Head of Business Continuity & Cyber Resilience
- Civil Service
- Full Time
- Cardiff
- 63,443 - 86,547
Job Description
Job summary
Across government, digital and technology transformation is no longer simply an enabling function; it is central to how public bodies deliver better services, protect resilience, support policy outcomes and respond to the growing expectations of citizens, businesses and colleagues. Ofgem has a vital role in the UKs energy system, protecting consumers and helping to enable a more secure, fair and sustainable energy future. As the organisation continues to evolve, our newly designed Digital, Data and Security Services (DDSS) team will be critical to how Ofgem modernises its services, strengthens its platforms and supports wider government priorities.
Ofgem is on an exciting transformational journey. Within DDSS, we are strengthening the foundations of our both our entire function and all elements of our DDSS estate, building greater internal capability and creating the platforms, services and governance needed to support a modern regulator. In short, this is an opportunity to join Ofgem at a pivotal moment and help shape the next stage of its digital, data, security, and technology maturity.
This is a senior leadership position responsible for leading Ofgems Business Continuity and Cyber Resilience function, ensuring the organisation is fully prepared to prevent, withstand and recover from cyber incidents, operational disruption and wider crises.
You will act as the organisations SME for cyber crisis management and major incidents, leading response coordination, delivering resilience exercises, and ensuring lessons learned are embedded into continuous improvement.
Job description
You will be responsible for:
- Champion business continuity across government security and wider government.
- Drive continuous improvement by sharing knowledge, best practices, and lessons learned.
- Lead a team of business continuity and cyber resilience specialists to deliver the requirements of CAF, DSHC, ISO22301 and 27031 standards
- Lead business continuity and major/minor cyber exercise programmes by engaging stakeholders.
- Promote and ensure delivery of training and awareness campaigns to ensure the successful embedding of continuity practices.
- Lead on the delivery of incident management policies, investigation procedures, and processes.
- Lead the analysis of the source, nature and impact of breaches to support threat intelligence
- Monitor security processes, ensuring they are effective and meet current business needs
- Contributing to incident management policies, and investigation procedures and processes
This is an opportunity to play a significant role in Ofgems journey, as part of a newly formed and high-performing team that is shaping a critical government organisation at a time when its work has never been more important.
Person specification
Essential Criteria
- Experience delivering business continuity, resilience, or cyber incident management. (Lead Criteria)
- Experience in influencing senior stakeholders and leading organisational planning. (Lead Criteria)
- Experience in Cyber Security and Risk Management (resilience focus)
- Experience exercising at bronze, silver and gold commands
- CISM and AMBCI/MBCI/DBCI.
Desirable Criteria
- Experience working in regulated or government environments.
- Experience delivering organisational training and awareness programmes.