Head of Cyber Risk & Assurance - GDS - G6

Location

Bristol, London, Manchester

About the job

Job summary

The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern digital government.

Our priorities are to drive a modern digital government, by:

1. joining up public sector services
2. harnessing the power of AI for the public good
3. strengthening and extending our digital and data public infrastructure
4. elevating leadership and investing in talent
5. funding for outcomes and procuring for growth and innovation
6. committing to transparency and driving accountability

We are home to the Incubator for Artificial Intelligence (I.AI), the world-leading GOV.UK and at the forefront of coordinating the UK’s geospatial strategy and activity. We lead the Government Digital and Data function and champion the work of digital teams across government.

We’re part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol.

The Information Security team at GDS protects the people, services and information used to deliver critical government digital infrastructure such as GOV.UK and One Login. We do this by supporting a secure software development lifecycle, setting and checking proportional organisation policies and building a positive, no-blame security culture across the organisation.

The Government Digital Service is where talent translates into impact. From your first day, you’ll be working with some of the world’s most highly-skilled digital professionals, all contributing their knowledge to make change on a national scale.

Join us for rewarding work that makes a difference across the UK. You'll solve some of the nation’s highest-priority digital challenges, helping millions of people access services they need

Job description

We’re looking for candidates with a wide range of skills and experience of working at a senior level, ideally within the public sector. 

You will have strong leadership and interpersonal skills and enjoy working in a demanding, high profile and dynamic environment. You’ll be passionate about cyber risk management and assurance in a digital, technology and data function and how innovations in these areas can improve public services. 

We’re interested in people who:

• have experience of working in an Information or Cyber Security public sector environment
• have experience of leading a team in a public sector environment 
• have experience of working in an agile environment 
• have experience of creating and implementing risk management frameworks 
• have experience of assuring technical services 
• have a good working knowledge of NCSC Cyber Assessment Framework (CAF) and Secure by Design (SbD) requirements 
• have a good working knowledge the HM Treasury Orange Book and Government Functional Standard 007 

As Head of Cyber Risk & Assurance you will:

• lead on the Information Assurance / Governance process acting as the second line of defence within the organisation
• lead on the continual development and tracking of the information security risks, working collaboratively with relevant colleagues
• lead on assurance and tracking of delivery assurance and programme health, reporting insights into relevant boards
• co-ordinate the assurance of a number of different programmes and services and ensure that objectives are met and relationships are effectively managed
• manage the GDS cyber risk management framework
• manage relevant audits such as CAF and SbD
• lead on reporting to DSIT including departmental risk committee strategic cyber risks and risk treatment plans
• line manage a team of risk and assurance specialists
• form part of the senior leadership group for Technology & Security Directorate

Person specification

We’re interested in people who have:

• significant cyber risk management and assurance experience within large organisations
• experience of overseeing and balancing multiple initiatives at the same time and balancing changing priorities through ambiguity
• experience of building effective relationships at senior levels and delivering successfully in a complex stakeholder environment
• effective communication and presentation skills; the ability to collaborate inclusively at all levels of the business
• relevant security or risk qualifications which may include degree/masters in a relevant field

Qualifications

Relevant security or risk qualifications which may include degree/masters in a relevant field