Find More Than 10K+
United Kingdom Jobs

Are you ready to work in one of the most interesting cyber security environments and share your experience to support national security?

Cyber security plays an integral role in protecting the UK against external and internal threats, acting as a deterrence to ensure that our Armed Forces have the strong cyber defences they need.

The Cyber Assessment and Advisory Service (CySAAS) provides assurance, support and advice to teams across defence. It consists of sub teams which assess specialist ICT, communication, and weapons systems.

The team is within the Cyber Defence and Risk (CyDR) organisation which sits at the forefront of Cyber Security and Information Technology within Defence. It is responsible for enabling Defence, through the provision of specialist assurance and cyber security services, across UK Defence including industry partners, other Government Departments and our international allies.

CyDR sits within Defence Digital (DD) who provide digital and technology services to our Armed Forces. Defence Digital operates at scale, with an annual budget in excess of £2Bn and a diverse team of 2,500 colleagues, aiming to make our Armed Forces some of the most technologically advanced in the world.

With a fantastic growing team of military and civilian staff operating across the UK it is a great time to be a cyber security professional in the Ministry of Defence. If you can see yourself contributing to the world of CySAAS the next chapter of your career may be with us!

This position is advertised at 37 hours per week

As a Cyber Security Risk Assessor within the CySAAS team, you will provide timely, impartial and consistent assessment and advisory services across the department and our industry partners.

Your knowledge and experience will be developed to provide the expertise to ensure an accurate understanding of through-life cyber security risks and to assist in making informed business decisions. You will work with projects that involve complex technical and security challenges, which may include highly sensitive networks, cryptography and next-generation platforms. Along the way, you will strengthen links with other cyber security bodies and business functions, including business delivery partners, who provide project-based assurance activities.

You’ll need to demonstrate a talent for solving complex problems through innovation and taking a key role in stakeholder discussions. You’ll have the opportunity to advise on complex risk balance decisions and explaining cyber security policy, governance and technology to non-experts. With you on board, we will develop a culture across UK Defence which values and protects data.

In return, you will benefit from excellent learning and development opportunities tailored to your role and beyond. Whilst in post, you’ll be able to gain industry recognised qualifications, such as CISSP or CRISC and we’ll support you throughout the process.

You’ll also be able to take advantage of our excellent benefits package, including flexible working, generous leave allowance, great discount services and a market-leading Civil Service pension.

For this role, a Recruitment and Retention Allowance (RRA) of up to £9k may also be payable; this is paid in increments, upon reaching the required level of competence.

We are a small, highly specialised team, performing a critical role in Defence Digital, offering an exciting opportunity to join us and become part of our journey!

Responsibilities include:

• 
  Support the promotion of cyber security standards and best practice across Defence, guiding and influencing project and policy decision making as appropriate and seeking novel solutions to challenging security issues.

• 
  Ensure the risk assessment process meets the requirement against policy and approved frameworks.

• 
  Review risk management evidence to confirm that risk assessments and risk treatment plans are consistent with business requirements.

• 
  Confirm that residual security risks have been captured and accepted by the appropriate risk owner, in accordance with the risk owner’s delegated authority.

• 
  Recognise risk management and security decisions that have an implication beyond their level of responsibility, experience or delegated risk tolerance and escalate accordingly.

• 
  Where appropriate, explain the Cyber assessment to the risk owner, in terms of business objectives threats, risks, vulnerabilities, controls and business impacts.

• 
  Liaise with appropriate subject matter experts across Defence including the National Cyber Security Centre (NCSC), Cryptographic Service for Defence, Joint Cyber Unit and, where appropriate other Government Departments and Security Agencies.

• 
  Building constructive relationships with Projects Teams and across wider DD, to help build risk management and secure design into business and project plans.

• 
  Supporting the Security Assurance Coordinators (SAC) and Project Security Leads through independent assessment of risk management and security Evidence, and attendance at relevant Security meetings.

• 
  Whilst these positions do not currently have line-management responsibility, this may be a requirement in the future.

Person specification

If you have the following skills and experience, we would love to hear from you!

We would expect to see some previous experience in Cyber Security Governance and Management, Risk Management and/or Operational Security Management and ideally you’ll have the following skills:

• The ability to build strong working-relationships
• Great communication skills, able to converse at a wide variety of levels
• Able to lead both technical and non-technical teams

Qualifications: Your experience is key but if you have any of the following industry qualifications that would great; if not, we’ll help you attain them. You’ll need to have the motivation and desire to continue to learn and develop and we’ll provide opportunities to gain these in post:

• Certificate in Information Security Management Principles (CISMP)
• Certificate in Information Security Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control
• Certified Cyber Professional (CCP)

Memberships: If you aren’t already a member, we’ll help you with the process and if/when you are, we’ll assist you in supporting & maintaining them:

• Chartered Institute of Information Security (CIISEC)
• British Computer Society (BCS)

Allowances: A Recruitment and Retention Allowance (RRA) of up to £9k may be payable with this post, paid in increments upon reaching the required level of competence.

Location: These positions can be based at either RAF Wyton, Huntingdon or MOD Corsham, Wiltshire. Work location will be agreed once the successful candidates have been selected.

This job role is suitable for hybrid working, which is an informal, non-contractual and voluntary arrangement, blending a balance of attendance in the workplace (your permanent duty station which is based on business assessment of where the work is best done) and working from home as a personal choice (if the role is suitable for this). If you are successful, any opportunities for hybrid working will be discussed with you prior to you taking up your post.

We anticipate that the successful candidate will be required to attend their designated office for a minimum of 1-2 days per week.

These roles will have a requirement to travel to meetings within the UK, with potential overnight stays required (or occasional overseas visits).

If not already held, successful candidates will be required to undergo DV clearance. These positions are open to sole UK Nationals only.

We'll assess you against these behaviours during the selection process:

• Leadership
• Communicating and Influencing
• Seeing the Big Picture
• Working Together

We'll assess you against these technical skills during the selection process:

• Information risk assessment and risk management
• Applied security capability

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%
• Family Friendly – Enhanced Parental and Adoption Leave.
• A wide range of discounts – Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, company discounts with Virgin, Vodafone, and Microsoft Office.
• 5 days per year Learning & Development
• In year rewards and ‘thank you’ schemes.
• Flexible working.
• Generous leave allocations.
• Please see Benefits Leaflet for more detail

Defence Digital operates an organisation model in which every individual belongs to a Government Profession. The successful applicant will be posted into one of the defined Government Professions on Standard Terms of Reference for the grade. Defence Digital reserves the right to move individuals between roles, within their allocated profession, to meet the needs of the business and in support of agile resourcing.

Within Defence Digital each profession is led by a Professional Head of Community who will lead professional development and support the Continuous Professional Development path for their group.

Defence Digital is currently going through a Transformation Programme which aims to ensure we have the right workforce, with the right skills, to deliver the MOD's Digital Strategy. As the programme progresses, Defence Digital staff may be required to undergo an assessment to understand and develop their upskilling needs to support the delivery of this strategy. This post may be impacted by Transformation.

Equality and Diversity

Our people are at the heart of everything we do at Defence Digital. It’s vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so we’re proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please let us know in your application or at any stage throughout the process if this is something you want to explore.

The post does not offer relocation expenses.

External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.

Expenses incurred for travel to interviews will not be reimbursed.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/.

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment by 31st December 2022. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

Job contact :

Name :
Defence Digital Talent Acquisition Team
Email :
[email protected]

Recruitment team

Email :
[email protected]