Cyber Security Adviser

at  Ministry of Defence

JOB SUMMARY

The Ministry of Defence (MOD) Head Office, accommodated in Main Building, MOD’s flagship headquarters, provides the Department of State function and political and military strategic direction for the MOD.
This is an exciting new role within the Director Head Office business area, specifically within the Safety, Security, Business Resilience, Technology and Accommodation (SSBRTA) business unit. The main purpose is to oversee the safety, security and resilience of MOD Main Building, ensuring that staff within MOD Main Building can continue to deliver critical Defence outputs, in all foreseeable circumstances.
We are looking for an enthusiastic individual to work in the Head Office Cyber Security team, working across the whole of Defence, to deliver cyber security advice and support.
This position is advertised at 37 hours per week and attracts London Weighting. A Recruitment and Retention Allowance (RRA) of up to £9k per annum may be payable with this post, paid in increments upon reaching the required level of competence.
This allowance is not permanent, it is subject to an annual review to confirm whether there is a continuing business need, it can be increased, reduced or withdrawn at any time.
You will be expected to attend the office a minimum of 3 days per week.

JOB DESCRIPTION

As part of the Head Office Cyber Security team you will be required to implement Head Office’s response to Defence’s Cyber Security Strategy and Resilience programme. You’ll be involved in the work to understand Head Office’s Cyber security and resilience risk, ensuring the effectiveness of proposed mitigation against an evolving cyber threat. You’ll provide advice and guidance on Secure by Design (SbD), ensuring Head Office business units are compliant with MOD policy and lead on the implementation of Cyber Compliance Framework activities, driving forward improvements as required.
Liaising with the Head Office System Owners, the Directorate of Cyber Governance, Risk and Compliance, Defence Digital and other key stakeholders, you’ll ensure we are coherent with wider Departmental work / objectives. You’ll represent the Cyber Team at departmental meetings, which may include attending the Cyber Resilience Oversight Board.
You may also be required to support the Principal Security Adviser and Security and Resilience Ops Lead to manage cyber security and resilience incidents. This may include managing crises that disrupt, or have the potential to disrupt, business in Main Building.

QUALIFICATIONS

Qualifications:

The following qualification and experience are required for this role:

• UK relevant Level 3 qualifications.
• Relevant UK industry qualifications/accreditations e.g. Certified Information Systems Security Professional, Certified Information Security Management Principles, ISO 27001, etc.

OR

• Relevant HM Government qualifications or accreditations e.g. NCSC Certified Cyber Professionals (CCP), etc.

TECHNICAL SKILLS

We’ll assess you against these technical skills during the selection process:

• Information risk assessment and risk management - practitioner level
• Protective security - working level
• Threat understanding - working level

Benefits

Alongside your salary of £36,530, Ministry of Defence contributes £10,582 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an employer contribution of 28.97%
• Free on site gym
• Restaurant and Coffee shop

The post does not offer relocation expenses.
External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.
Please Note: Expenses incurred for travel to interviews will not be reimbursed.
Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.
Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.
The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.
MOD Recruitment Satisfaction Survey – We may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Policy Notice sets out how we will use your personal data and your rights.
Things you need to know

TECHNICAL SKILLS

At interview: We’ll assess you against these technical skills:

• Information risk assessment and risk management (Practitioner)
• Protective security (Working)
• Threat understanding (Working)

The Government Security Profession Career Framework and the Cyber Security role used in this vacancy can be found at: Government Security Profession career framework.
The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk .
As a result of the changes to the UK immigration rules which came in to effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical. This role does not meet that category and we will not sponsor a visa. It is therefore NOT open to applications from those who will require sponsorship under the points based system.
Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn.
Feedback will only be provided if you attend an interview or assessment.

NATIONALITY REQUIREMENTS

Open to UK nationals only.

RESPONSIBILITIES INCLUDE:

The Cyber Security Adviser will work closely with Cyber Security lead to perform following responsibilities.

• Support Head Office (HO) IT systems and system owners in preparation for Cyber Compliance framework (CCF) audits based on NCSC and NIST framework to ensure security practices are compliant and overseeing any remedial activity.
• Support HO governance structures to manage all cyber security risks and maintain up to date cyber risk register.
• Act as cyber security support consultant and Security Assurance Coordinator (SAC) with respect to any new IT projects, ensuring that Secure by Design (SbD) is embedded in system design and configuration from the outset.
• Provide assurance support to Head Office, Defence Digital and Cyber Defence & Risk by supporting risk assessments and cyber vulnerability assessments with system owners and Defence Digital.
• Liaise relevant Cyber and Security Incident teams to support and response to Head Office cyber security incidents.
• Arrange meeting with HO’s System Owners as required and maintain cyber meeting minutes note.
• Monitor Daily cyber security communications group mailbox to maintain constant awareness.

The following qualification and experience are required for this role:

• UK relevant Level 3 qualifications.
• Relevant UK industry qualifications/accreditations e.g. Certified Information Systems Security Professional, Certified Information Security Management Principles, ISO 27001, etc