Security and Information Risk Advisor to Senior Security and Information Risk Advisor Development Role

UK Hydrographic Office

Apply before 11:55 pm on Sunday 30th January 2022

 

Reference number

179471

Salary

£26,737
£26,737 increasing to £33,287 on successful completion of development plan

Grade

Executive Officer
B3/EO, progressing to B2/HEO on successful completion of development plan

Contract type

Permanent

Business area

UKHO - Technology

Type of role

Digital
Information Technology
Risk Management
Science
Security

Working pattern

Flexible working, Full-time, Job share, Part-time

Number of posts

1

Location

Taunton, Somerset, South West

About the job

Summary

Here at the UK Hydrographic Office we are a leading centre for hydrography, providing marine geospatial data to inform maritime decisions. We work with a wide range of data suppliers and partners to support maritime navigation, safety, security and marine development around the UK and worldwide.

Everything we do is underpinned by our core values: together, responsibility, excellence and discovery. These are the guiding principles that help us work together to achieve our goals.

This role is a great opportunity to progress your career in Cyber Security. In our Cyber team we look for people who are curious. People who consider every possibility, ask questions and always dig deeper. We believe deeply in learning and development. We need people who can adapt quickly to meet new problems, so you’ll need the ability to make effective decisions while delivering at pace. You’ll be expected to contribute towards making changes and improvements, helping to ensure we
maintain a high-quality service. You must be able to see the connections between various areas of work. We also look for colleagues who are open-minded and keen to learn and develop themselves.
21
This post is being advertised as a B3 to B2 development role and is an exciting opportunity for candidates with recent experience in working within an Information Security Team and who can demonstrate a real aptitude and interest in developing their knowledge and skills.

The successful candidate for this role will be given appropriate training, mentoring and support to build their role specific skills/capability, following a defined development plan. For new entrants it is anticipated that this will be undertaken over an 18 month period with Temporary Promotion to the B2 / HEO grade likely after 12 months, dependant on achieving competency / behavioural milestones.

We will support you to take a Level 6 Cyber Security Technical Professional Apprenticeship in this role.



We have a genuine focus on Health & Wellbeing - With mental health awareness trained champions across the business driving a plethora of initiatives, we support and encourage our employees to bring their best selves to work.
We invest in the Development of our people - We have an amazing in-house Learning and Development team who provide a blended learning approach at all levels of your career to get you ready for your next step. The Cyber Security team are a growing team who work in a collaborative way to support

Job description

The post holder will undertake, with support and guidance from the Lead Security and Information Risk Advisor (SIRA), a range of activities in the field of information and cyber security, ranging from analysis of requirements to provision of advice, and risk management. You will be part of the team that ensures that
our Information Systems are designed, built, maintained and used in a secure manner to reduce the risk of a compromise to our valuable information assets. We follow industry best practice along with policy and guidance from HMG and MoD. The team works with both projects and BAU to offer guidance regarding current IT Security policy.

In detail the candidate will focus on:
Information Risk Management: Working in collaboration with delivery teams and projects to:
• Analyse and derive business supporting security requirements.
• Provide advice to address identified Cyber Security related risks by applying of a variety of security tools and techniques, which may include using published guidance and patterns, threat modelling and risk workshops.
• Provide straightforward advice to validate the effectiveness of risk mitigation measures, including an understanding of how to use different assurance activities (such as a pen test) and make recommendations for improvement.

Initially the scenarios will be straightforward, and the advice given will be proportionate and contextualised to the use case. As the post holder gains in experience, they will be exposed to more complex scenarios, including those using novel techniques or requiring the application of nuanced risk mitigation controls.

Change Management: Review change across the Business; investigating those that are new, contentious, or innovative and making appropriate recommendations for action. This might include:
• Make appropriate information security recommendations for simple change requests
• Conduct Technical Risk Assessments for new application requests and accept or reject application accordingly
• Use judgement to assess if the simple change is within current policy and base their decision to approve, reject or escalate accordingly.

Compliance / Audit: Contribute to the ongoing ISO27001 Information Security Managed System certification and Information Assurance Maturity Model assessments, and other ad-hoc audits.

• Initially the post holder will participate in internal audits and assist in the production of audit reports
• After gaining sufficient experience act as the Lead Auditor, plan internal audits, chair the opening and closing meetings, produce audit reports, and make recommendations for opportunities for improvement.

Responsibilities

The purpose of the Information and Security Team is to provide assurance to the business that our information security risks are being effectively and proportionately managed. The team ensure that our software, systems and services are designed and built following secure design principles and that the appropriate information risk management and governance steps are followed.

We are looking for a talented, supportive team player who is also able to work with a high level of autonomy and responsibility. You will already be experienced in working within an information security team in a junior role and can demonstrate that you have the aptitude, qualities, and drive to succeed in a more senior position.

Full brief of the Behaviours, knowledge, skills and experience required

Specific Technical/Functional Skills and Experience
A curious mind is key for roles in our Cyber team. People who consider every possibility, ask questions, and always dig deeper. For this role you should be:

A Working knowledge in Information risk assessment and risk management, Applied security capability , Protective Security and Threat Understanding. This role is aligned to the Government Security Profession.


Behaviours
Civil Service Behaviours – Level 3 for SEO role

Seeing the Big Picture
Changing and Improving
Working together
Communicating and influencing

Essential:
• Good consulting, influencing and communications skills (verbal and written) with the ability to communicate with varying levels of stakeholders and executives across the business
• Experience in designing simple technical solutions in an inclusive and participatory manner, to negotiate with and influence other design parties (business stakeholders, technical architects, software developers, third party suppliers), to reconcile IT security, technical and business considerations in order to arrive at the optimal solution
• Experience of working within accreditation frameworks, to ensure systems/service meet acceptable security requirements
• A working knowledge of security technologies including Firewalls, IDP/IPS, Endpoint Protects, IAM, Cloud technologies and remote working

Desirable:
• Defence IT Security Officers Course
• Working knowledge of HMG/MOD security policies (JSP440, JSP604)ISO27001 experience
• Demonstrable working knowledge of the requirements of an Information Security Management System and the recognised security controls
• Certified Ethical Hacker or similar
• BCS Level 4 Cyber Security Technologist or similar

Behaviours

We'll assess you against these behaviours during the selection process:

  • Making Effective Decisions
  • Changing and Improving
  • Communicating and Influencing

Technical skills

We'll assess you against these technical skills during the selection process:

  • Experience in providing information security and assurance advice and direction to projects, change activities, colleagues, and senior management, preferably in a UK Government Department.
  • A working knowledge of security technologies including Firewalls, IDP/IPS, Endpoint Protects, IAM, Cloud technologies and remote working
  • Information risk assessment and risk management
  • Applied security capability
  • Protective security
  • Threat understanding

We only ask for evidence of these technical skills on your application form:

  • Experience in providing information security and assurance advice and direction to projects, change activities, colleagues, and senior management, preferably in a UK Government Department.
  • A working knowledge of security technologies including Firewalls, IDP/IPS, Endpoint Protects, IAM, Cloud technologies and remote working

Benefits

We offer a range of benefits to support your lifestyle, including generous leave allowances, flexible working hours, a lift-share scheme, enrolment in the Civil Service Pension scheme, and regular training and development opportunities.

We operate from a brand new state of the art, award-winning building with an onsite gym, cafeteria, and state of the art meeting rooms; a Chaplaincy service; and an Employee Assistance Programme. We have several internal networks available for you to join, including: Mental Health Group, STEM Ambassadors, Woman’s Network, Pride Network and Disabilities group. Travelling to UKHO onsite parking, electric car charging ports, and cycle-to-work scheme are available.

Full-time employees receive 26.5 days annual leave per year, increasing to 31.5 days annual leave after five years’ service (pro-rata for part-time employees).

We offer many flexible working options. These include: a flexible working hours scheme with up to two days per month Flexi leave, remote working, part-time working, job sharing, paid special leave, career breaks, and unpaid leave. We want you to feel part of something bigger and we encourage team-spirit and a community feel in our workplace.

Parents with children will be supported to enable you to manage work and family responsibilities. We offer an on-site independently run nursery with discounted prices for children of UKHO employees.

Any voluntary move to UKHO, from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. However, you may be eligible for other government schemes including Tax Free Childcare. You can determine your eligibility at https://childcarechoices.gov.uk

With regards to maternity, adoption, and/or shared parental leave the flexibility to have up to 26 weeks full pay, followed by 13 weeks statutory pay and a further 13 weeks unpaid leave. Paternity leave of up to two weeks is available with full pay, subject to certain qualifying criteria.

We offer at least 5 days’ learning and development to each employee per year, with professional membership subscriptions, mentoring, and Civil Service-Learning available to all.

Things you need to know

Security

Successful candidates must pass a disclosure and barring security check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check.

See our vetting charter.
People working with government assets must complete basic personnel security standard checks.

Selection process details

This vacancy is using Success Profiles, and will assess your Behaviours, Experience and Technical skills.
The selection process will be designed specifically for the role. As a result, your assessment could include:
• An interview

The sift is due to take place w/c 31st January 2022
Interviews are likely to be held w/c 7th February 2022

This vacancy is aligned to the Government Security Profession Career Framework, and we will assess your experience and technical skills. If successfully short-listed you will be invited to attend an interview.


Short-list Criteria

To apply for this role you must provide a CV.

You will be short-listed against the following criteria:

Experience:
• Experience in providing information security and assurance advice and direction to projects, change activities, colleagues, and senior management, preferably in a UK Government Department.
Technical
• A working knowledge of security technologies including Firewalls, IDP/IPS, Endpoint Protects, IAM, Cloud technologies and remote working

Interview Criteria

You will be interviewed against the following criteria:

Technical/Experience:

Government Security Profession Skills profile:

• Information risk assessment and risk management –Working
• Applied security capability – Working
• Protective security – Working
• Threat understanding – Working

For further details on these skills please visit: Government Security Profession Career Framework User Guide (publishing.service.gov.uk)
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/864753/Government_Security_Profession_career_framework_A_user_guide.PDF

Behaviours
Making Effective Decisions
Changing and improving
Communicating and influencing

Things you need to know

• Security – successful candidates must pass a disclosure and barring security check and gain a Security Clearance.
• This position is a permanent non-reserved post which is open to full time, part time and job share candidates. The role will be contractually based at our Head Office in Taunton, you must be able to travel to the office as and when required.
• This is a development role. Successful candidates will achieve substantive B2 promotion on completing of their development plan.

Pay

External applicants:
New Entrants to the Civil Service will be expected to join at the salary minimum of the grade for which they applied. If an applicant at the offer stage wishes to negotiate higher starting pay, they will be required to submit a case with supporting evidence; UKHO will consider the case against several factors, including our total reward and benefits offering, the difficulty of recruiting the role and scarcity of skills. Higher starting pay will only be considered if the salary range (i.e. the minimum and maximum) for the role, and/ or specific allowance, has been advertised.

Internal Staff
Those who are successful for a level graded role will retain their current salary.
Those who are successful for a higher graded role will have their promotion salary calculated.
Further information can be found in the attached document “Additional Pay Information”

Existing civil servants from other government departments (OGDs): are subject to UKHO’s internal pay policies. Further information can be found in the attached Document “Additional Pay Information”.

SC – non reserved

This is a Ministry of Defence non-reserved post and although open to UK, British Commonwealth and European Economic Area nationals, successful applicants will require a security clearance (SC) and therefore need to have resided in the UK for a minimum of 12 consecutive months within the last 5 years.

Nationality Statement
Candidates will be subject to UK immigration requirements as well as Civil Service nationality rules.
If you’re applying for a role requiring security clearance, please be aware that foreign or dual nationality is not an automatic bar. However certain posts may have restrictions which could affect those who do not have sole British nationality or who have personal connections with certain countries outside the UK.

How to Apply and Further Information

For further information on this vacancy and to apply, please visit Civil Service Jobs.

Further Information
We have adopted anonymised recruitment. This means that your name, date of birth and other personal details will not be seen by the sift panel.

We may hold a merit (reserve) list for up to 12 months. During this time, if a similar role is identified and you have been placed on the merit list you may be considered for the post.

It is likely we will be able to start your employment with BPSS clearance (your clean DBS certificate and satisfactory references that we will obtain) before your SC clearance is successful – this is called a conditional offer.

You will be presented with an unconditional offer only once you have obtained the necessary level of clearance for the role.

If your fail to gain SC clearance, whichever is appropriate for the role you have applied for, your employment with UKHO will be terminated immediately.

Our ability to start employment on a conditional basis is subject to the specific requirements of the role and cannot be guaranteed; please contact our recruitment team if you would like further information: Recruitment@ukho.gov.uk

Please note, if you have not been resident in the UK for the last 5 years (for SC clearance) or for the last 10 years (for DV clearance) then you may be requested to supply the information below:

• Evidence of your actual overseas residence (bills or rental agreements confirming addresses etc)
• Police Certificate providing confirmation that no criminal record is held in the overseas country of residence.
• Reference/Confirmation of employment from an employer in the overseas country of residence.
• Reference/Confirmation of residence or travel from friends, companions or fellow travellers that have knowledge of or have been in the company of you, when resident outside of the UK.
• Reference from a UK based organisation maintaining contract with a sponsorship of you, while residing overseas

Disability Confident – Guaranteed Interview

UKHO embraces diversity and promotes inclusion and equality of opportunity. We are a Disability Confident employer, which includes offering a guaranteed interview to candidates with disabilities, providing they meet the minimum selection criteria.

By ‘minimum selection criteria’ we mean that the evidence you provide in your application must demonstrate that you meet the minimum pass mark, set by the short-list panel, for each criteria listed in the ‘short-list’ section, above. The short-list panel will not be made aware of any disability you may choose to declare; this information will be processed solely by HR, in accordance with Data Protection legislation.

If you are a disabled candidate, please ensure you complete the Equality and Diversity form or inform our HR department, at recruitment@ukho.gov.uk, if you wish to be considered under the Disability Confident guaranteed interview scheme.

Civil Service Recruitment

From 01/10/2020, UKHO’s HR Department is to provide a Fair Processing Notice (FPN) to all new applicants after they have been successful at interview.
These candidates will be informed that, as one aspect of pre-employment screening, their personal details – name, NINO and date of birth - will be checked against the Civil Service Resourcing Extract Internal Fraud Database (IFD) and that anyone included on the IFD will be refused employment unless they can show exceptional circumstances.

UKHO’s HR Department will also include the FPN wording advising of the check against the extract IFD in the advert for employment for the pilot departments.

UKHO’s HR Department will, on behalf of the vacancy holder, inform applicants when they are refused employment because of their inclusion in the IFD.

Civil Service Commission
Recruitment into the Civil Service is governed by the Civil Service Commission which has two key functions.
? To maintain the principle of selection for appointment to the Civil Service on merit on the basis of fair and open competition.
? To promote an understanding of the Civil Service Code which sets out the constitutional framework in which all civil servants work and the values they are expected to uphold, and to hear and determine appeals made under it. More detailed information can be found at on the Civil Service Commission website: http://civilservicecommission.independent.gov.uk

Complaints

The Department’s recruitment processes are underpinned by the requirement of selection for appointment based on merit, open and fair competition as outlined in the Civil Service Commissioners’ Recruitment Principles, details of which can be found at http://civilservicecommission.independent.gov.uk

If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, you should contact the UKHO’s Recruitment Team, Human Resources, Admiralty Way, Taunton, Somerset TA1 2DN or email recruitmentqueries@ukho.gov.uk , in the first instance.

If you are not satisfied with the response you receive you can further contact the Civil Service Commission at:
Email: civilservicecommission.independent.gov.uk or in writing to:
Civil Service Commission, Room G/8, 1 Horse Guards Road, London SW1A 2HQ

Feedback will only be provided if you attend an interview or assessment.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the Republic of Ireland
  • nationals from the EU, EEA or Switzerland with settled or pre-settled status or who apply for either status by the deadline of the European Union Settlement Scheme (EUSS)
  • relevant EU, EEA, Swiss or Turkish nationals working in the Civil Service
  • relevant EU, EEA, Swiss or Turkish nationals who have built up the right to work in the Civil Service
  • certain family members of the relevant EU, EEA, Swiss or Turkish nationals
Further information on nationality requirements

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles.
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Apply and further information

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :
Name :  recruitment.queries@ukho.gov.uk
Email :  recruitment.queries@ukho.gov.uk
 
Recruitment team :
Email :  recruitment.queries@ukho.gov.uk

Further information

The Department’s recruitment processes are underpinned by the requirement of selection for appointment based on merit, open and fair competition as outlined in the Civil Service Commissioners’ Recruitment Principles, details of which can be found at http://civilservicecommission.independent.gov.uk If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, you should contact the UKHO’s Recruitment Team, Human Resources, Admiralty Way, Taunton, Somerset TA1 2DN or email recruitment.queries@ukho.gov.uk , in the first instance. If you are not satisfied with the response you receive you can further contact the Civil Service Commission at: Email: civilservicecommission.independent.gov.uk or in writing to: Civil Service Commission, Room G/8, 1 Horse Guards Road, London SW1A 2HQ

Share this page