Head of Cyber Security - DfE - G6

At our heart, we are the department for opportunity. We work to deliver better life chances for all - breaking the link between background and success. We do this by protecting children and ensuring the delivery of higher standards of education, training and care. 

Our Cyber Security department

The Department for Education is responsible for children’s services and education, including early years, schools, higher and further education policy, apprenticeships, and wider skills in England. We work to protect the department’s essential services, like funding schools and colleges, and safeguarding children from cyber threats, ensuring the confidentiality, integrity, and availability of systems and data that underpin these essential citizen services.

We are responsible for the whole spectrum of cyber and information security services across the department, including Information Security, Security Operations, and Security Architecture and Engineering. We also lead on the department’s cyber security offering to the education sector, developing strategies and leading on the development of services to increase cyber resilience throughout education.

This is a great opportunity if you want a challenge at a national level in a role that makes a difference to so many. Joining us means you will help to safeguard children and ensure their education and care is delivered effectively.

What you’ll do

Reporting directly to the Chief Information Security Officer (CISO), you will serve as the cyber subject matter expert in the Cyber & Information Security Senior Management Team, and for the wider department. You will lead and support on the development of strategies, and guide teams and projects across the department’s full range of responsibilities, including implementing the Government Cyber Security Strategy for the department and 18 agencies and public bodies and non-ministerial departments, and our sector cyber initiatives to increase resilience throughout the education sector. Working closely with our Head of Information Security, Head of Security Operations and Live Services, and Head of Cyber Transformation, you will be instrumental in our ability to develop and deliver holistic security solutions and transformation throughout the department.

Job description

Key Responsibilities

• Developing security strategies for the department, our ALBs, and education sector, working with peers in our other security functions as well as wider departmental colleagues.
• Act as the Cyber Subject Matter Expert for the department, providing cyber security advice and guidance to the Department and other bodies it is responsible for.
• Lead, manage and mentor teams of security specialists and generalists, providing technical guidance and oversight as required to deliver our key security initiatives.
• Building relationships and stakeholder networks, to become the primary point of contact on cyber security with key partners.
• Influencing the security culture of the Department.
• Being part of the C&IS Senior Management team, helping to shape and lead the direction of the Division.

As part of the role, you will be expected to hold or apply to the National Security Vetting process in order to obtain Security Clearance (SC). 

Person specification

Essential Criteria:

• A track record in cyber security leadership, strategy development and planning in large and complex organisations, with demonstrable technical security knowledge of modern security concepts, principles and technologies for Azure, AWS, and SaaS.
• Knowledge of typical threats and attack vectors with appropriate remediation methods.
• Developed problem solving skills including addressing complex technical security and process challenges that ensure delivery at pace to an appropriate risk appetite.
• Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders, influence stakeholders and create easy to consume articles such as blogs, policies and presentations.

Desirable Criteria

• Experience of day-to-day management of multi-disciplinary teams of cyber security professionals.
• Experience of effective strategies for Zero Trust, DevSecOps and SecDevOps.
• Knowledge of Agile methodologies and previous exposure to Agile ways of working.

Desirable criteria will only be assessed at interview, in the event of a tie break situation, to make an informed decision.