Logo of Huzzle

Home

Matches

Explore

Manage

Ministry of Defence Head Office - Cyber Security Advisor

image

UK Ministry of Defence

12d ago

  • Job
    Full-time
    Mid & Senior Level
  • Consulting
    IT & Cybersecurity
  • London

AI generated summary

  • You need a Level 3 Cyber Security qualification or equivalent, knowledge of NIST CSF 2.0 and ISO 27001, experience in risk management and incident response, and familiarity with security tools.
  • You will support IT systems' compliance, manage cyber risks, act as a consultant for new projects, respond to incidents, deliver training, and coordinate with teams and stakeholders.

Requirements

  • One (or more) officially recognised Level 3 qualification in Cyber Security OR hold one or more of the following; Certified Information Systems Security Professional (CISSP), Certified Information Security Management Principles (CISMP), ISO 27001 Practitioner or Certified Cyber Professional (CCP).
  • Practical understanding of NIST CSF 2.0, NCSC CAF, ISO 27001 with an understanding of the associated strengths and limitations.
  • An understanding of basic system architecture and configuration and the techniques which can be employed to compromise them.
  • Proven experience in cyber security risk management, including the ability to articulate complex technical risks/vulnerabilities to a diverse range of seniors and stakeholders.
  • Experience of using a range of analytical tooling such as STREAM with respect to cyber vulnerabilities/risks and incident management.
  • Experience of Cyber Incident Response management.
  • Officially recognised UK Level 3 Cyber Security Qualification or equivalent professional membership (CISM, CISSP, ISO 27001).
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Management Principles (CISMP), ISO 27001 Practitioner or Certified Cyber Professional (CCP).
  • Information risk management & risk assessment - practitioner level.
  • Protective Security - working level.
  • Threat understanding - working level.

Responsibilities

  • Supporting Head Office IT systems and System Owners to ensure the safe and effective operation of their systems. Further support Head Office System Owners in preparation for and during annual Cyber Compliance Framework (CCF) audits, based upon NIST & NCSC audit frameworks.
  • Support Head Office Governance structures to effectively manage all cyber security risks and maintain up to date cyber risk registers.
  • Acting as a cyber security consultant and Security Assurance Coordinator (SAC) with respect to any new IT projects, ensuring that Secure by Design (SbD) principles are embedded in system design and configuration from the outset, including in any legal/contract documentation where applicable.
  • Provide assurance support to Head Office System Owners, Defence Digital & Cyber Defence & Risk by supporting risk assessments and cyber vulnerability assessments.
  • Liaise with MOD Cyber Security incident response teams to respond to and effectively manage cyber incidents impacting on Head Office systems.
  • Arrange meetings with Head Office System Owners and maintain notes minutes/notes of such.
  • Deliver occasional physical and online training sessions to Head Office System Owners on key cyber security topics.
  • Maintain joint ownership of the cyber security teams mailboxes and SharePoint sites.
  • Responding to any tasks from the Cyber Security lead or PSYA as a consequence of priorities from the Cyber Resilience & Oversight Board (CROB).

FAQs

What is the primary responsibility of the Cyber Security Advisor at the Ministry of Defence?

The primary responsibility is to deliver the Head Office's response to the MOD's Cyber Security Strategy & Resilience programme, ensuring the effectiveness of proposed mitigations against an evolving cyber threat.

What qualifications are required for this position?

Candidates must hold one or more officially recognized Level 3 qualifications in Cyber Security, or certifications such as CISSP, CISMP, ISO 27001 Practitioner, or Certified Cyber Professional (CCP).

Is this position open to non-UK nationals?

No, this is a reserved post and is open to UK nationals only.

What security clearance is required for this role?

The role requires the applicant to hold or attain Developed Vetting.

How many hours per week is this position?

This position is advertised at 37 hours per week.

What is the expected working pattern for this role?

The role supports hybrid working, with an expectation to attend the office a minimum of 3 days a week, which may increase to 5 days during incidents or crises.

What kind of training does the Ministry of Defence provide?

The Ministry of Defence offers learning and development tailored to your role, including occasional physical and online training sessions on key cybersecurity topics.

Are travel expenses reimbursed for interview candidates?

No, expenses incurred for travel to interviews will not be reimbursed.

What are the benefits associated with this job?

Benefits include a Civil Service pension with employer contributions, learning and development opportunities, flexible working options, and on-site facilities like a gym and creche.

Is there an opportunity for career advancement in this role?

Yes, the role offers avenues for career advancement within the Ministry of Defence and the Civil Service.

image

UK Ministry of Defence

Official corporate LinkedIn channel for the UK Ministry of Defence.

Defence & Aerospace
Industry
1001-5000
Employees

Mission & Purpose

We protect the security, independence and interests of the United Kingdom at home and abroad. We work with our allies and partners whenever possible. Our aim is to ensure that the UK’s Armed Forces have the training, equipment and support necessary for their work, and that we keep within budget. Our priorities 2015 to 2020 are to: protect our people project our global influence promote our prosperity maintain a strategic base and integrated global support network, and manage the Department of State