HM Courts and Tribunals Service

Directorate: Digital Technology Services (DTS)

Pay Band: Grade 6

Job Title: Head of Secure Design

Location: London / National

Successful applicants will be expected to be office based 3 days per week in any HMCTS Office (subject to business availability).

Term: Permanent

Interview: Video conference via Teams

Level of Clearance: To apply for this role, you will be required to successfully complete Security Clearance (SC) level as a condition of appointment.

Important salary details:

New recruits to the Civil Service joining MoJ are expected to join at the band minimum.

Existing Civil Servants applying on promotion, will usually be appointed on the salary minimum of the new pay band, or receive an increase of 10 percent on the current base salary, whichever is higher (This is restricted to the pay maximum of the new band).

Government Digital and Data (GDD) Profession Capability Framework and Success Profiles Frameworks. Using GDD we will then determine if you will be paid an additional allowance, on top of your basic salary.  This role is within the Technical job family and is a Security Architect Job roles at Principal Security Architect level and carries the title but carries the title Head of Secure Design DTS. 

Introduction:

These are exciting times at HM Court and Tribunals Service (HMCTS). As an agency of the MoJ, we support the judiciary across England and Wales to deliver justice by running courts and tribunals and processing outcomes, and we are looking for talented people to help us achieve our ambitions. It will be challenging, important and rewarding.

HMCTS Digital and Technology Services (DTS) is a specialist technology directorate which provides support to HMCTS in the use of IT and Digital.

DTS is committed to being a great place to work and part of our offer is brilliant training opportunities and support from expert colleagues. As well as that you’ll find flexible working, an inclusive culture and a place where your opinion is valued.

Please follow the link below for further information about HMCTS. www.gov.uk/government/organisations/hm-courts-and-tribunals-service

Job Description:

As Head of Secure Design, you will lead the strategic integration of security into all digital and technology initiatives across HMCTS. You will champion “Secure by Design" principles, ensuring cyber security is embedded from the outset of every project and throughout the technology lifecycle. This role is pivotal in aligning cyber security practices with HMCTS’s risk management framework and strategic objectives.

You will oversee the secure design function, guiding technical teams, influencing architectural decisions, and ensuring proportionate security controls are implemented to enable business outcomes. You will also lead the development of HMCTS’s cyber secure design capability, managing a blended team of civil servants and managed service providers.

You will be responsible for ensuring that all digital projects are designed with security as a primary consideration, from the outset. You will oversee the implementation of "Secure by Design" principles, ensuring that security is integrated throughout the entire technology lifecycle. You will ensure that HMCTS cyber security activities align with the department’s goals and risk management framework.

Key Responsibilities:

• Leading delivery of the HMCTS’s Cyber security strategy and be responsible for providing specialist security support to those areas of the department which do not have dedicated information security / cyber security teams.

• Lead and develop the HMCTS Cyber Security team and capability, delivered through a blend of civil servants and a managed service provider.

• Advise and enable technical teams to make security decisions, providing advice and guidance to ensure common tools and patterns are used effectively to deliver secure systems and implement proportionate controls to enable business outcomes.

• Your work will include leading projects with high strategic impact, setting a strategy that can be used in the long term and across the whole organisation.

• Develop vision, principles and strategy for Security Architects across multiple projects or technologies.

• Recommend security design across several projects or technologies, up to an organisational or inter-organisational level, solving unprecedented issues and problems.

• Influence key organisational and architectural decisions and interact with senior stakeholders across organisations to reach and influence a wide range of people across larger teams and communities. You will be helping the team explain complex security design considerations to others.

• Conduct controls gap analysis to identify areas of weakness and recommend actionable improvements.

• Work closely with cross-functional teams, including product, design, and development, to embed risk awareness and management into daily practices.

• Actively participate in delivery planning and management meetings, advising on risk considerations in planning, prioritisation, and retrospectives.

• Researching and applying innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions.

• Understand the impact of decisions, balancing requirements and deciding between approaches and sharing best practice within and outside the organisation.

Essential Criteria:

• Strong understanding and working knowledge of Cyber Security Policies and Frameworks.

• An ability to inspire and coordinate a diverse team of security specialists, helping them to be their best both as individuals and as part of a wider team.

• Ability to prioritise team activities effectively across a range of complex and urgent tasks.

• Work with team members to identify risks and communicate them effectively to decision makers. Help inform prioritisation of wider departmental work to ensure security improvements are given due consideration.

• Specific technology and security understanding - with a good knowledge of system architectures.

• Able to understand and articulate the impact of vulnerabilities on existing and future designs and complex systems and can articulate an appropriate response, often conveying these complex matters to a wide-ranging audience.

• Be able to articulate and be an effective communicator across a range of formats, able to convey complex topics with ease to a variety of audiences and persuade others of the importance of security matters.

• Hold either a full Membership of Charted Institute of Information Security or Principal membership of the UK Syber Security Council.

Desirable Criteria:

• Secure by Design - Knowledge of Secure by Design principles and their practical application

• Analysis - Able to apply the approach to real problems and consider all relevant information. Applies appropriate rigour to ensure a full solution is designed and achieves the business outcome.

• Understanding security implications of transformation - Can interpret and apply understanding of policy and process, business architecture, and legal and political implications to assist the development of technical solutions or controls.

• You will also benefit from knowledge of the different approaches to delivery across digital and technology teams, and how security practices can integrate / clash with these working practices.

Application process:

This role will be recruited using a combination of Government Digital and Data (GDD) Profession Capability Framework and Success Profiles Frameworks during the sift and interview process.

• Experience - As demonstrated in your application form.

• Technical - As demonstrated at interview. During the interview, you will be assessed against the Government Digital and Data (GDD) Capability Framework.

• Strengths - The interview will involve a discussion around 2 strengths.

• Presentation - You will be required to prepare a short presentation based on your Experience. Details will be provided when invited to/or on the day of the interview.

• Behaviours - You will be required to provide evidence of the following key behaviours at Grade 6 level at interview. Your answers should also align with the GDD framework:

• Seeing the bigger picture

• Leadership

• Making Effective Decisions

• Communicating and Influencing

• Changing and Improving

• Level of Clearance - To apply for this role, you will be required to successfully complete Security Clearance (SC) level as a condition of appointment. To meet these requirements, you will normally need to have been resident in the UK for at least:

• SC - 5 years

Reserve List:

HMCTS run a Reserve List, where candidates who are unsuccessful at interview by only a few points, can be offered other roles, at the same band, for up to 12 months. You will be able to view your status via the application screen. If you have been added to the Reserve List, your status will show either Merit or Reserve list.