Cyber, Risk

The Government Property Agency is the largest property holder in government, with more than £2.1 billion in property assets and over 55% of the government’s office estate. We are transforming the way the Civil Service works by creating great places to work, leading the largest commercial office programme in the UK, working towards halving carbon emissions from government offices, and achieving greater value for taxpayers. And we are looking for innovative, solutions-focused people to join our team. Representing the best covenant in the UK – His Majesty’s Government – we are leading significant transformational programmes such as the Government Hubs Programme, Whitehall Campus Programme and Net Zero Programme. We are also delivering cost‑effective property services such as asset management, lifecycle replacement and workplace services. Innovation and progress underpin our behaviours. We foster a culture of lifelong learning, where curiosity and self‑improvement are encouraged. Our four core values are at the heart of everything we do. They shape our culture and guide how we work, lead and grow together: Striving for excellence - We always aim to deliver great results Empowering through respect - We insist on fair treatment for all, always Acting with integrity - We consistently do the right thing Succeeding together - We rely on each other to achieve success The GPA is committed to representing the communities we serve by making Diversity, Equality and Inclusion part of everything we do. To ensure that we are always recruiting and retaining a diverse mix of talent, we are particularly inviting applications from candidates who are disabled, ethnically or gender diverse, and people who identify as being part of the LGBTQ+ community. Join our dynamic and diverse team that leads with purpose, improving sustainability, nurturing social value, driving inclusivity and flexibility, and kickstarting economic growth. We are driven by purpose, and you can be part of it too: where you make a meaningful impact; where you influence; where your voice really matters; where you help to shape our future direction. You will play a leading role in supporting the Information and Assurance Manager in delivering the operational objectives of the security team. You will act as the first line of support for security related queries and incidents, maintaining joint ownership of the Corporate Security Team mailboxes, managing workloads and responding to requests. You will support the team to effectively manage and maintain the security risk register, working with security business partners to ensure compliance with the risk framework. You will support the security audit schedule (e.g., DSHC, CAF), assisting completion of all activities by relevant stakeholders. You will enable a positive, engaging and inclusive security culture through supporting the security education and awareness programmes, building a network of security partners across Government, and the broader security industry to share best practice, adopt common approaches and foster joint working on areas of mutual interest. You will support the development of continuous improvement of our policies, processes and standards. Support the promotion of cyber security standards and best practice across the GPA, guiding and influencing project and policy decision making, as appropriate and seeking novel resolutions to challenging security issues. Supporting the Information and Assurance Manager, you will work closely with the business to provide trusted advice and support across all aspects of Security – data, information, assurance, cyber, and 3rd party suppliers, safeguarding the Department’s assets in relation to confidentiality, integrity, and availability of information, helping ensure that the GPA meets its legal responsibilities in managing security related risk. Key Responsibilities Review cyber security risk assessment processes against policy and approved frameworks (e.g., NIST), shaping the SbD approach through lessons learned activity; help embed this approach into business and project plans. Reporting: Supporting and developing regular reports on security metrics, incidents, and our compliance status for key governance forums and government authorities. Compliance and Assurance: Support all audit activities (e.g., DSHC, CAF) and updating our audit schedules as required. Incident Management: Updating the incident management logs, arranging lessons learnt with the team and updating any processes or policies as required. Supply Chain Security: Working with others across the business to support security assurance activities, providing advice and guidance where needed. Risk Management: Support the management and maintenance of the security risk register by working collaboratively with the security business partners. Security Awareness and Training: Support the delivery of a security awareness program to educate staff on security best practices and promote a security first culture throughout the organisation. #J-18808-Ljbffr