Cyber Security Risk Lead – Information Security - £34,841 p.a. + benefits
Medicines and Healthcare Products Regulatory Agency
Apply before 11:55 pm on Sunday 13th October 2024
Details
Reference number
Salary
Job grade
Contract type
Business area
Type of role
Working pattern
Number of jobs available
Contents
Location
About the job
Job summary
We have an exciting opportunity for a Cyber Security Risk Lead in our Digital and Technology Group (DTG).
This is a full- time opportunity, on a permanent basis. The role will be based in Canary Wharf London, or South Mimms, Hertfordshire. Please be aware that these roles can only be worked in the UK and not overseas. We are currently operating a hybrid way of working, with a minimum of 40% of contracted hours working on site to enable the collaboration and contact with partners and stakeholders needed to deliver MHRA business. This may rise to 60% during the year. Attendance on site is driven by business needs so depending on the nature of the role, some roles will need to be on site more regularly.
*This role will also be required to participate in the Agency’s out of hours on-call rota on a periodic basis. An on-call payment will be added to the salary depending on the frequency of participation in the rota.
Who are we?
If you have had a COVID19 vaccine or have ever taken a medicine, or used a medical device, then you have already come into contact with the MHRA. Our vision, One Agency - Delivering for Patients, underpins all that we do as we set out on an ambitious roadmap for change to become a truly world-leading, enabling regulator that protects public health through excellence in regulation and science.
The Digital and Technology Group (DTG) lies at the heart of the Agency and is responsible for making sure that our scientists, inspectors, and all of our staff have the tools and data they need to deliver the very best services they can to improve outcomes for patients and the general public. The Group was essential in the race to approve COIVD vaccines in 2020 and in supporting the UK to set up its own medicines and devices approvals systems after BREXIT. The work we do matters!
The Delivery Group function is responsible for providing a Delivery Centre of Excellence to drive a digital and technology-based change to deliver minimum viable products (MVP) and continuous improvements and managing all stages of the product development and implementation lifecycle, including, but not limited to, business case creation, benefits realisation planning, and management of risks.
Job description
What’s the role?
The Delivery Group function is responsible for providing a Delivery Centre of Excellence to drive a digital and technology-based change to deliver minimum viable products (MVP) and continuous improvements and managing all stages of the product development and implementation lifecycle, including, but not limited to, business case creation, benefits realisation planning, and management of risks.
This role is key to enabling the Agency to reduce its cyber security risk with a focus on Information Security, ensuring this remains front and centre in all of our business. Therefore, we need a skilled and confident Cyber and Information Security Risk lead to play a key role in the cyber security team, supporting the Senior Information Risk Owner to deliver the agency’s security agenda, by embedding a strong information security risk management framework aligned to industry and government best practice.
Person specification
Who are we looking for?
The successful candidate will have proven experience working in a fast paced cyber and information security environment. You should have experience of conducting information security risk assessments and an understanding of how to use cyber risk management techniques and frameworks in a range of business situations to implement strong security.
You will have strong analytical skills and be confident in making decisions which support the business to make well informed security risk decisions that support the business direction.
You will be able to communication information security risks and threats in an engaging and clear manner so that non-technical colleagues can understand. You will also be a strong team player, working across teams and organisations, able to work with other stakeholders who may have demands that compete with security requirements.
If you would like to find out more about this fantastic opportunity, please read our Job Description and Person Specification!
Please note: The job description may not open in some internet browsers. Please use Chrome or Microsoft Edge. If you have any issue viewing the job description, please contact careers@mhra.gov.uk
Benefits
- Annual Leave: 25 days annual leave on entry, rising by one day for each completed year of service to a maximum of 30 days and pro-rata for part-time staff. PLUS 8 bank holidays
- Privilege Leave: 1 day
- Hours of Work: 37 hours (net) per week for full time staff in all geographical locations, including London and pro rata for part-time staff
- Occupational Sick Pay (OSP): One month full pay/one month half pay on entry, rising by one month for each completed year of service to a maximum of five months full pay/five months half pay
- Mobility: Mobility clause in contracts allowing staff to be mobile across the Civil Service
- Civil Service Pension Scheme. Please see the link for further information http://www.civilservicepensionscheme.org.uk/ For enquiries relating to the Civil Service Pension Schemes please contact MyCSP's Pension Service Centre directly on 0300 123 6666
- Flexible working to ensure staff maintain a healthy work-life balance
- Interest free season ticket loan or bike loan
- Employee Assistance Services and access to the Civil Service Benevolent Fund
- Eligibility to join the Civil Service Motoring Association (CSMA)
- Variety of staff and Civil Service clubs
- On-going learning and development
Things you need to know
Selection process details
Closing Date: 13th October
Shortlisting: 14th – 18th October
Interview Date: 30th October
Application – please answer all the application questions, providing evidence of experience relevant to the specific Behaviour, Experience and Technical criteria marked ‘A’ in the Person Specification. Failure to answer the ‘Job Specific Questions’ on the application will result in our shortlist panel having insufficient evidence to assess your application.
Our applications are CV blind, and our Hiring Managers will not be able to access your CV when reviewing your application.
Interview – aligned to the Behaviour, Experience and Strengths criteria marked ‘I’ in the job description
Applicants are assessed on whether they meet any mandatory requirements as well as the necessary skills and experience for the role.
In the instance that we receive a high number of applications, we will hold an initial sift based on the lead criteria of ‘Risk Management – Proven experience of identifying, managing and resolving information security risk and getting commitment from business to implement on-going controls.’
If you require any disability related adjustments at any point during the process, please contact careers@mhra.gov.uk as soon as possible.
If you need assistance applying for this role or have any other questions, please contact careers@mhra.gov.uk
Candidates will be subject to UK immigration requirements as well as Civil Service nationality rules. Further information on whether you are able to apply is available here.
Successful candidates must pass a disclosure and barring security check as well as animal rights and pro-life activism checks. People working with government assets must complete basic personnel security standard checks.
Applicants who are successful at interview will be, as part of pre-employment screening subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment. A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.
Any move to the MHRA from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility here.
Successful candidates may be subject to annual Occupational Health reviews dependent on role requirements. If you have any queries, please contact careers@mhra.gov.uk.
In accordance with the Civil Service Commissioners’ Recruitment Principles our recruitment and selection processes are underpinned by the requirement of selection for appointment on the basis of merit by a fair and open competition. If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, you should firstly contact Mira Mepa, Head of Recruitment and Operations, Mira.Mepa@mhra.gov.uk.
If you are not satisfied with the response you receive, you can contact the Civil Service Commission at: civilservicecommission.independent.gov.uk
Civil Service Commission
Room G/8
1 Horse Guards Road
London
SW1A 2HQ
Feedback will only be provided if you attend an interview or assessment.
Security
Nationality requirements
Working for the Civil Service
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
Diversity and Inclusion
Apply and further information
Contact point for applicants
Job contact :
- Name : The Recruitment Team
- Email : careers@mhra.gov.uk
Recruitment team
- Email : careers@mhra.gov.uk