Head of Cyber Security Operations

UK Health Security Agency

Information:

This job is now closed

Job summary

UKHSA's Cyber Security Operations team is responsible for the operational cyber security of UKHSA. We are looking for an enthusiastic Head of Cyber Security Operations, with great leadership and technical skills and a drive to improve the security of our services.

In this role you will lead across areas such as security engineering, capability development, protective monitoring and incident response, as well as contributing to information security policy and strategic direction. Reporting to the Deputy Director of Cyber Security you will coordinate and supervise technical security teams, including the UKHSA Security Operations Centre, to ensure effective delivery of security operations and strategy, providing technical input and guidance to the Senior Information Risk Officer (SIRO), Risk Owners, UKHSA staff and partners.

You will take the lead in complex incident management, including liaison with the National Response Centre if required, response activities, working with technical staff and suppliers to detect, contain and remediate security events and risks.

You will work closely with contacts across Government and manage networks of internal and external stakeholders. You will have a technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.

You will also have an awareness of the challenges presented in delivering effective, high performing security services in a complex and evolving environment.

Main duties of the job

Reporting to the Deputy Director of Cyber Security you will coordinate and supervise technical security teams, including the UKHSA Security Operations Centre, to ensure effective delivery of security operations and strategy, providing technical input and guidance to the SIRO, Risk Owners, UKHSA staff and partners.

About us

We pride ourselves as being an employer of choice, where Everyone Matters promoting equality of opportunity to actively encourage applications from everyone, including groups currently underrepresented in our workforce.

UKHSA ethos is to be an inclusive organisation for all our staff and stakeholders. To create, nurture and sustain an inclusive culture, where differences drive innovative solutions to meet the needs of our workforce and wider communities. We do this through celebrating and protecting differences by removing barriers and promoting equity and equality of opportunity for all.

Please visit our careers site for more information https://gov.uk/ukhsa/careers

Date posted

10 January 2025

Pay scheme

Other

Salary

£68,568 to £82,746 a year per annum, pro rata

Contract

Permanent

Working pattern

Full-time, Part-time, Job share, Flexible working

Reference number

919-JP-303670-EXT

Job locations

Birmingham, Leeds, Liverpool, London

Birmingham, Leeds, Liverpool, London

E14 4PU


Job description

Job responsibilities

The post holder will:

  • Have a technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.
  • Have an awareness of the challenges presented in delivering effective, high performing security services in a complex and evolving environment.
  • Manage the internal security operations team and the external Cyber Security partner that provides augmented resourcing.
  • Be responsible for maintaining and supporting the ongoing operational cyber security of our organisations internal and external facing systems. with responsibility for developing our capability in Security Operations, shaping the right talent and identifying skills gaps within both the team and the suppliers capabilities.
  • Develop and integrate Cyber Threat Intelligence and analysis capabilities to improve organisational understanding and awareness of technical security risks, ensuring the Security Operations capability maintains a proactive stance as needed.
  • Build and maintain strong operational relationships with government agencies, suppliers and partners to drive efficient communication and collaboration on security issues.
  • Work with Technology and our Security Architecture team, evaluating and establishing requirements for the implementation of changes by defining Operational Security standards (including the Protective Monitoring Policy).
  • Lead the identification, investigation and resolution of security incidents.
  • Taking accountability of issues that occur and proactively searching for potential solutions ensuring the right actions are taken to investigate, resolve and anticipate future problems.
  • Coordinate your teams to investigate problems, implement solutions and take preventive measures and form part of an on-call rota for service continuity.

Essential Criteria

We are looking for someone with the following:

  • Undergraduate degree in a STEM subject, or equivalent experience.
  • Certified Information System Security Professional (CISSP) or equivalent.
  • Professional registration and/or chartered status.
  • A technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.
  • Relevant technical cyber security knowledge.

Selection Process Details

This vacancy is using SuccessProfiles and will assess your behaviours, experience and technical skills.

Stage 1: Application & Sift

You willbe required to complete an application form. You will be assessed on the above listed 5essential criteria taken from the job description document (for a full list of essential criteria please see the JD document) and this will be in the form of a:

  • Application form (Employer/ Activity history section on the application)
  • 1000word Statement of Suitability.

This should outline how your skills,experience, and knowledge, provide evidence of your suitability for the role, with reference to the essential criteria.

Please note you will not be able to upload your CV. You must complete the application form in as much detail as possible. Please do not email us your CV.

The Application form and Statement of Suitability will be marked together.

Longlisting: In the event of a large number of applications we will longlist into 3 piles of:

  • Meets all essential criteria (to be taken through to shortlisting)
  • Meets some essential criteria
  • Meets no essential criteria

Shortlisting: In the event of a large number of applications we will shortlist on:

  • A technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.
  • Relevant technical cyber security knowledge.

If you are successful at this stage, you will progress to interview and assessment.

Please do not exceed 1000 words. We will not consider any words over and above this number.

Feedback will not be provided at this stage.

Stage 2: Interview (Success Profiles)

You will be invited to a remote interview.

Behaviours, technical and experience will be tested at interview.

There will be a presentation as part of the interview process.

The Behaviours tested during the interview stage will be:

  • Leadership
  • Communicating and Influencing
  • Delivering at Pace
  • Making effective decisions

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Location

This role is being offered as hybrid working based at any of our core HQs in Birmingham, Leeds, Liverpool, and London. We offer great flexible working opportunities at UKHSA and operate using a hybrid working model where business needs allow. This provides us with greater flexibility about how and where we work, to get the best from our workforce.

As a hybrid worker, you will be expected to spend a minimum of 60% of your contractual working hours (approximately 3 days a week pro rata, (averaged over a month) working at one of UKHSA's core HQs .

Our core HQ offices are modern and newly refurbished with excellent city centre transport link and benefit from benefit from co-location with other government departments such as the Department for Health and Social Care (DHSC).

For suitable candidates, a Market Pay Supplement (MPS) of up to £20,000 may be available in addition to base pay. We usually assess MPS potential awards as part of the formal application. Please note that there is an expectation that the successful candidate will be required on occasion to work away from their chosen core HQ.

Eligibility Criteria

Open to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants).

Security Clearance Level Requirement

Successful candidates must pass a disclosure and barring security check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed isDeveloped Vetting.

For meaningful National Security Vetting checks to be carried out individuals need to have lived in the UK for a sufficient period of time. You should normally have been resident in the United Kingdom for the last 10 years as the role requires Developed Vetting (DV) clearance. UK residency less than the outlined periods may not necessarily bar you from gaining national security vetting and applicants should contact the Vacancy Holder / Recruiting Manager listed in the advert for further advice.

Job description

Job responsibilities

The post holder will:

  • Have a technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.
  • Have an awareness of the challenges presented in delivering effective, high performing security services in a complex and evolving environment.
  • Manage the internal security operations team and the external Cyber Security partner that provides augmented resourcing.
  • Be responsible for maintaining and supporting the ongoing operational cyber security of our organisations internal and external facing systems. with responsibility for developing our capability in Security Operations, shaping the right talent and identifying skills gaps within both the team and the suppliers capabilities.
  • Develop and integrate Cyber Threat Intelligence and analysis capabilities to improve organisational understanding and awareness of technical security risks, ensuring the Security Operations capability maintains a proactive stance as needed.
  • Build and maintain strong operational relationships with government agencies, suppliers and partners to drive efficient communication and collaboration on security issues.
  • Work with Technology and our Security Architecture team, evaluating and establishing requirements for the implementation of changes by defining Operational Security standards (including the Protective Monitoring Policy).
  • Lead the identification, investigation and resolution of security incidents.
  • Taking accountability of issues that occur and proactively searching for potential solutions ensuring the right actions are taken to investigate, resolve and anticipate future problems.
  • Coordinate your teams to investigate problems, implement solutions and take preventive measures and form part of an on-call rota for service continuity.

Essential Criteria

We are looking for someone with the following:

  • Undergraduate degree in a STEM subject, or equivalent experience.
  • Certified Information System Security Professional (CISSP) or equivalent.
  • Professional registration and/or chartered status.
  • A technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.
  • Relevant technical cyber security knowledge.

Selection Process Details

This vacancy is using SuccessProfiles and will assess your behaviours, experience and technical skills.

Stage 1: Application & Sift

You willbe required to complete an application form. You will be assessed on the above listed 5essential criteria taken from the job description document (for a full list of essential criteria please see the JD document) and this will be in the form of a:

  • Application form (Employer/ Activity history section on the application)
  • 1000word Statement of Suitability.

This should outline how your skills,experience, and knowledge, provide evidence of your suitability for the role, with reference to the essential criteria.

Please note you will not be able to upload your CV. You must complete the application form in as much detail as possible. Please do not email us your CV.

The Application form and Statement of Suitability will be marked together.

Longlisting: In the event of a large number of applications we will longlist into 3 piles of:

  • Meets all essential criteria (to be taken through to shortlisting)
  • Meets some essential criteria
  • Meets no essential criteria

Shortlisting: In the event of a large number of applications we will shortlist on:

  • A technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices.
  • Relevant technical cyber security knowledge.

If you are successful at this stage, you will progress to interview and assessment.

Please do not exceed 1000 words. We will not consider any words over and above this number.

Feedback will not be provided at this stage.

Stage 2: Interview (Success Profiles)

You will be invited to a remote interview.

Behaviours, technical and experience will be tested at interview.

There will be a presentation as part of the interview process.

The Behaviours tested during the interview stage will be:

  • Leadership
  • Communicating and Influencing
  • Delivering at Pace
  • Making effective decisions

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Location

This role is being offered as hybrid working based at any of our core HQs in Birmingham, Leeds, Liverpool, and London. We offer great flexible working opportunities at UKHSA and operate using a hybrid working model where business needs allow. This provides us with greater flexibility about how and where we work, to get the best from our workforce.

As a hybrid worker, you will be expected to spend a minimum of 60% of your contractual working hours (approximately 3 days a week pro rata, (averaged over a month) working at one of UKHSA's core HQs .

Our core HQ offices are modern and newly refurbished with excellent city centre transport link and benefit from benefit from co-location with other government departments such as the Department for Health and Social Care (DHSC).

For suitable candidates, a Market Pay Supplement (MPS) of up to £20,000 may be available in addition to base pay. We usually assess MPS potential awards as part of the formal application. Please note that there is an expectation that the successful candidate will be required on occasion to work away from their chosen core HQ.

Eligibility Criteria

Open to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants).

Security Clearance Level Requirement

Successful candidates must pass a disclosure and barring security check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed isDeveloped Vetting.

For meaningful National Security Vetting checks to be carried out individuals need to have lived in the UK for a sufficient period of time. You should normally have been resident in the United Kingdom for the last 10 years as the role requires Developed Vetting (DV) clearance. UK residency less than the outlined periods may not necessarily bar you from gaining national security vetting and applicants should contact the Vacancy Holder / Recruiting Manager listed in the advert for further advice.

Person Specification

Application form and Statement of suitability

Essential

  • Application form and Statement of suitability

Behaviours

Essential

  • Leadership
  • Communicating and Influencing
  • Delivering at Pace
  • Making effective decisions
Person Specification

Application form and Statement of suitability

Essential

  • Application form and Statement of suitability

Behaviours

Essential

  • Leadership
  • Communicating and Influencing
  • Delivering at Pace
  • Making effective decisions

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

UK Health Security Agency

Address

Birmingham, Leeds, Liverpool, London

Birmingham, Leeds, Liverpool, London

E14 4PU


Employer's website

https://www.gov.uk/government/organisations/uk-health-security-agency (Opens in a new tab)

Employer details

Employer name

UK Health Security Agency

Address

Birmingham, Leeds, Liverpool, London

Birmingham, Leeds, Liverpool, London

E14 4PU


Employer's website

https://www.gov.uk/government/organisations/uk-health-security-agency (Opens in a new tab)

For questions about the job, contact:

Resourcing Support

Jon Payne

recruitment@ukhsa.gov.uk

Date posted

10 January 2025

Pay scheme

Other

Salary

£68,568 to £82,746 a year per annum, pro rata

Contract

Permanent

Working pattern

Full-time, Part-time, Job share, Flexible working

Reference number

919-JP-303670-EXT

Job locations

Birmingham, Leeds, Liverpool, London

Birmingham, Leeds, Liverpool, London

E14 4PU


Supporting documents

Privacy notice

UK Health Security Agency's privacy notice (opens in a new tab)