Job Description
Job summaryThe Head of Cyber Detect & Response oversees the 24/7 Protective Monitoring and Incident Management teams that are responsible for monitoring, detecting, and responding to cyber threats.You will be managing advanced detection systems and taking a lead role in coordinating the response to cyber incidents, ensuring the security and resilience of the Home Office�s digital systems which span Borders, Immigration and Citizenship, Policing, and Fire.This is a key position for those who are ready to protect and respond to issues affecting the nation�s digital infrastructure against ever-evolving cyber threats.If you're interested in finding out more, we are holding a Home Office Cyber Security candidate information event on 17th September. You will find out about working for the organisation, hear from staff on their experiences working in Home Office Cyber Security Roles and learn more about our recruitment process. Please register here�Job descriptionAs Head of Cyber Detect & Response your responsibilities will include:�Overseeing the triage of cyber incidents, ensuring proportionate mitigation and containment measures have been implemented in accordance with processes and procedures. Aggregating and evaluating post-incident feedback to inform board-level reporting on security incidents.Setting the department�s Cyber Incident Management strategy including its people, process, and technology elements.Providing advice to senior stakeholders on ways to improve incident management processes, strengthen security controls, identifying, evaluating, and mitigating risks. Setting direction and recommending investment in strategic tooling and capability to address strategic enterprise-wide risk.Shaping the department�s incident management policies and processes to ensure that they meet requirements, in line with appropriate standards.Working closely with the Head of Cyber Threat Operations to ensure findings as a result of proactive threat activity is managed swiftly and effectively.Leading teams efforts during the management of complex cyber incidents, working with multiple internal and external teams such as the National Cyber Security Centre (NCSC), National Crime Agency (NCA) and Government Cyber Coordination Centre (GC3) where necessary.Note: The Head of Cyber Detect & Response may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence, and training.The successful candidate will be located in the Soapworks, Manchester regional office. Under Home Office hybrid working practices there is an expectation that you will attend the office for a minimum of 60% of your working hours.�Due to the nature of the role, this post is available on a full-time basis only.Person specificationEssential skills�You�ll have a demonstrable passion for leading teams who work around the clock to detect and respond to cyber incidents in complex environments, with the following skills or proven experience in:Leading and developing critical operational teamsKnowledge of targeted cyber-attacks, particularly on how to respond and mitigate their impactsExperience in performing monitoring, conducting analysis, and guiding recovery efforts.Communicating effectively about cyber threats and incidents at senior levels, including up to ministerial level in the absence of the Head of Cyber Security Operations.Technical skillsStrategy and ArchitectureGovernance, Risk and Compliance � Level 4Strategy and Planning � Level 4Security and Privacy � Level 4Advice and Guidance � Level 4Change and TransformationChange Planning � Level 5Relationships and Engagement Stakeholder Management � Level 5SFIA capability frameworkSkills for the information age (SFIA) is the technical framework that sets the standard capability and development of all DDaT skills in the Home Office. This is a link to the capability framework:��. We use set SFIA technical skills to form our interview questions and we will assess you against these technical skills during the selection process.QualificationsEssentialCandidates must hold or be prepared to undergo NPPV3 and DV clearanceDesirableA degree in Cyber Security or appropriate level of proven, demonstrable, and current experience in a similar role/environmentAchieved appropriate level of qualifications such as CISSP, CISM or qualifications from an industry recognised provider SANS, ISC2, ISACA, CEH, etc.Behaviours We'll assess you against these behaviours during the selection process: Delivering at PaceChanging and ImprovingMaking Effective DecisionsTechnical skills We'll assess you against these technical skills during the selection process: Risk Management (BURM) - Level 4Strategic planning (ITSP) - Level 4Information security (SCTY) - Level 4Business process improvement (BPRE) - Level 5Stakeholder relationship management (RLMT) - Level 5Specialist Advice (TECH) - Level 4BenefitsAlongside your salary of �69,200, Home Office contributes �20,047 towards you being a member of the Civil Service Defined Benefit Pension scheme. This role aligns to Principle Response Manager in the Home Office DDaT profession career framework. This role is part of the , and utilises an enhanced Pay Framework to determine an individual�s total compensation, based on their level of skills capability.�Candidates are advised that the Home Office are moving between capability allowance frameworks, with effect from 1st January 2025. The Home Office are transitioning to the Pay Framework Allowance.� The Pay Framework Allowance (PFA) is a model initiated by the Central Digital and Data Office (CDDO) Cross-Government Digital and Data Strategy, to standardise the way government departments assess and pay capability and skills-based allowances.�PFA is an outcome-based allowance resulting from an annual capability and skills assessment process. PFA is aimed at specified roles in the DDaT Profession. The maximum pay award for this role, including the pay range minimum and any allowance awarded is �95,600.�Applicants that are successful at interview for this role will be invited to complete a Capability and Skills Assessment post-interview. The value of any allowance awarded will be based on an assessment of six skills and experience. If, based on a self-assessment and panel review, you are deemed as eligible for an allowance and commence employment with the Home Office prior to 1st January 2025, you would receive an allowance based on our existing structure, transitioning to the new capability-based pay framework effective as of 1st January, with no further action required from you at that time. Further information will be available post-interview.�You are advised that any allowance awarded is neither a contractual nor pensionable entitlement and is dependent on you remaining in a qualifying role. This allowance is subject to initial review within six months of taking up the post and thereafter an annual review in-line with departmental priorities and could be reduced or withdrawn at any time, in line with the Home Office allowance policy.�New entrants to the civil service will start their role on the salary band minimum: �69,200 for national roles. For existing civil servants, the usual policy on level transfer and promotion will apply and is non-negotiable.� For both new entrants and existing civil servants, the additional allowance pending skills assessment, as detailed above may also be payableYou�ll also have access to the same benefits available to all civil servants in the Home Office:�Membership of the Civil Service Defined Benefit Pension scheme with an average employer contribution of �An in-year performance bonus scheme.25 days annual leave on appointment, plus 8 days public holidays and 1 day for the King�s Birthday, rising further with service.Flexible working options to enable you to achieve the work life balance that right for you including part-time, flexi time and job sharing.Training and development opportunities tailored to your role.A culture encouraging inclusion and diversity.Season ticket loans and rental deposit loans.Cycle to work and payroll giving.Employee discounts - including a huge number of retailers, Microsoft Home Use programme and gym membership.A variety of staff recognition schemes including thank you vouchers.Health and wellbeing initiatives including monthly mindfulness sessions.Staff support networks.Maternity, adoption or shared parental leave of up to 26 weeks full pay followed by 13 weeks of statutory pay and a further 13 weeks unpaid.Maternity and adoption support leave (paternity leave) of 2 weeks full pay.Up to five days paid leave for volunteering.Study leave and support for studying for a qualification or other accredited development relevant to your role.