Lead Cyber Security Risk Manager

Home Office

Apply before 11:55 pm on Tuesday 7th January 2025

 

Details

Reference number

382073

Salary

£60,300
Capability & Skills Allowance: You may be eligible for an additional non-pensionable allowance, pending a Capability and Skills assessment, with a value of up to £20,100.
A Civil Service Pension with an employer contribution of 28.97%

Job grade

Grade 7

Contract type

Permanent

Business area

HO - Digital Data and Technology - Cyber Security

Type of role

Information Technology

Working pattern

Flexible working, Full-time, Compressed hours

Number of jobs available

1

Contents

Manchester

Job summary

The Cyber Security Risk Manager identifies, understands and mitigates cyber-related risks. They identify and evaluate security risks to information, systems and processes owned by the organisation, and proactively provide appropriate advice, drawing on a wide variety of sources, to stakeholders across the organisation and at a variety of levels. They provide risk or service owners with advice to help them make well informed risk-based decisions.

Job description

Your main day to day responsibilities will be:

  • The support, planning, development, implementation and management of organisation-wide processes and procedures for the management of risks to the success, confidentiality, integrity and availability of the business, especially those arising from the use of information technology, hardware or data.
  • Providing tailored expert cyber security support and advice that highlights cyber security related risks to a range of stakeholders, projects, business teams and/or service owners on how to remedy identified risks. Helping them to make well-informed and auditable decisions, by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise.
  • Independently and impartially undertaking risk management activities within a given area of practice or expertise, usually within established security and risk management governance structures and frameworks.
  • Leading the independent analysis and derivation of business-supporting security needs, undertake cyber security related risk assessments, conduct tailored threat assessments and other risk management activities. Communicating effectively with senior stakeholders to ensure they recognise the importance of security considerations and respond accordingly to changes in policy and procedure.
  • Managing risk management processes across the organisation, reviewing their efficiency and effectiveness, leading recommendations for continuous improvement. Reviewing risk statements, risk controls, mitigating actions and all related risk management activities. Following any security breach, providing advice on how to remediate any vulnerabilities discovered. Agreeing and overseeing remedial solutions, controls and safeguards that are the most appropriate and beneficial for the organisation.
  • Assessing reviews and risk assessments and ensuring all identified risks are managed in accordance with Home Office risk management policies. Communicating outcomes effectively to relevant senior stakeholders across a variety of teams in ways that support effective security, risk management and decision-making, and advising senior stakeholders on their approach to risk assessment in the context of their organisational outcomes.  

Note: An employee may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training.

Person specification

Essential skills

You’ll have a demonstrable passion for Cyber Security Risk mitigation with the following skills or experience in:

  • Proficiency in implementing and managing risk management processes based on established frameworks such as NCSC Cyber Assessment Framework, NIST Cybersecurity Framework, or other relevant standards.
  • Ability to design and implement security controls aligned with organisational requirements, whilst navigating changes and proactively responding to evolving risks. 
  • Demonstrated resilience in high-pressure situations, such as managing critical incidents. Competence in coordinating and managing security breaches, with experience in post-incident analysis to identify vulnerabilities and recommend remedial actions.
  • Strong ability to present technical information to non-technical stakeholders and the ability in influencing decision-making processes at senior leadership levels, promoting security priorities.

SFIA capability framework

Skills for the Information Age (SFIA) is the technical framework that sets the standard capability and development of all IT Operations levels in the Home Office. This is a link to the capability framework:  All skills A - Z English (sfia-online.org)

We use set SFIA technical skills to form our interview questions and we will assess you against these technical skills during the selection process.

SFIA levels of responsibility – Use the SFIA Levels of responsibility to understand what would be expected for each Technical Skill listed below.

SFIA Technical skills

The essential technical skills required for this role are listed below and are reflective of the Home Office Government Digital and Data Profession Career Framework

Qualifications

Certification in one or more of the following is desirable but not essential and should not prevent application: CRTIA, CRTIM, CRISC, CISSP, CEH, CCSP and equivalent.

Technical skills

We'll assess you against these technical skills during the selection process:

  • Information Assurance (INAS) - Level 3
  • Information security (SCTY) - Level 4
  • Risk Management (BURM) - Level 3
  • Audit (AUDT) - Level 4
  • Specialist advice (TECH) - Level 4
  • Stakeholder relationship management (RLMT) - Level 4
Alongside your salary of £60,300, Home Office contributes £17,468 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Why work for us...

  • A highly competitive pension with an employer contribution of 28.97%  
  • 25 days annual leave on appointment rising 1 day per year up to 30 days, plus 8 days public holidays and 1 day for the King’s Birthday.  
  • Flexible working options to enable you to achieve the work life balance that is right for you including; Full time, part-time, flexi time, compressed hours and job sharing.  
  • A hybrid working model of a minimum 60% of your contracted hours in the workplace and 40% remote. 
  • Training and development opportunities tailored to your role, including access to technical and professional accreditations.  
  • Access to funded qualifications (subject to approval)  
  • A capability allowance reviewed annually.  
  • A culture encouraging inclusion and diversity.  
  • Enhanced parental leave schemes.  
  • Annual performance-based bonus and recognition awards.  

This link is to a short guide to employee benefits: Benefits - Home Office Careers

Capability & Skills Allowance

The advertised role is part of the Home Office Government Digital and Data Profession. This role has access to a Digital Capability-Based Allowance. Applicants who are successful at interview will be invited to complete a Capability and Skills Assessment post-interview. Any allowance awarded will be based on the assessment of your capability against the six skills advertised for this role. Please see the attached candidate pack for more information.

The allowance values are set by the Home Office, subject to remaining in a qualifying role, and are non-pensionable. This allowance is non-contractual, subject to an annual review and could be withdrawn at any time.

For both new entrants and existing civil servants, the total compensation offer is a combination of base salary and, if applicable, a capability-based allowance. New entrants to the Civil Service will start on the pay range minimum. For existing civil servants, our policies on level transfer and promotion will apply.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Experience and Technical skills.

As part of the application process you will be asked to complete a CV and 1000 word personal statement. 

Further details around what this will entail are listed on the application form.  

Please note your CV and personal statement should include all relevant experience that relates to our essential skills criteria listed in the advert and role description. Use STAR format in your examples.

Remove information that identifies you (for example your name, age or place of education) so that you will be judged on merit alone and not your personal background, circumstances, race or gender. 

(Do NOT include e-mail addresses or links to online profiles, resumés, or prior work, either personal or business. Active links or e-mail addresses will result in your application being rejected).

Please ensure that all examples provided in your application are taken directly from your own experience and that you describe the examples in your own words. All applications are screened for plagiarism, copying, and generating of examples/ answers from internet sources including Artificial intelligence. If detected, the application may be withdrawn from the process.

Further action, including disciplinary action, may be considered in such cases involving civil servants. Providing false or misleading information would be contrary to the core values of honesty and integrity expected of all civil servants.

Sift Stage

The sift will be held on the CV and Personal Statement. Please read the Essential skills for this position carefully. We will only consider those who meet the listed requirements.           

In the event of a high number of applications, we will conduct the sift on the Personal Statement.

Interview Stage

Candidates reaching the required standard will then be invited to attend a final interview. The interview will assess your Technical Skills (SFIA Framework) and experience using technical and experience-based questions.

Sift and interview dates

Sift will be conducted week commencing 06/01/2025

Interviews will be held week commencing 20/01/2025. (Subject to the Panel’s operational requirements/priorities)

Interviews will be conducted remotely via MS Teams.

We will try to meet the dates set out in the advert. There may be occasions when these dates will change. You will be provided with sufficient notice of the confirmed dates.

Reserve list    

A reserve list of successful candidates will be kept for 12 months. Should another role become available within that period you may be offered this position.    

Job offers to this post are made on the basis of merit. We often have similar roles available at different grades. If a candidate is suitable for a similar role or a lower grade than they have applied for, we may offer the candidate that role without the need to go through a further selection process providing the role has the same competencies and essential skills.

Further Information

In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf. However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. 

If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading.

For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting

We value diversity and inclusion and welcome applications from the widest diversity of backgrounds, cultures, and experiences. We particularly encourage applications from women, people with disabilities and LGBT+ as they are currently under-represented in the Home Office at this grade level. Appointments will be made on merit on the basis of fair and open competition.  

Where business needs allow, some roles may be suitable for a combination of office and home-based working.  Where this is the case, employees will be expected to spend a minimum of 60% of their working time in the office. Applicants can raise any queries to the email address at the bottom of the advert.

Please read the Essential skills for this position carefully. We will only consider those who meet the listed requirement.

If you have previously made an unsuccessful application for a role with the same essential skills and are not able to demonstrate how you have developed these skills since your last application please reconsider applying as your application is unlikely to be successful.

UK residency and security requirements      

Please note that this role requires Security Check (SC) clearance, which would normally need 5 years’ UK residency in the past 5 years.

However, in exceptional circumstances security clearance applications for candidates who have been present in the UK for at least 3 of last 5 years may be considered. Failure to meet this residency requirement will result in your security clearance application being rejected.

If you are invited to an interview, you will be required to bring documentation for the purposes of establishing your identity.

You will need to meet the nationality requirements for this role and obtain the necessary security clearance to take it up. 

For meaningful security checks to be carried out, individuals need to have lived in the UK for a sufficient period of time. Learn more on our website. Security Checks - Home Office Careers

Visa sponsorship

We do not sponsor individuals via Skilled Worker Sponsorship / Tier 2 (General) work visas.

Reasonable Adjustments

If a person with disabilities is at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. 

If you need a change to be made so that you can make your application, you should:

  • Complete the “Assistance Required” section in the “Additional Requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you're deaf, a language service professional

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the ‘Contact point for applicants’ section.

Feedback



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

  • Name : AC Recruitment
  • Email : acrecruitment@homeoffice.gov.uk

Recruitment team

  • Email : HOrecruitment.grs@cabinetoffice.gov.uk

Further information

If you feel that your application has not been treated in accordance with the recruitment
principles, and wish to make a complaint, then you should contact in the first instance
HORecruitment.GRS@cabinetoffice.gov.uk. If you are not satisfied with the response that you receive, then you can contact the Civil Service Commission.

Attachments

candidate_information_v12_December_2024 Opens in new window (pdf, 658kB)
Pre-employment Checking - Document Requirements (V14) 12-08-2024 Opens in new window (pdf, 464kB)
Framework Version 8 SFIA Opens in new window (pdf, 1483kB)

Share this page