JOB SUMMARY

Are you ready to work in one of the most interesting cyber security environments and share your experience to support national security?

ABOUT US:

Defence Digital ensures our Armed Forces remain among the most technologically advanced in the world. We do this by putting innovative and effective technology into the hands of over 200,000 users, from the boardroom to the front line.
We lead on cutting-edge data science, automation, and cyber security at scale. Our mission goes beyond the battlefield by leading humanitarian efforts and driving digital innovation that impacts lives across the globe.

Defence Digital forms part of Strategic Command which manages the MOD’s joint capabilities for the Army, RAF, and Royal Navy.

• Watch to find out more about what we do.

Passionate about using your skills to make a critical difference? Your next career move could be here.
This position is advertised at 37 hours per week.

JOB DESCRIPTION

The Cyber Risk Insights Lead position sits within the Cyber Compliance, Insights and Exploitation Team (CCIX), in the Cyber Defence and Risk Directorate (CyDR), developing and maintaining a wider understanding of cyber risks of our existing systems, by reporting on critical insights from system and strategic gaps and issues. Drawing in audit information and various MOD data sources, the team is responsible for helping senior stakeholders to plan on cyber risks, across Defence’s complex and challenging environments.
In this role, you’ll be supporting upward reporting and briefings, regarding compliance and metrics and insights, to enable seniors (all the way up to the Defence Board) to make informed prioritisation and investment decisions. You’ll play an important part in the development of Defence’s metrics across all systems, providing analysis and deriving insights to further the understanding of existing systems and their vulnerabilities.
As a result, you’ll develop a wider understanding of these systems, across a complex environment of inter-related IT projects, programmes and initiatives, identifying possible gaps and issues. You’ll also participate in Cyber Compliance Framework / Government Assurance audits, to derive useful metrics across system Defence Wide Audits, to aid in decision making for Cyber risk.
You’ll also support the pan-Defence Digital Enterprise, in aligning metrics and insights and compliance to the Defence Boards risk priorities and themes, aiming to evidence changes to our understanding of Defensive cyber risk.

TECHNICAL SKILLS

We’ll assess you against these technical skills during the selection process:

• Information risk assessment and risk management
• Applied security capability
• Protective security
• Threat understanding

Benefits
Alongside your salary of £44,590, Ministry of Defence contributes £12,917 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Our benefits include:

• Learning and development tailored to your role with a dedicated minimum of 5 days per year.
• 25 days paid annual leave rising (by 1 day per year) to 30 days upon completion of five years’ service.
• Ability to roll up to 10 days annual leave per year.
• In addition to eight public holidays per year, you will also receive leave for HM The King’s birthday.
• A Civil Service pension.
• Parental and Adoption Leave.
• Discounts on a range of services within and external to the civil service – Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, Company discounts with Virgin, Vodafone, and Microsoft Office.
• In year rewards and ‘thank you’ schemes such as vouchers and gift cards.
• A culture encouraging inclusion and diversity.
• Find out more here - Discovermybenefits.

EQUALITY AND DIVERSITY

Our people are at the heart of everything we do at Defence Digital. It’s vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so we’re proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please just let us know in your application or at any stage throughout the process if this is something you want to explore.
Defence Digital operates an organisation model in which every individual belongs to a Government Profession. The successful applicant will be posted into one of the defined Government Professions on Standard Terms of Reference for the grade. Defence Digital reserves the right to move individuals between roles, within their allocated profession, to meet the needs of the business and in support of agile resourcing.
Please Note: Expenses incurred for travel to interviews will not be reimbursed.
Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.
The post does not offer relocation expenses.
External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.
Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.
The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.
MOD Recruitment Satisfaction Survey – We may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Policy Notice sets out how we will use your personal data and your rights.
Things you need to know

TECHNICAL SKILLS

• Information risk assessment and risk management
• Applied security capability
• Protective security
• Threat understanding
  The Government Security Profession Career Framework and the Cyber Security Advisory - Risk Manager Lead role used in this vacancy can be found at: Government Security Profession career framework.
  The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk .
  As a result of the changes to the UK immigration rules which came in to effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical. This role does not meet that category and we will not sponsor a visa. It is therefore NOT open to applications from those who will require sponsorship under the points based system.
  Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn.
  Feedback will only be provided if you attend an interview or assessment.

NATIONALITY REQUIREMENTS

Open to UK nationals only.

RESPONSIBILITIES

• Chair, lead and actively participate in working groups, to represent the CCIX team in CyDR and engaging with internal departments, other Government departments, and industry partners.
• Lead and align the technical development to evolve the current list of critical insights and metrics and develop meaningful reporting, through a variety of tools utilising Power BI, Microsoft Excel and PowerPoint, aiming to evidence changes to our understanding of Defensive cyber risk.
• Report and present written and verbal findings to operational and senior audiences, both routinely (including quarterly Defence Board and Cyber Resilience Oversight Board) and for ad hoc requirements.
• Innovate and explore future methods of data analytics and metrics to react to cyber risk.
• Maintain and enhance the Cyber Compliance Framework, engaging and participating in annual Defence wide audits against the Cyber Compliance Framework / GovAssure, working with external industry partners and senior leaders to derive useful metrics and insights.
• Establish a professional network of internal stakeholders, to provision and acquire alternative access to additional metrics and insights and promote knowledge sharing.
• Line management responsibility and mentoring of junior analysts.