeholders.
•

Support senior decision\-makers by articulating risks, impacts and mitigation options clearly and defensibly.

GovAssure \& Assurance Support
•

Support planning, coordination and delivery of GovAssure activity.
•

Review assurance artefacts and supplier responses.
•

Act as an assurance interface between delivery teams, ALBs and governance forums.

Secure by Design Implementation
•

Promote Secure by Design principles across delivery.
•

Support implementation and remediation of security controls.

Policy Management \& Maintenance
•

Support development, maintenance and review of information and cyber security policies.
•

Interpret policy and ensure pragmatic application.
•

Monitor adherence and identify improvement opportunities.

Stakeholder Engagement
•

Act as a trusted advisor to ALBs and programme teams.
•

Represent the security function in governance forums.

Leadership \& Line Management
•

Line manage up to 2 x HEO.
•

Lead defined work areas and contribute to team capability.

Duty Officer Responsibilities
•

Participate in the cyber duty officer rota.
•

Support incident triage and escalation.

As a line manager, you will be responsible for working with your members of staff to define their objectives, as well as managing their development and performance.

Essential Criteria

• Strong knowledge of cyber and information security principles.
•

Familiarity applying government security policy and standards.
•

Proven stakeholder engagement skills.
•

Experience leading work and/or managing staff.
•

Sound judgement in balancing risk and delivery needs.

Desirable Criteria

• Experience supporting GovAssure.
•

Familiarity with NCSC guidance.
•

Experience maintaining security policies.
•

Incident response or duty officer experience.

Behaviours

We'll assess you against these behaviours during the selection process:

• Delivering at Pace


• Managing a Quality Service


• Making Effective Decisions

Technical skills

We'll assess you against these technical skills during the selection process:

• Competency 1: Analysis Level: working


• Competency 2: Communication (security architect) Level: practitioner


• Competency 3: Security technology Level: working

Alongside your salary of £43,765, Department for Energy Security \& Net Zero contributes £12,678 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
The Department for Energy Security and Net Zero offers a competitive mix of benefits including:

• A culture of flexible working, such as job sharing, homeworking and compressed hours.


• Automatic enrolment into the Civil Service Pension Scheme, with an employer contribution of 28\.97%.


• A minimum of 25 days of paid annual leave, increasing by 1 day per year up to a maximum of 30\.


• An extensive range of learning \& professional development opportunities, which all staff are actively encouraged to pursue.


• Access to a range of retail, travel and lifestyle employee discounts.

The Department operates a discretionary hybrid working policy, which provides for a combination of working hours from your place of work and from your home in the UK. The current expectation for staff is to attend the office or non\-home based location for 40\-60% of the time over the accounting period.

• A hybrid office/home based working model where staff will spend a norm of 40\-60% of their time in the office (minimum of 40%) over a month with flex dependent on balancing business and individual need.

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.### Selection process details

This vacancy is using Success Profiles , and will assess your Behaviours, Experience and Technical skills.
Applications will be sifted on CV.

In the event of a large number of applicants, applications will be sifted on the CV only.

The interview will consist of behaviour and technical questions.

Link to the technical/professional competency framework that candidates will be assessed against, for their reference: https://ddat\-capability\-framework.service.gov.uk/role/security\-architect

Sift and interview dates to be confirmed.

A reserve list of candidates may be kept for up to 12 months.

Further Information

Reasonable Adjustment

We are proud to be a disability confident leader and we welcome applications from disabled candidates and candidates with long\-term conditions.

Information about the Disability Confident Scheme (DCS) and some examples of adjustments that we offer to disabled candidates and candidates with long\-term health conditions during our recruitment process can be found in our DESNZ Candidate Guidance. A DESNZ Plain Text Version of the guidance is also available.

We encourage candidates to discuss their adjustment need

This listing is from indeed. View original listing ↗