You will be a Technical Security Assurance Expert in the Securing Government Services team, where you will work with government departments to provide risk management and assurance consultation on the security posture of services and products based on recognised security industry standards.
You will work with the National Cyber Security Centre (NCSC) and Cabinet Office Government Security Group (GSG) to make government digital services secure and resilient through tailored technical guidance and advice, and will play a key role in driving the Government Cyber Security Strategy and delivery of strategic priorities.
As a lead technical security assurance specialist in CDDO, you will:
- deliver security risk-driven assessments of services or products in accordance with an appropriate methodology.
- perform security due diligence of technology products.
- review reporting, including key performance indicators, and act as key decision maker for the delivery of technical security capabilities against requirements.
- ensure alignment with government security policy frameworks and industry objectives and standards, and liaise with senior stakeholders on how these can be met.
- interact with stakeholders across organisations, teams, or communities.
We are interested in people who have:
- experience in defining and implementing processes to verify conformance to security and/or legal and regulatory requirements.
- experience in carrying out security controls gap assessment, capability maturity assessment and compliance checks in accordance with an appropriate methodology.
- good working knowledge of current cyber security risks and experience implementing security solutions for infrastructure, network and application security.
- ability to interact with a broad cross-section of personnel to explain and enforce security measures.
- experience in planning and managing delivery of a security work programme.
- experience in facilitating workshops to gather, understand and analyse information as part of carrying out reviews / audits.
- relevant industry qualifications and accreditations e.g. Certified Cyber Professional (CCP), Certified Information Systems Security Professional (CISSP), ISO27001 Lead Auditor.
The benefits of working at CDDO
There are many benefits including:
- flexible hybrid working with flexi-time and the option to work part-time or condensed hours
- a Civil Service Pension with an average employer contribution of 27%
- 25 days of annual leave, increasing by a day each year up to a maximum of 30 days
- an extra day off for The King’s birthday
- an in-year bonus scheme to recognise high performance
- career progression and coaching, including a training budget for personal development
- paid volunteering leave
- a focus on wellbeing with access to an employee assistance programme
- job satisfaction from making government services easier to use and more inclusive for people across the UK
- advances on pay, including for travel season tickets
- death in service benefits
- cycle to work scheme and facilities
- access to children's holiday play schemes across different locations in central London
- access to an employee discounts scheme
- 10 learning days per year
- volunteering opportunities (5 special leave days per year)
- access to a suite of learning activities through Civil Service learning
CDDO offers hybrid working for all employees. This means that everyone does some working from home and also spends some time in their local office. You’ll agree to your hybrid working arrangement with your line manager in line with your preferences and business needs.
Any move to the Central Digital and Data Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk
Things you need to know
Selection process details
The standard selection process for roles at CDDO consists of:
- a simple application screening process - We only ask for a CV and cover letter of up to 750 words. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “person specification” section above
- A scenario exercise. Comprehensive details will be shared with the shortlisted candidates.
- a 90-minute video interview including the scenario presentation at the beginning.
In the event we receive a high number of applications, we will conduct an initial sift on the lead criteria which is:
- Experience in defining and implementing processes to verify conformance to security and/or legal and regulatory requirements.
Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.
In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We’ll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.
For this role we’ll be assessing you against the following Civil Service Behaviours:
- making effective decisions
- communicating and influencing
- working together
Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.
A reserve list will be held for a period of 12 months, from which further appointments can be made.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.
Feedback will only be provided if you attend an interview or assessment.