Head of Fraud

What you'll do

As the Head of Threat Intelligence and Counter Fraud you will play a central role in protecting the UK’s current and future digital identity ecosystem. At scale, One Login will be the front door for millions of users to access digital public services. Our ability to remain resilient to fraud is absolutely critical to delivering our mission. Fraud reduction is intrinsic to the overall value proposition for One Login and at the heart of retaining user trust. This is a high profile role, suited to an experienced counter fraud professional who has a track record of setting direction on threat intelligence and counter fraud and building wider capability. 

The mission of the threat intelligence and counter fraud team (TICF) is to prevent and identify fraud with the Digital Identity products. We do this through design, detection and protection. TICF has 4 critical missions:

1. Design a service with fraud in mind by supporting product teams
2. Detect fraud through analysis
3. Enable cross government collaboration on tackling fraud
4. Protect the programme through accurate and timely intelligence

As the Head of Threat Intelligence and Counter-Fraud you will:

• Set strategic direction for the One Login programme to ensure that fraud is reduced due to the design of the system and collaborative work with key stakeholders across HMG
• Head up and grow the identity counter-fraud team in GDS, building capability within a high performing team, recruiting and training new analysts so that they are able to provide enduring advice and support to the digital identity programme
• Work in partnership with key stakeholders across the programme, such as the Head of Security, Product, Delivery and identity SMEs, to lead and advise on identity misuse and risks requirements to inform the design and development of One Login for Government system’s counter-fraud capability and  implementation and evolution of identity standards
• Provide oversight and take responsibility for the team’s work on advice and reporting on identity-related threats and their mitigations; monitoring and investigating suspicious user activity and threats to One Login and the digital identity programme’s supply chain
• Build collaborative relationships across government: raising the profile of the team’s work, meeting the requirements of relying parties and working in partnership with other departments to tackle fraud
• Act as a champion for TICF by ensuring that threat intelligence and counter-fraud functionality is fully integrated across One Login, including through the procurement of third party suppliers

Who you'll be

We’re looking for candidates with evidenced experience of: 

• Leadership of an operational counter-fraud function within a comparable, critical national infrastructure (or similar) programme
• Strong track record of setting strategic direction on identifying and tackling fraud through the design and implementation of a product or service
• Hands on experience undertaking and managing oversight for the collection and analysis of open source intelligence, including through the Darkweb
• Taking a leading role in investigating and resolving fraudulent and/or security events
• Implementing and operating high volume identity specific threat intelligence platforms and tooling at scale
• Establishing robust and effective counter-fraud policies and risk registers
• Taking programme level responsibility for monitoring and reporting on identity-related threats, adopting an intelligence-led approach that encompasses trends and hotspots
• Strong leadership and communication skills, and a track record of growing, guiding and developing teams and individuals
• Using and aligning with a standards-based approach to identity proofing such as Good Practice Guides 44 and 45, NIST 800-63 or equivalents
• Establishing and maintaining excellent stakeholder relationships, influencing and gaining the confidence of senior leaders
• Working collaboratively with multi-disciplinary teams, across boundaries and with a wide range of external organisations

ADDITIONAL INFORMATION

The standard selection process for roles at GDS consists of:

• An application screening process - Simply, hit apply.  We only ask for a Cover Letter (up to 750 words) and a CV. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “who you’ll be” section above
• An interview - We will assess you against the behaviours listed above and your experience. This will also include a presentation - the presentation topic will be shared in advance of the interview.

Depending on the volume of applications we may also include an additional stage, which you will be invited to should you pass the application screening stage.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.

GDS offers hybrid working for all employees. This means that everyone does some working from home/remote working and also spends some time in their local office. You will agree to your hybrid working arrangement with your line manager in line with your preferences and business needs. 

A reserve list will be held for a period of 12 months, from which further appointments can be made.

Candidates that do not pass the interview, however, have demonstrated an acceptable standard will be considered for similar roles at a lower grade. 

Security Clearance: The level of clearance required for this role is SC. Further details are outlined in Security vetting for employees.

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. For further information see https://www.gov.uk/guidance/prison-leavers-project-improving-outcomes-for-prison-leavers