Defence Digital Cyber Security Risk Assessor
| Dyddiad hysbysebu: | 09 Ebrill 2025 |
|---|---|
| Cyflog: | £36,530 bob blwyddyn, pro rata |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 09 Mai 2025 |
| Lleoliad: | SN13 9NR, PE28 2EA |
| Gweithio o bell: | Ar y safle yn unig |
| Cwmni: | Ministry of Defence |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 399546 |
Crynodeb
The Cyber Security Assessment and Advisory Services (CySAAS) team, within our Cyber Defence and Resilience (CyDR) organisation, delivers independent services that assist the MOD in designing, delivering, procuring and supporting platforms, products and systems, that are secure and resilient to cyber-attack.
As a Cyber Security Assessor, within the CySAAS team, you’ll provide independent and consistent assessment and advisory services across the department. This is an exciting time to be part of the continually evolving centre of excellence for Secure by Design (SbD) implementation. You may also lead and line-manage a small team providing these services.
Your knowledge and experience will provide the expertise to ensure an accurate understanding of through-life cyber security risks and assist the business in making informed decisions. You’ll work with projects that involve complex technical and security challenges, which may include highly sensitive networks, cryptography and next-generation platforms.
Along the way, you’ll strengthen links with other cyber security bodies and business functions, including business delivery partners, who provide project-based assurance activities.
Responsibilities
Support the promotion of cyber security standards and best practice across Defence, guiding and influencing project and policy decision making, as appropriate and seeking novel resolutions to challenging security issues.
Contribute to Defence Board reporting, assessment and assurance, consultancy and advice to teams across the Defence enterprise, through the high-profile implementation of SbD.
Review cyber security risk assessment processes against policy and approved frameworks (e.g., NIST), shaping the SbD approach through lessons learned activity; help embed this approach into business and project plans.
Review and confirm that risk assessments and risk treatment plans are consistent with business requirements and that residual security risks have been captured and accepted by the appropriate risk owner and are within their level of responsibility, experience or delegated risk tolerance, and escalate accordingly.
Liaising with appropriate subject matter experts across Defence including the National Cyber Security Centre (NCSC), Cryptographic Service for Defence, Joint Cyber Unit (JCU) and, where appropriate OGD and Security Agencies.
As a Cyber Security Assessor, within the CySAAS team, you’ll provide independent and consistent assessment and advisory services across the department. This is an exciting time to be part of the continually evolving centre of excellence for Secure by Design (SbD) implementation. You may also lead and line-manage a small team providing these services.
Your knowledge and experience will provide the expertise to ensure an accurate understanding of through-life cyber security risks and assist the business in making informed decisions. You’ll work with projects that involve complex technical and security challenges, which may include highly sensitive networks, cryptography and next-generation platforms.
Along the way, you’ll strengthen links with other cyber security bodies and business functions, including business delivery partners, who provide project-based assurance activities.
Responsibilities
Support the promotion of cyber security standards and best practice across Defence, guiding and influencing project and policy decision making, as appropriate and seeking novel resolutions to challenging security issues.
Contribute to Defence Board reporting, assessment and assurance, consultancy and advice to teams across the Defence enterprise, through the high-profile implementation of SbD.
Review cyber security risk assessment processes against policy and approved frameworks (e.g., NIST), shaping the SbD approach through lessons learned activity; help embed this approach into business and project plans.
Review and confirm that risk assessments and risk treatment plans are consistent with business requirements and that residual security risks have been captured and accepted by the appropriate risk owner and are within their level of responsibility, experience or delegated risk tolerance, and escalate accordingly.
Liaising with appropriate subject matter experts across Defence including the National Cyber Security Centre (NCSC), Cryptographic Service for Defence, Joint Cyber Unit (JCU) and, where appropriate OGD and Security Agencies.