Cyber Security Assurance and Business Continuity Manager

About the GroupThe Corporate Centre Group delivers a wide range of corporate services to enable people at HM Treasury and many of the other organisations who form part of the Treasury Group (including the Government Internal Audit Agency and the Debt Management Office) to operate effectively and efficiently. We are a diverse group, both in terms of our professions and in our ways of working. Our colleagues are based across 3 sites in London, Darlington and Norwich. The Corporate Centre Group consists of a range of teams and is led by two directors (one of Finance and one of Operations). Correspondence and Information RightsFinance & CommercialPeople & CapabilityDiversity, Inclusion & BelongingTreasury Business SolutionsMultisite Darlington Economic Campus teamExchequer Funds & Accounts team About the TeamThe Treasury Business Solutions (TBS) team are trusted business partners responsible for Technology, Security and Knowledge & Information Management. We have staff based in each of our London, Norwich and Darlington offices. The TBS Security team are responsible for developing and delivering HM Treasurys security operations program across all domains: cyber and information assurance; continuity and resilience; personnel; and physical securityAbout the JobThis is an exciting and meaningful opportunity to join the Government Security Profession, working at the heart of Government in a time of momentous change and offering a level of exposure and challenge that is hard to find anywhere else. If you are interested in the challenge, we would be delighted to hear from you!You will be responsible for ensuring the protection of HM Treasurys (HMT) network systems and customer data from cyber threats. You will maintain a strong cyber security posture across the IT estate by identifying weaknesses and vulnerabilities and guiding actions to mitigate risks. You will spearhead the protection of HMT against an extensive range of cyber and technical threats, incorporating principles of GovAssure and Secure by Design into our strategies. You will also orchestrate the combined efforts of our internal team and external partners in conducting vigilant protective monitoring and robust incident response operations, always staying one step ahead to prevent potential vulnerabilities from becoming incidents.Within your diverse project portfolio, a key focus will be on the continuous evaluation and enhancement of our cybersecurity services, ensuring they align with GovAssure standards and embody the proactive, protective ethos of Secure by Design. Strengthening ties with government partners will be crucial to bolstering our defence mechanisms, driving the professional growth of your team, and ensuring your own development within the cybersecurity domain.You will lead the charge in not only identifying and mitigating emerging cyber threats but also in ensuring that our systems and processes are designed and implemented with inherent security measures, minimising risk from the outset. Your expertise will play a pivotal role in shaping a resilient cybersecurity posture for HMT.Key Responsibilities: Support the Head of Cyber Security and Technology Risk in protecting HMTs network systems and customer data against cyber threats.Play a crucial role in maintaining a strong cyber security posture by identifying weaknesses and vulnerabilities and guiding actions to mitigate risks and ensure uninterrupted IT services.Direct management of a team of cyber security testing and assurance resources.Management and oversight of 3rd party suppliers commissioned for meeting specialist testing and assurance requirements.Articulate cyber security risks and implications to important partners with sufficient information and recommendations for action to enable senior leaders to make decisions.Oversee the development and maintenance of comprehensive Incident Response, Business Continuity, and Disaster Recovery Plans Conduct thorough Root Cause Analysis following exercises and incidents to drive improvements to HMT business continuity and disaster recovery capability.Principal Accountabilities: Define and deliver the cyber security technical assurance strategy, setting clear policies and technical standards, and measuring success against defined metrics.Manage the cyber security technical assurance team, ensuring the quality and timeliness of services and deliverables, and driving improvements and optimization of cyber security assurance capabilities.Ensure compliance with HMT policies and technical standards, driving necessary remediation actions and countermeasures.Establish and improve a regular penetration testing program and vulnerability management process.Ensure IT Disaster Recovery and Business Continuity plans are established and tested. Ensuring key HMT colleagues can respond effectively to major cyber incidents. Considering their role requirements to provide training, advice, and resources.Collaborate with IT, application, and team members to devise assurance objectives and ensure appropriate mitigation actions are considered and delivered.Deputise for the Head of Cyber Security and Technology Risk for pre-agreed tasks and activities.We will support you with on-the-job and a formal training structure in a range of certifications, qualifications, and skills. The team is always looking for opportunities to upskill staff and as such applicants with a keen interest and/or experience will be able to grow and develop in post.We will support you with on-the-job and a formal training structure in a range of certifications, qualifications, and skills. The team is always looking for opportunities to upskill staff and as such applicants with a keen interest and/or experience will be able to grow and develop in post.Candidate Drop-In Session    The hiring manager will be running a candidate drop-in session for this role to give you greater insight about the role as well as the chance to learn more about HM Treasury and ask any questions you may have. If you would like to join us, then use the appropriate link below to join the call at the right time.  Wednesday 13 November 2024 - 13:00 to 13:50   If you would like to speak to the hiring manager informally prior to the closing date for applications to find out more about the job, please contact [email protected]