Head of Cyber Detect and Response
Home Office
Apply before 11:55 pm on Thursday 26th September 2024
Details
Reference number
Salary
Job grade
Contract type
Business area
Type of role
Working pattern
Number of jobs available
Contents
Location
About the job
Job summary
The Head of Cyber Detect & Response oversees the 24/7 Protective Monitoring and Incident Management teams that are responsible for monitoring, detecting, and responding to cyber threats.
You will be managing advanced detection systems and taking a lead role in coordinating the response to cyber incidents, ensuring the security and resilience of the Home Office’s digital systems which span Borders, Immigration and Citizenship, Policing, and Fire.
This is a key position for those who are ready to protect and respond to issues affecting the nation’s digital infrastructure against ever-evolving cyber threats.
If you're interested in finding out more, we are holding a Home Office Cyber Security candidate information event on 17th September. You will find out about working for the organisation, hear from staff on their experiences working in Home Office Cyber Security Roles and learn more about our recruitment process. Please register here https://www.eventbrite.co.uk/e/cybersecurity-drop-in-event
Job description
As Head of Cyber Detect & Response your responsibilities will include:
- Overseeing the triage of cyber incidents, ensuring proportionate mitigation and containment measures have been implemented in accordance with processes and procedures. Aggregating and evaluating post-incident feedback to inform board-level reporting on security incidents.
- Setting the department’s Cyber Incident Management strategy including its people, process, and technology elements.
- Providing advice to senior stakeholders on ways to improve incident management processes, strengthen security controls, identifying, evaluating, and mitigating risks. Setting direction and recommending investment in strategic tooling and capability to address strategic enterprise-wide risk.
- Shaping the department’s incident management policies and processes to ensure that they meet requirements, in line with appropriate standards.
- Working closely with the Head of Cyber Threat Operations to ensure findings as a result of proactive threat activity is managed swiftly and effectively.
- Leading teams efforts during the management of complex cyber incidents, working with multiple internal and external teams such as the National Cyber Security Centre (NCSC), National Crime Agency (NCA) and Government Cyber Coordination Centre (GC3) where necessary.
Note: The Head of Cyber Detect & Response may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence, and training.
The successful candidate will be located in the Soapworks, Manchester regional office. Under Home Office hybrid working practices there is an expectation that you will attend the office for a minimum of 60% of your working hours.
Due to the nature of the role, this post is available on a full-time basis only.
Person specification
Essential skills
You’ll have a demonstrable passion for leading teams who work around the clock to detect and respond to cyber incidents in complex environments, with the following skills or proven experience in:
- Leading and developing critical operational teams.
- Knowledge of targeted cyber-attacks, particularly on how to respond and mitigate their impacts.
- Experience in performing monitoring, conducting analysis, and guiding recovery efforts.
- Communicating effectively about cyber threats and incidents at senior levels, including up to ministerial level in the absence of the Head of Cyber Security Operations.
Technical skills
Strategy and Architecture
- Governance, Risk and Compliance
- Risk Management (BURM) – Level 4
- Strategy and Planning
- Strategic Planning (ITSP) – Level 4
- Security and Privacy
- Information Security (SCTY) – Level 4
- Advice and Guidance
- Specialist Advice (TECH) – Level 4
Change and Transformation
- Change Planning
- Business Process Improvement (BPRE) – Level 5
Relationships and Engagement
- Stakeholder Management
SFIA capability framework
Skills for the information age (SFIA) is the technical framework that sets the standard capability and development of all DDaT skills in the Home Office. This is a link to the capability framework: All skills A–Z — English (sfia-online.org). We use set SFIA technical skills to form our interview questions and we will assess you against these technical skills during the selection process.
Qualifications
Essential
- Candidates must hold or be prepared to undergo NPPV3 and DV clearance.
Desirable
- A degree in Cyber Security or appropriate level of proven, demonstrable, and current experience in a similar role/environment.
- Achieved appropriate level of qualifications such as CISSP, CISM or qualifications from an industry recognised provider e.g. SANS, ISC2, ISACA, CEH, etc.
Behaviours
We'll assess you against these behaviours during the selection process:
- Delivering at Pace
- Changing and Improving
- Making Effective Decisions
Technical skills
We'll assess you against these technical skills during the selection process:
- Risk Management (BURM) - Level 4
- Strategic planning (ITSP) - Level 4
- Information security (SCTY) - Level 4
- Business process improvement (BPRE) - Level 5
- Stakeholder relationship management (RLMT) - Level 5
- Specialist Advice (TECH) - Level 4
Benefits
This role aligns to Principle Response Manager in the Home Office DDaT profession career framework. This role is part of the Digital and Data Technology profession, and utilises an enhanced Pay Framework to determine an individual’s total compensation, based on their level of skills capability.
Candidates are advised that the Home Office are moving between capability allowance frameworks, with effect from 1st January 2025. The Home Office are transitioning to the Pay Framework Allowance. The Pay Framework Allowance (PFA) is a model initiated by the Central Digital and Data Office (CDDO) Cross-Government Digital and Data Strategy, to standardise the way government departments assess and pay capability and skills-based allowances.
PFA is an outcome-based allowance resulting from an annual capability and skills assessment process. PFA is aimed at specified roles in the DDaT Profession. The maximum pay award for this role, including the pay range minimum and any allowance awarded is £95,600.
Applicants that are successful at interview for this role will be invited to complete a Capability and Skills Assessment post-interview. The value of any allowance awarded will be based on an assessment of six skills and experience. If, based on a self-assessment and panel review, you are deemed as eligible for an allowance and commence employment with the Home Office prior to 1st January 2025, you would receive an allowance based on our existing structure, transitioning to the new capability-based pay framework effective as of 1st January, with no further action required from you at that time. Further information will be available post-interview.
You are advised that any allowance awarded is neither a contractual nor pensionable entitlement and is dependent on you remaining in a qualifying role. This allowance is subject to initial review within six months of taking up the post and thereafter an annual review in-line with departmental priorities and could be reduced or withdrawn at any time, in line with the Home Office allowance policy.
New entrants to the civil service will start their role on the salary band minimum: £69,200 for national roles. For existing civil servants, the usual policy on level transfer and promotion will apply and is non-negotiable. For both new entrants and existing civil servants, the additional allowance pending skills assessment, as detailed above may also be payable.
You’ll also have access to the same benefits available to all civil servants in the Home Office:
- Membership of the Civil Service Defined Benefit Pension scheme with an average employer contribution of 28.97%. Find out what benefits a Civil Service Pension provides.
- An in-year performance bonus scheme.
- 25 days annual leave on appointment, plus 8 days public holidays and 1 day for the King’s Birthday, rising further with service.
- Flexible working options to enable you to achieve the work life balance that right for you including part-time, flexi time and job sharing.
- Training and development opportunities tailored to your role.
- A culture encouraging inclusion and diversity.
- Season ticket loans and rental deposit loans.
- Cycle to work and payroll giving.
- Employee discounts - including a huge number of retailers, Microsoft Home Use programme and gym membership.
- A variety of staff recognition schemes including thank you vouchers.
- Health and wellbeing initiatives including monthly mindfulness sessions.
- Staff support networks.
- Maternity, adoption or shared parental leave of up to 26 weeks full pay followed by 13 weeks of statutory pay and a further 13 weeks unpaid.
- Maternity and adoption support leave (paternity leave) of 2 weeks full pay.
- Up to five days paid leave for volunteering.
- Study leave and support for studying for a qualification or other accredited development relevant to your role.
Things you need to know
Selection process details
As part of the application process you will be asked to complete
- CV, detailing job history, relevant qualifications and skills (not scored)
- Statement of Suitability (Max 1000 word limit)
Further details around what this will entail are listed on the application form.
Please note your CV and statement of suitability should include all relevant experience that relates to our essential skills criteria listed in the job advert.
Please use STAR format in your examples – use this link The STAR method , National Careers Service / A brief guide to competencies - GOV.UK (www.gov.uk)
Please remove information that identifies you (for example your name, age, or place of education) so that you will be judged on merit alone and not your personal background, circumstances, race, or gender. Do NOT include e-mail addresses or links to online profiles, resumés, or prior work, either personal or business. Active links or e-mail addresses will result in your application being rejected.
Candidates shortlisted will be invited to an interview which will be a blended approach and you will be asked questions based on the Behaviours and Technical Skills listed in the job advert. As part of your interview you will also be asked to deliver a presentation on a given topic. Details of the presentation will be provided to candidates who are invited to attend an interview.
Sift and interview dates
The sift of applications will commence from 30th September 2024.
Interviews are expected to take place from week commencing 14th October 2024.
Interviews will be carried out via video. Candidates will be required to have access to:
- A laptop (personal or work) with a working webcam
- Good internet connection
- Microsoft Teams
We will try to meet the dates set out in the advert. There may be occasions when these dates will change. You will be provided with sufficient notice of the confirmed dates.
Due to time constraints we may not be able to offer alternative interview date(s). It is therefore expected that candidates who are successful at sift stage will make themselves available during the timeframe given above.
Reserve list
A reserve list of successful candidates will be kept for 12 months. Should another role become available within that period you may be offered this position.
Job offers to this post are made on the basis of merit. We often have similar roles available at different grades. If a candidate is suitable for a similar role or a lower grade than they have applied for, we may offer the candidate that role without the need to go through a further selection process providing the role has the same behaviours and essential skills.
Further information
Please read the essential skills for this position carefully. We will only consider those who meet the listed requirement.
If you have previously made an unsuccessful application for a role with the same essential skills and are not able to demonstrate how you have developed these skills since your last application please reconsider applying as your application is unlikely to be successful.
In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf. However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct.
If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading
For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy.
If you are invited to an interview, you will be required to bring documentation for the purposes of establishing your identity.
You will need to meet the nationality requirements for this role and obtain the necessary security clearance to take it up. For meaningful security checks to be carried out, individuals need to have lived in the UK for a sufficient period of time. Learn more on our website. Security Checks - Home Office Careers
Visa sponsorship
We are unable to sponsor any individuals via Skilled Worker Sponsorship / Tier 2 (General) work visas as we do not hold a UK Visa & Immigration (UKVI) Skilled Worker License.
Reasonable Adjustments
If a person with disabilities is at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.
If you need a change to be made so that you can make your application, you should:
- Contact Government Recruitment Service via HOrecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs
- Complete the “Assistance Required” section in the “Additional Requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you're deaf, a language service professional
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the ‘Contact point for applicants’ section.
Feedback
Feedback will only be provided if you attend an interview or assessment.
Security
Nationality requirements
Working for the Civil Service
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
Diversity and Inclusion
Apply and further information
Contact point for applicants
Job contact :
- Name : AC Recruitment Team
- Email : ACrecruitment@homeoffice.gov.uk
Recruitment team
- Email : HOrecruitment.grs@cabinetoffice.gov.uk