Security and Resilience Exercise Manager

Government Digital Service

Apply before 11:55 pm on Sunday 10th November 2024

 

Details

Reference number

374948

Salary

£55,403 - £66,400
£61,005 - £66,400 (London) / £55,403 - £61,939 The base salary of this grade is £61,005 for London and £55,403 for other locations.

Job grade

Grade 7

Contract type

Permanent

Business area

Tech & Sec

Type of role

Digital
Information Technology
Security

Working pattern

Flexible working, Full-time, Job share, Part-time, Compressed hours

Number of jobs available

1

Contents

Bristol, London, Manchester

Job summary

GDS exists to help the government make brilliant public services that empower people in the UK. We work at the very centre of government to drive digital transformation, focused on users. We build and maintain common platforms, products and tools for others to use and create great public services that are accessible, inclusive and easy to use. We also work with departments to identify patterns, share learning and create change to make government more efficient.

The Information Security team at GDS protects the people, services and information used to deliver critical government digital infrastructure such as GOV.UK and One Login. We do this by supporting a secure software development lifecycle, setting and checking proportional organisation policies and building a positive, no-blame security culture across the organisation.

Job description

We all get better through practice, and as the Security and Resilience Exercise Lead at GDS you will help us validate our plans by developing, managing, coordinating and delivering an exercise programme. You’ll help us to build our security confidence as we practise and evaluate our skills, test our systems and validate the effectiveness of our business continuity programme and our cyber resilience.

You will help us to run table top scenarios, incident response drills and test our playbooks. You’ll write red and blue team scenarios, testing policies and standards and design tests of our security awareness. You’ll also be involved in identifying and writing up post-exercise analysis reports, engaging with external suppliers for testing and reviewing details of previous attacks. Based on what we learn, you’ll help us to find the lessons we need to implement to improve our resilience with a demonstrable capability to respond to and recover from an incident or crisis.


As our Security and Resilience Exercise Lead you’ll:

  • Have a good knowledge of agile project management processes and  understanding the importance of continuous improvements by running tabletop simulations of cyber events to help us to learn and respond together.
  • Understand the organisational culture and how to influence it by developing innovative solutions for exercising our playbooks and plans.
  • Coordinate external assurance audit programmes such as GovAssure so that we can measure and report on improvements to our security.
  • Oversee and coordinate system-wide penetration and other tests for digital services so that we can safely check our security controls and improve them. 
  • Work with purple teams to experiment with the creation of new technical controls.
  • Find creative, proportionate ways to measure our adherence to the Government Cyber Security Standard.
  • Describe and report the results of our exercises clearly so that we can turn our lessons learned into better controls and processes.

Person specification

We’re interested in people who:

  • have experience managing and delivering exercises for government departments or similar organisations. This could include developing scenarios, identifying potential threats and vulnerabilities, and coordinating response efforts.
  • have a strong understanding of government security policies and procedures, including those related to cybersecurity, data protection, and risk management.
  • are familiar with the latest trends and best practices in security exercise design and delivery, including the use of simulation tools and techniques.
  • have excellent negotiating, influencing, communication and interpersonal skills, with the ability to work effectively with a wide range of stakeholders, including senior officials, technical experts, and non-technical decision-makers.
  • are able to think strategically and critically, with the ability to identify potential gaps in security and develop innovative solutions to address them.
  • translate the outcomes of exercises into effective incident playbooks and ensure routine maintenance of these.
  • have experience working in a fast-paced and dynamic environment, with the ability to adapt quickly to changing circumstances and priorities.
  • have facilitation skills to guide and direct workshops, planning sessions, meetings, training, and exercises to achieve productive outcomes.
  • an understanding of wider industry practices and solutions for effective security exercises such as NCSC and OWASP table top.

The benefits of working at GDS

There are many benefits of working at GDS, including:

  • flexible hybrid working with flexi-time and the option to work part-time or condensed hours
  • a Civil Service Pension with an average employer contribution of 27%
  • 25 days of annual leave, increasing by a day each year up to a maximum of 30 days
  • an extra day off for The King’s birthday
  • an in-year bonus scheme to recognise high performance
  • career progression and coaching, including a training budget for personal development
  • paid volunteering leave
  • a focus on wellbeing with access to an employee assistance programme
  • job satisfaction from making government services easier to use and more inclusive for people across the UK
  • advances on pay, including for travel season tickets
  • death in service benefits
  • cycle to work scheme and facilities
  • access to children's holiday play schemes across different locations in central London
  • access to an employee discounts scheme
  • 10 learning days per year
  • volunteering opportunities (5 special leave days per year)
  • access to a suite of learning activities through Civil Service learning

GDS offers hybrid working for all employees. This means that everyone does some working from home and also spends some time in their local office. You’ll agree to your hybrid working arrangement with your line manager in line with your preferences and business needs.

Any move to Government Digital Service from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

Selection process details

The standard selection process for roles at GDS consists of:

  • Application stage - CV and two application questions 

    As part of your application, you’ll be asked to submit an anonymised CV demonstrating your previous work history. It is essential that your CV meets the skills and experience listed in the person specification above. 

    You will also need to answer two application questions based on the person's specifications and one security question.

    Failure to submit your CV and complete the application questions may result in your application being unsuccessful.

  • Video Interview stage - Give a 15-minute presentation during your interview. More details will be provided if you are successful at the sift stage. The video Interview will be no more than 60 minutes. 

In the event we receive a high volume of applications, we will conduct the initial sift against the lead criteria which is:

Have a good knowledge of agile project management processes and  understanding the importance of continuous improvements by running tabletop simulations of cyber events to help us to learn and respond together.

Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.

Whilst we value the use of AI technology to enhance our daily work, we also value the personal touch and urge applicants to write responses without the use of AI to emphasise their own unique experiences.

Please note that this role requires SC clearance, which would normally need 5 years’ UK residency in the past 5 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.

In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We’ll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.

For this role we’ll be assessing you against the following Civil Service Behaviours

  • working together
  • changing and improving
  • managing a quality service
  • communicating and influencing
  • delivering at pace 

Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade..

A reserve list will be held for a period of 12 months, from which further appointments can be made.

Recruitment Timeline ;

Every effort will be made to keep to the timeline but where this is not possible dates are subject to change

Role closes - Sunday, 10th November 2024

Sift will be commencing from Monday, 11th November 2024

Panel Interview - Week commencing Monday, 25th November 2024

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

Other information:

Occasionally, business pressures, priorities or critical delivery may mean that we move you into a different team or work area within GDS. This will always be within the same grade and discipline within which you were hired, but does mean that your focus or objectives may shift in order to deliver GDS business.

You may be aware that there are plans for the Government Digital Service (GDS) & the Central Digital & Data Office (CDDO) to move into the Department of Science, Innovation & Technology (DSIT). This move is to bring together the digital transformation of public services into one core department. The move itself will offer huge opportunities whilst allowing DSIT to lead the way and drive forward the new Government's digital agenda. 

As the announcement is relatively new, we are awaiting more detailed information. Therefore, we encourage you to apply for this role, and will keep you informed with updated information throughout the application process.



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

  • Name : gds-onboarding@digital.cabinet-office.gov.uk
  • Email : gds-onboarding@digital.cabinet-office.gov.uk

Recruitment team

  • Email : gds-onboarding@digital.cabinet-office.gov.uk

Further information

If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, you should contact gds-recruitment-complaints@digital.cabinet-office.gov.uk in the first instance.
If you are not satisfied with the response you receive you can contact the Civil Service Commission by email: info@csc.gov.uk Or in writing: Civil Service Commission, Room G/8 1 Horse Guards Road, London, SW1A 2HQ.

Share this page