JOB SUMMARY

Defence Digital ensures our Armed Forces remain among the most technologically advanced in the world. We do this by putting innovative and effective technology into the hands of over 200,000 users, from the boardroom to the front line.
We lead on cutting-edge data science, automation, and cyber security at scale. Our mission goes beyond the battlefield by leading humanitarian efforts and driving digital innovation that impacts lives across the globe.

Defence Digital forms part of Strategic Command which manages the Ministry of Defence’s (MOD) joint capabilities for the Army, RAF, and Royal Navy.

• Watch to find out more about what we do.

Passionate about using your skills to make a critical difference? Your next career move could be here.
This position is advertised at 37 hours per week.

JOB DESCRIPTION

As Deputy Head Cyber Information Incident Management, you’ll collaborate with the Defence Digital J3 Operations function, to ensure that cyber information incidents are managed efficiently and effectively, leveraging the operational expertise and strategic oversight provided by the team.
You’ll brief senior stakeholders within Defence and other government departments, quantifying the severity and impact of information incidents, providing detailed analyses, actionable insights and recommendations, to enhance data protection measures and mitigate future risks.
The Cyber Defence and Risk (CyDR) incident management function is growing rapidly and requires establishment of robust policies and processes, to ensure the consistency required in incident management. You’ll be responsible for defining the team’s remit and securing endorsement from the incident management community.
You’ll oversee the establishment of the Digital Information Security Team, responsible for developing and managing data loss prevention tools for Defence. This team will be created to address previous high-profile incidents where data classification was a key control, mitigate persistent cyber risks, such as the loss and misclassification of Defence data, and implement recommendations from the McIvor Review.
In a time where cyber events against Defence are increasing and data breaches are heavily scrutinised, it will be paramount that you ensure the function is resourced appropriately, to maintain robust data protection measures, responds swiftly to incidents and mitigates potential risks effectively.

TECHNICAL SKILLS

We’ll assess you against these technical skills during the selection process:

• Incident management, incident investigation and response
• Information risk assessment and risk management
• Protective security
• Threat understanding

EQUALITY AND DIVERSITY

Our people are at the heart of everything we do. It’s vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so we’re proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please just let us know in your application or at any stage throughout the process if this is something you want to explore.
Defence Digital operates an organisation model in which every individual belongs to a Government Profession. The successful applicant will be posted into one of the defined Government Professions on Standard Terms of Reference for the grade. Defence Digital reserves the right to move individuals between roles, within their allocated profession, to meet the needs of the business and in support of agile resourcing. Whilst this is a Defence Digital post, the role will be working with Defence Business Services (DBS), based at one of the advertised locations.
Strategic Command is going through a significant transformation programme which aims to improve the way the Command conducts its business and delivers for Defence and the nation. As a consequence of this, all posts within Strategic Command Headquarters and in time the wider organisation, are/will be subject to review and potential changes as we continuously improve across the period of the transformation programme. These changes may be minor or could be more substantive and will generate new opportunities. Throughout, the Command’s transformation programme is committed to following the MOD’s framework on managing and supporting people through the change process and places an emphasis on early and open consultation and engagement with the Command’s personnel and Trade Unions.
The post does not offer relocation expenses.
External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.
Please Note: Expenses incurred for travel to interviews will not be reimbursed.
Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.
Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.
The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.
MOD Recruitment Satisfaction Survey – We may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Policy Notice sets out how we will use your personal data and your rights.

TECHNICAL SKILLS

• Incident management, incident investigation and response
• Information risk assessment and risk management
• Protective security
• Threat understanding
  The Government Security Profession Career Framework and the Cyber Security - Response Principal role, used in this vacancy, can be found at: Government Security Profession career framework (publishing.service.gov.uk)
  The Ministry of Defence requires all candidates who are successful at interview to declare any outside interests. These declarations will be discussed with successful candidates following the interview process and before a formal offer of employment is made, as some outside interests may not be compatible with MOD civilian roles. This will not, in the majority of cases, prevent employment in MOD, but it is a measure that must be taken to ensure that appropriate mitigations can be put in place to manage any potential, perceived or actual conflicts of interest from the first day of employment.
  The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk .
  As a result of the changes to the UK immigration rules which came in to effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical. This role does not meet that category and we will not sponsor a visa. It is therefore NOT open to applications from those who will require sponsorship under the points based system.
  Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn
  Feedback will only be provided if you attend an interview or assessment.

NATIONALITY REQUIREMENTS

Open to UK nationals only.

RESPONSIBILITIES

• Foster collaborative relationships across government and actively represent the team in internal and external forums, to support shared goals and initiatives.
• Lead the CyDR response to cross-domain information security incidents.
• Lead on management of implementing security enhancements, post large scale cyber incidents.
• Line management responsibility, undertaking mentoring, performance management, recruitment and countersigning tasks as required.
• Shape response policies and processes to meet organisational needs and standards, while supporting Defence interventions and fostering a strong information security culture.
• Aggregate and evaluate post-incident feedback to inform board-level reporting on security incidents.
• Oversee the handling and reporting of information security incidents, ensuring full compliance with legal obligations, particularly in cases involving personal data breaches.
• Preparation of responses to Subject Access Requests (SARs), Freedom of Information (FOI) requests, Ministerial Questions (MQs), Parliamentary Questions (PQs) etc. in relation to information security incidents.

We are committed to encouraging and enabling our staff to develop in and above their role and we will support you in undertaking further learning and development opportunities, within your designated field and beyond. If not held already, opportunity will be provided to gain the following qualifications when in post:

• Certified Information Security Management (CISM)
• Certified Information Systems Security Professional (CISSP