Defence Digital Cyber Security Assessor

Job content

As Cyber Security Assessor within the Cyber Security Assessment and Advisory Services (CySAAS) team, you will provide timely, impartial and consistent accreditation, assessment and advisory services across the department and our industry partners. You will also lead a team providing assessment and training services. Senior personnel will rely on your expertise to ensure they have an accurate understanding of through-life cyber security risks, so they can make informed business decisions. You will work with projects that involve complex technical and security challenges, which may include highly sensitive networks, cryptography, and next-generation vehicles. Along the way, you will strengthen links with other cyber security bodies and business functions - from business delivery partners who provide project-based assurance activities, to industry trade bodies and organisations which deliver Information Technology (IT).

As an experienced cyber security leader, you will bring to the role a proven ability to communicate at all levels of a diverse organisation. As thought leadership will be a key aspect of the role, you will need to demonstrate a talent for solving complex problems through innovation. You have the ability to advise on complex risk balance decisions; to explain cyber security policy, governance and technology to non-experts; and to lead a diverse team of skilled cyber security professionals. With you on board, we will develop a culture across UK Defence which values and protects data.

In return, you will benefit from learning and development opportunities tailored to your role. You can also expect benefits including flexible working and a generous Civil Service pension.

Provision of timely, impartial and balanced accreditation, assessment and advisory services across the Department and its Industry partners to ensure that the Senior Responsible Owner (SRO) and Chief Information Security Officer (CISO) have an accurate understanding of through-life Information Assurance (IA) risks.

Responsibilities

Provision of timely, impartial and consistent accreditation, assessment and advisory services across the Department and its Industry partners to ensure that the SRO and CISO have an accurate understanding of through-life IA risks and can make informed business decisions.

• Line Management of Cyber Security Assessment personnel to ensure workloads are balanced efficiently and resource issues are escalated to the Senior Leadership Team in a timely fashion. This may include management of:
• Lead and Associate Assessors to ensure that strategic direction for MOD Accreditation is on track and acting promptly should deviations occur.
• The Lead Assessor community to ensure functional mentoring and professional training and development are achieving the desired outcomes.
• Assessors to ensure accreditation related Management Information is accurate and up to date with the current status identified.
• Ensuring accreditation activities relating to the security of citizen, business partner, employee and business information are completed iaw Government policy. Where this cannot be achieved:
• Risks are escalated to the appropriate level in a timely fashion.
• Risks are explained in business terms to aid the SROs decision making process.
• Strengthening links with other Cyber Security bodies and business functions across Defence including:
• Business delivery partners; to ensure all project based assurance activities are coherent and complimentary, eg Defence Intelligence, Defensive Cyber Operations and Principle Security Advisors.
• Business representatives; to help deliver secure IT requirements in a way that is business enabling, proportionate and integrated with other stands of management.
• Industry trade bodies; building relationships through encouraging CySAAS attendance at appropriate events, ensuring MOD Accreditation approach is fully understood.
• Work to develop a pan-Defence culture which values and protects data appropriately, helping Project Teams to understand Cyber risks and threats and how best to manage them.
• Promote the benefit of CySAAS outcomes to Top Level Budget Holders (TLBs), MOD Agencies and delivery partners.
• Actively contribute to MOD and Pan Government IA Forums, liaising with other Government Accreditation Authorities as appropriate.
• Support to Deputy Head Cyber Security Assessment including external reporting requirements.
• Taking appropriate action as required by tasking manager in response to issues/events eg Tiger Teaming, Deep Dives
• Provision of specialist Cyber Security Services to advise and assist on complex Cyber challenges.
  

Allowances: A Recruitment and Retention Allowance (RRA) of up to £9k per annum may be payable with this post, paid in increments upon reaching the required level of competence.

Essential Criteria

• Understanding of the development, implementation and through life management of cyber security within a Government / Defence operational context.
• Ability to work collaboratively across MOD, Government, Industry and Academia to foster improved understanding of cyber security policy, governance, technology and implementation.
• Ability to lead diverse, multi-discipline and geographically dispersed teams of Civil Servants, Military Personnel and Client Support staff.
• Experience in the development and maintenance of international working relationships, eg across US, Five Eyes and NATO, seeking to enhance UK Cyber capability and wider interoperability.
• Ability to accurately and clearly represent complex technical, procedural, and governance issues to senior stakeholders across Defence Digital and Front Line Commands at the appropriate level.