Cyber GSeC Senior Cyber Security Professional (CSTS)


Apply Now
 

Details

Reference number

301076

Salary

£52,598 – £66,712
National: £52,598 – £59,294 London: £59,182 – £66,712 In some cases, external (non-Civil Service) candidates may be offered a Higher Starting Pay between the HMRC salary advertised ranges (London or National ranges respectively apply). This Higher Starting Pay is only offered according to skills levels and experience. This will be discussed with successful candidates when HMRC make a provisional offer for the post.
A
Civil Service Pension with an average employer contribution of 27%

Job grade

Grade 7

Contract type

Permanent

Business area

HMRC – CDIO – Security

Type of role

Security

Working pattern

Flexible working, Full-time, Job share, Part-time

Number of jobs available

1

Contents

Bristol, South West England, BS2 0ES : Cardiff, Wales, CF10 1EP : London, London (region), E20 1HZ : Edinburgh, Scotland, EH8 8FT : Leeds, Yorkshire and the Humber, LS1 4AP : Salford, North West England, M3 5BS : Newcastle upon Tyne, North East England, NE98 1ZZ : Nottingham, East Midlands (England), NG2 1AW : Telford, West Midlands (England), TF3 4NT

Job summary

The Government Security Centre for Cyber, more commonly referred to as the Cyber GSeC, is hosted by HMRC and provides consultancy and advice services across government to improve the cyber security posture of HM Government (HMG). We work directly to support of the stated outcomes of the Government Cyber Security Strategy (GCSS).

The Cyber GSeC, is part of Cyber Security Technical Services (CSTS), in HMRC. CSTS delivers a suite of technical security services across high profile projects and programmes internally, within HMRC. Cyber GSeC is the outward-facing arm of CSTS, delivering its services directly across circa 400 Government Departments and Arms-Length Bodies (ALBs).

Five Government Security Centres (GSeCs) are embedded in host departments, to provide security consultancy services across HM Government (HMG) in the key areas of: Cyber; Personnel and Physical; Education and Awareness; Industry Security Assurance and International.  

As a Senior Cyber Security Professional leading service delivery within Cyber GSeC, you will play a key role in improving the cyber security posture of His Majesty’s Government. Championing the outcomes of the Government Cyber Security Strategy you will oversee the design, implementation, uptake, and continued improvement of Cyber GSeC services and best practice that provides tangible improvement to the cyber security of Lead Government Departments and their underlying ALBs.  You may also be required to contribute to other outcomes of HMRC’s Cyber Security Technical Services function.

If you want to know more about the role?  Join our 30-minute webinar on Monday 24th July, at 16:30.  To register your interest, please email: cybergsec@hmrc.gov.uk  by close of business on Friday 21st July. 

Our linked Candidate Pack (see below) provides further insight to the Government Security Centre for Cyber, the team, the role and the application process and support available for candidates.

See what it’s like to work at HMRC: find out more about us or ask our colleagues a question. Questions relating to an individual application must be emailed as detailed later in this advert.

Job description

The Role 

You will be responsible for one of our technical services, delivering against dedicated milestones. You will be confident in your ability to engage at senior levels across the UK security community and will lead the team’s engagement with a wide range of key stakeholders that may include the Government Security Group (GSG), National Cyber Security Centre (NCSC) and the Central Digital and Data Office (CDDO). Maintaining third-party strategic supplier relationships will be an important element of this engagement activity.

The core element of the Senior Cyber Security Professional role will be to provide targeted, expert and risk-based technical security advice and guidance across the breadth of HM Government. The successful candidate will be able to evidence their technical skills and experience in cyber security fields relevant to the services we deliver.

Services within the Cyber GSeC include delivery of Purple Team exercises through our delivery partner (FCDO Services), support to departments undertaking GovAssure, support to departments in ensuring that they have the correct cyber security provisions in their supply chain, support to departments in adopting the NCSC Active Cyber Defence suite of products, as well as bespoke consultancy and advice for any other cyber security related issues departments may have. Our attached service delivery leaflet provides further insight to our core services.

Working as part of Cyber Security Technical Services (CSTS), you will also be part of our active and encouraging cyber security community, working collaboratively with senior business and technical partners, to deliver against the GCSS. As a wider part of the role, you may also be required to contribute to other outcomes of HMRC’s Cyber Security Technical Services function, delivering technical cyber security services across HMRC’s high profile programmes, projects, and live services.

Broadly, we expect the role and successful candidate to align with the Government Security Profession Framework.

Ideal Candidate: 

As the ideal candidate you will be able to work in partnership and lead major projects, ensuring the work commitment required is delivered on time and to agreed quality standards.

You will be confident in your ability to engage with the UK security community and hold the technical credibility to represent our business, sharing our position and direction on the importance delivering against the outcomes of the Government Cyber Security Strategy.

You will champion consistency across our business in support of our “one team” ethos, you will be happy to provide technical reviews, support the development of individuals and contribute to the growth of protective security practices across HMG.

The Team 

The Cyber GSeC sits within CSTS, in HMRC Security. CSTS is a multi-disciplinary team, delivering critical technical security services to its customers.

The Cyber GSeC comprises two core functions: Operations and Enabling Capabilities. The Operations function provides support and expertise to Government Organisations to meet relevant Cyber Security Standards, as well as understanding and improving their ability to meet the evolving cyber security threats facing HMG.

The Enabling Capabilities function provides support to the Operations team, including cross-government business partnering, as well as undertaking governance, communications, and business management requirements.

Over the next three years, the Cyber GSeC will be growing significantly as we develop our capabilities in support of GCSS.  Now is a great time to join us as we establish a team of outstanding people in the Cyber Security field, delivering critical technical security services across government.

We are looking for Senior Cyber Security Professional’s to lead the delivery and continuous improvement of our core service offering.

Applicants who do, or wish to, work an alternative pattern are welcome to apply. The preferred working pattern may or may not be available. You should discuss this with the vacancy holder before you submit your application. Candidates who do not agree their working pattern with the vacancy holder prior to applying may be rejected.

Travel and overnight stays are rare, but generally are connected to training courses or visiting our other site.

Person specification

Responsibilities can include: 

  • Delivering outcomes against one of our service lines in support of the Government Cyber Security Strategy (GCSS).
  • Developing, implementing, delivering, and continuously improving Cyber GSeC advice and guidance services across circa 400 government organisations, ensuring alignment to relevant cyber security standards and architectural requirements.
  • Selecting suitable security techniques, tools, and test strategies to confirm compliance with relevant HMG security standards, providing suggested remediation actions.
  • Leading the development of Security Principles, Policies and Technical Standards aligned to business context and risk appetites and curating communication campaigns for a wide range of stakeholders to encourage an improved cyber security stance and the uptake of Cyber GSeC services.
  • Supporting the delivery of balanced and efficient cyber security risk management decisions, identifying vulnerabilities and resolutions in sophisticated technical environments.
  • Recognising when security measures impact on users or business needs, providing targeted and expert advice to inform business decision making, and handle partner concerns.
  • Identifying, raising, and advancing cyber risks in keeping with HMG risk appetite and delivering effective cyber services from our catalogue, while supporting Secure by Design and the security lifecycle.
  • Identify security resource requirements to enable the efficient delivery of core service outputs, sharing these with the Senior Leadership Team and our Operations Management Team.
  • Research, identify, validate, and lead the adoption of new technologies and methodologies and engage with and contribute to a wider security technology and tooling strategy providing direction to the organisation and HMG.
  • Representing our technical business during project development, delivery, and governance.

Essential Criteria 

You will already have knowledge, understanding and/or experience of: 

  • The application of technical security in real life environments.
  • Building relationships with senior stakeholders across partner organisations, clients, and suppliers, using strong communication skills to communicate effectively at all levels to technical and non-technical audiences.
  • Security and privacy risks and associated threats with a solid understanding of key considerations such as confidentiality, integrity, availability, non-repudiation, and privacy.
  • Successful delivery of security aspects of major projects, demonstrating professional credibility and authority.
  • Leading the design and implementation of change programmes.
  • Crafting and conveying information security and risk management guidance aligned to corporate risk appetite across several enterprises.
  • Working with leading standards such as NIST, ISO, CIS, and Cyber Essentials. 

Desirable Criteria 

Ideally you will also have validated working knowledge and experience of: 

  • The Government Security function.
  • Working across government and with senior partners.
  • Infrastructure, Operating Systems, networking architectures, technologies and the OSI Model.
  • Security architectures, design, and best practices.
  • Multiple security domains and disciplines including Cyber, Physical, Personnel, Process, Policy, Privacy, Law & GDPR.

Desirable Qualifications  

It is desirable that candidates hold, or are willing to work towards, the following relevant professional qualifications:   

Relevant IT Security qualifications include (but are not limited to):   

  • NCSC Certified Cyber Professional (CCP) 
  • Certified Information System Security Professional (CISSP)  
  • Certified Cloud Security Professional (CCSP) 
  • Certified Information Security Manager (CISM)  
  • EC Council Certified Security Analyst (ESCA)  
  • Relevant GIAC Qualifications  

Technical skills

We’ll assess you against these technical skills during the selection process:

  • Technical Aptitude
Alongside your salary of £52,598, HM Revenue and Customs contributes
£14,298 towards you being a member of the Civil Service Defined Benefit Pension scheme.

Find out what benefits a Civil Service Pension provides.
  • Learning and development tailored to your role
  • An environment with flexible working options
  • A culture encouraging inclusion and diversity
  • A Civil Service pension with an average employer contribution of 27%

  • Annual Leave: From 1 September 2021 (when annual leave changes agreed as part of HMRC’s reform deal are introduced), full-time employees have a starting paid annual leave allowance of 25 days per year, pro rata, which will increase by one day for each year’s qualifying service up to a maximum of 30 days.

    If you’re transferring over from an Other Government Department (OGD), we will take account of your previous qualifying service, provided there is no break in your service between you working for your previous department and taking up service with HMRC.

    If you’re transferring over from a recognised Non-Departmental Public Body (NDPB), you will have your previous qualifying service recognised from 1 March 2011, provided it is continuous with your service with HMRC.

    https://www.gov.uk/government/publications/working-for-hmrc-information-for-applicants/terms-and-conditions-in-hmrc

Find more about HMRC benefits in ‘Your little extras and big benefits handbook’ for further information or visit Thinking of joining the Civil Service.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Experience and Technical skills.

To apply, please complete the CV and personal statement template provided on the CS Jobs dashboard.

Your CV should detail your career history in no more than 500 words. It should highlight key responsibilities and successes from your career that are relevant to the full list of essential criteria. 

Your CV will also provide the opportunity to list your skills, experiences (500-word limit) and qualifications that are relevant to the advertised role and services we deliver.

Your Personal Statement (750-word limit) will be read by the recruiting line manager and provides the primary evidence of your fit for the role. Your Personal Statement should provide examples to describe how your skills and experience fit the specific essential criteria detailed below and the person specification outlined in the job advert.  

In your personal statement you should provide evidence of your experience in: 

  • The application of technical security in real life environments.
  • Building relationships with senior stakeholders across partner organisations, clients, and suppliers, using strong communication skills to communicate effectively at all levels to technical and non-technical audiences.
  • Successful delivery of security aspects of major projects, demonstrating professional credibility and authority.
  • Leading the design and implementation of change programmes.
  • Conveying information security and risk management guidance aligned with corporate risk appetite across several enterprises.

Where possible you should try to organise your personal statement using the STAR format – Situation, Task, Actions (you took) and the Result – to provide examples that evidence how you meet the outlined criteria.

The application will be sifted based on your experience and the technical requirements of the role. This will be measured solely through your CV and Personal Statement. You will be scored 1-7 for the Personal Statement and this will make up part of your overall score to assess your suitability to be invited to interview. 

Please note that your application may be rejected if you exceed the word count as specified.

It is expected that a sift will be carried out within 5 working days of the closing date, and we will interview around 5 working days after the sift result.

At interview you will be asked questions that allow you to demonstrate experience relevant to the advertised role and how you meet the expected technical requirements.

In some cases, external (non-Civil Service) candidates may be offered a Higher Starting Pay between the HMRC salary advertised ranges (London or National ranges respectively apply).  This Higher Starting Pay is only offered according to skills levels and experience. This will be discussed with successful candidates when HMRC make a provisional offer for the post.

A reserve list may be held for a period of up to 12 months from which further appointments may be made for the same or similar roles – if this applies to you, we’ll let you know via your Civil Service Jobs account.

Eligibility

To check that you are eligible to apply, review this eligibility information

Important information for existing HMRC contractual homeworkers:

This role may be suitable for existing HMRC employees who are contractual homeworkers. Occasional attendance to the office will be required where there is a business need, so please review the advertised office locations for this role when applying and only select locations from the ‘location preferences’ section that you are able to travel to.    

Reasonable Adjustments 

We want to make sure no one is put at a disadvantage during our recruitment process because of a disability, condition, or impairment. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate. 

If you need a reasonable adjustment or a change to be made so that you can make your application, review this information on reasonable adjustments, and contact hmrcrecruitment.grs@cabinetoffice.gov.uk as soon as possible.

Diversity and Inclusion

At HMRC we are committed to creating a great place to work for all our colleagues and creating an inclusive and respectful environment that reflects the diversity of the society we serve.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role. We’re committed to creating a great place to work for all our colleagues here at HMRC. We want everyone to feel valued and supported to achieve their potential at HMRC.

For more information on how we make this happen, review this information on our culture and values

Applications received from candidates with a criminal record are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.

We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible after considering operational and customer service needs. We can’t guarantee that we can meet all requests to work flexibly, as agreement will be subject to business ability to accommodate, and any request to work a more flexible arrangement should be made prior to your acceptance of the provisional offer.

Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement, this will be tested as part of the selection process. 

The Civil Service runs a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. 

Locations 

HMRC has a presence in every region of the UK. For more information on where you might be working, review this information on our locations.

Security Update

For more information on the level of security checks we will carry out, review this information on security checks

Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.

Further Information

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide in your application must relate to your own experiences.

Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant application/s will be withdrawn from the process. 

Duplicate applications for the same vacancy will also be withdrawn.

Transferring into HMRC from Civil Service If you are currently working for an ‘Other Government Department’ (OGD) and would like to consider the impact on your pay when joining HMRC, please see the attached document “Combined T&C and OGD Pay English”, found at the bottom of this advert. Further information on staff transfers can be found on gov.uk

Problems during the application process 

If you experience accessibility problems with any attachments on this advert, please contact the email address in the ‘Contact point for applicants’ section. 

If you think you’ve made a mistake on a short application form (e.g. you’ve ticked the incorrect eligibility box), please contact hmrcrecruitment.grs@cabinetoffice.gov.uk at least two working days before the vacancy closes. After this, we won’t be able to reopen your application.   

Please use the subject line to insert appropriate wording e.g. Please re-open my application – 301076 & vacancy closing date 13/08/2023. Please note that we cannot amend or re-open your application if you have submitted your full application in the interests of fair and open recruitment.

For reasonable adjustments queries or requests, please see details within reasonable adjustments section above.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the Republic of Ireland
  • nationals from the EU, EEA or Switzerland with settled or pre-settled status or who apply for either status by the deadline of the European Union Settlement Scheme (EUSS) (opens in a new window)
  • relevant EU, EEA, Swiss or Turkish nationals working in the Civil Service
  • relevant EU, EEA, Swiss or Turkish nationals who have built up the right to work in the Civil Service
  • certain family members of the relevant EU, EEA, Swiss or Turkish nationals

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
Once this job has closed, the job advert will no longer be available.
You may want to save a copy for your records.

Contact point for applicants

Job contact :

  • Name : Paul Bell
  • Email : cybergsec@hmrc.gov.uk

Recruitment team

  • Email : hmrcrecruitment.grs@cabinetoffice.gov.uk

Further information

Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. You have the right to complain if you feel a department has breached the Recruitment Principles. In the first instance, you should raise the matter directly with the department concerned via complaints.grs@cabinetoffice.gov.uk If you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission please visit their web pages: Click here

Attachments

GSeC_Candidate_Pack Opens in new window (pdf, 3858kB)
Cyber_GSeC_Services_Capabilities_Leaflet Opens in new window (pdf, 1949kB)
Combined T&C and OGD Pay English v 6 (26-07-22) (1) Opens in new window (docx, 114kB)

Share this page

 
 

Apply Now

Posted

in