Warning
Mae'r hysbyseb swydd hon wedi dod i ben ac mae'r ceisiadau wedi cau.
Defence Business Services (DBS) Cyber Response and Information Governance Lead
| Dyddiad hysbysebu: | 21 Ionawr 2025 |
|---|---|
| Cyflog: | £44,590 i £55,990 bob blwyddyn, pro rata |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 31 Ionawr 2025 |
| Lleoliad: | FY5 3WP |
| Gweithio o bell: | Hybrid - gweithio o bell hyd at 2 ddiwrnod yr wythnos |
| Cwmni: | Ministry of Defence |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 386720 |
Crynodeb
BS DIT provides digital capability that supports corporate services across the Ministry of Defence, including Finance, Commercial, Payroll and Human Resources for Military Personnel, Civilian Personnel and Veterans. The role of Response is to manage the response procedures and investigations of security events or incidents. Response colleagues must contain and remediate those incidents, identify potential process improvements, and maintain organisational readiness through preparedness exercises and co-ordinating red team activity. Response also advises product and service owners of potential mitigations.
Warning Advisory and Reporting Points (WARPs) are a mandated appointment in accordance with Defence Policy and provide a focal point for security advice and the reporting and management of security incidents and breaches on behalf of their Principal Security Advisor (PSyA).
DBS WARP includes the Cyber Information Security Operations Centres (CyISOC) it integrates People, Processes and Technology to conduct limited proactive and reactionary cyber operations and associated MOD directives as part of the Defence Digital led Cyber Security Operations Centre (CSOC) federation.
The Cyber Security Incident Response Lead is responsible for managing the Warning Advisory & Reporting Point (WARP) as the central function covering all DBS Business Teams and is responsible for:
Ensuring all security incidents and breaches occurring within DBS are being reported promptly and are investigated appropriately to ensure that risk is mitigated, and Post Incident Reviews are undertaken.
Security Incident Reporting to the Joint Security Coordinating Centre (JSYCC), MOD Chief Information Officer (CIO) and MOD Data Protection Officer Team (DPOT) takes places within the stipulated timeframes.
Supporting DBS Principal Security Advisor (PSyA) on all aspects of security and information governance that requires escalation to MOD Defence Security & Resilience.
Supporting DBS Cyber Response Head in relation to time critical and sensitive investigations.
Ensure all cyber security incidents and breaches including areas of non-compliance with DBS and MOD security policy occurring within the Organisation are being reported promptly to the Cyber Security Operations Capability (CSOC) federation for further investigation. Supporting requests for Forensic Investigations through the defined MOD channels in JDCU.
Supporting Defence Computer Network Defence (CND) capability. Ensure all DBS systems are recorded on Vigilant Cyber Vulnerability Management Tool providing updates on MODCERT compliance to Cyber Response and Information Governance Head, ensuring non compliance is appropriately following Security Risk Management.
Cyber Threat Intelligence (CTI) dissemination through the WARP to DBS Teams.
Maintain effective working relationships with wider Defence WARPs and Cyber Information Security Operations Centres (CyISOC) JSYCC and Defence Digital MOD Computer Emergency Response Team (MODCERT).
Information Governance Lead responsibilities include:
Ensure confidentiality, integrity and availability (CIA) of information and assets is maintained through the effective deployment of procedural and technical controls. Where DBS are unable to deploy mandated controls, escalate through security risk management process.
Maintain the suite of DBS IA Policies, ensuring reviewed for changes against JSP 440 Defence Manual of Security and wider HMG Security (GOVS 007).
Analyse and evaluate cyber and information security risks, as part of the Post Incident Review (PIR) and Lessons Identified (LI) processes making recommendations for improvement.
Lead the development of incident response exercises scoping, design and governance and remedial action plans.
Provide specialist, tailored advice to address identified Cyber Security related risks by applying a variety of security capabilities, which may include using published guidance standards.
Review Service Delivery Contract (SDC) against relevant (Identitify, Protect, Detect and Respond) schedule 2.4 deliverables reporting non-compliance to the Contract Management Team as required.
Support DBS Cyber Assessors in the completion of ‘Threat Assessments’ using the agreed NIST framework and DBS templates.
Lead the annual NIST CCF Assessment and support Third Line of Defence (3LOD) assurance activity on behalf of the Cyber Response and Information Assurance Head.
Provide real-time Management Information (MI) to DBS Management Board showing incident statistics and trends across DBS. Presented through the monthly Executive Dashboard.
Maintain the DBS Critical Information Asset and Data Flow Control Registers, ensuring all new capabilities and/or data flows are accurately recorded, supporting IAO network
Person specification
Essential qualifications
Certificate in Information Security Management Principles (CISMP) or recognised equivalent security qualification
Warning Advisory and Reporting Points (WARPs) are a mandated appointment in accordance with Defence Policy and provide a focal point for security advice and the reporting and management of security incidents and breaches on behalf of their Principal Security Advisor (PSyA).
DBS WARP includes the Cyber Information Security Operations Centres (CyISOC) it integrates People, Processes and Technology to conduct limited proactive and reactionary cyber operations and associated MOD directives as part of the Defence Digital led Cyber Security Operations Centre (CSOC) federation.
The Cyber Security Incident Response Lead is responsible for managing the Warning Advisory & Reporting Point (WARP) as the central function covering all DBS Business Teams and is responsible for:
Ensuring all security incidents and breaches occurring within DBS are being reported promptly and are investigated appropriately to ensure that risk is mitigated, and Post Incident Reviews are undertaken.
Security Incident Reporting to the Joint Security Coordinating Centre (JSYCC), MOD Chief Information Officer (CIO) and MOD Data Protection Officer Team (DPOT) takes places within the stipulated timeframes.
Supporting DBS Principal Security Advisor (PSyA) on all aspects of security and information governance that requires escalation to MOD Defence Security & Resilience.
Supporting DBS Cyber Response Head in relation to time critical and sensitive investigations.
Ensure all cyber security incidents and breaches including areas of non-compliance with DBS and MOD security policy occurring within the Organisation are being reported promptly to the Cyber Security Operations Capability (CSOC) federation for further investigation. Supporting requests for Forensic Investigations through the defined MOD channels in JDCU.
Supporting Defence Computer Network Defence (CND) capability. Ensure all DBS systems are recorded on Vigilant Cyber Vulnerability Management Tool providing updates on MODCERT compliance to Cyber Response and Information Governance Head, ensuring non compliance is appropriately following Security Risk Management.
Cyber Threat Intelligence (CTI) dissemination through the WARP to DBS Teams.
Maintain effective working relationships with wider Defence WARPs and Cyber Information Security Operations Centres (CyISOC) JSYCC and Defence Digital MOD Computer Emergency Response Team (MODCERT).
Information Governance Lead responsibilities include:
Ensure confidentiality, integrity and availability (CIA) of information and assets is maintained through the effective deployment of procedural and technical controls. Where DBS are unable to deploy mandated controls, escalate through security risk management process.
Maintain the suite of DBS IA Policies, ensuring reviewed for changes against JSP 440 Defence Manual of Security and wider HMG Security (GOVS 007).
Analyse and evaluate cyber and information security risks, as part of the Post Incident Review (PIR) and Lessons Identified (LI) processes making recommendations for improvement.
Lead the development of incident response exercises scoping, design and governance and remedial action plans.
Provide specialist, tailored advice to address identified Cyber Security related risks by applying a variety of security capabilities, which may include using published guidance standards.
Review Service Delivery Contract (SDC) against relevant (Identitify, Protect, Detect and Respond) schedule 2.4 deliverables reporting non-compliance to the Contract Management Team as required.
Support DBS Cyber Assessors in the completion of ‘Threat Assessments’ using the agreed NIST framework and DBS templates.
Lead the annual NIST CCF Assessment and support Third Line of Defence (3LOD) assurance activity on behalf of the Cyber Response and Information Assurance Head.
Provide real-time Management Information (MI) to DBS Management Board showing incident statistics and trends across DBS. Presented through the monthly Executive Dashboard.
Maintain the DBS Critical Information Asset and Data Flow Control Registers, ensuring all new capabilities and/or data flows are accurately recorded, supporting IAO network
Person specification
Essential qualifications
Certificate in Information Security Management Principles (CISMP) or recognised equivalent security qualification