Ministry of Justice

The Role

The Ministry of Justice is a large and complex organisation which spends over £8bn a year delivering crucial public services to a wide range of users, often with complex needs, protecting and advancing the principles of justice.

You will be responsible for leading the development of appropriate security culture and ensuring security considerations are built into our business as usual processes, from our complex technology networks, numerous physical locations in our varied estate, over 88,000 personnel and a wealth of data that requires protecting.

Ensuring the delivery of our services is done in a way that is secure and upholds people’s rights, is fundamental for maintaining trust and confidence in our services. Equally, providing an environment and creating a culture where our people feel safe to operate and deliver their best is paramount.

These challenges demand a high calibre security function, with the right people in the right roles providing insight and support to the business, supported by secure, effective systems, processes and technologies that protect the operation of the Department.

As Director of the function, you will be responsible for leading on all elements of security (cyber, physical, personnel, information); data protection, information services and counter fraud, supporting MoJ HQ and four executive agencies (HM Prison & Probation Service, Legal Aid Agency, Office of the Public Guardian and the Criminal Injury Compensation Authority).

Your challenge will be to develop and lead a unified function following a centre of excellence model that will allow us to do things once and well, making effective use of technology where possible; along with the creation of the right security standards, controls, outcomes and culture for the successful delivery of departmental business, ensuring the services you deliver are first class.

Key Responsibilities

• Lead the development of, and coordinate execution of, MoJ's security transformation strategy, ensuring that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected.
• Ensure MoJ and its Executive Agencies uphold high standards of security, privacy and information, including appropriate risk management and robust controls, to support Accounting Officers and the Senior Information Risk Owners (SIROs) in fulfilling their responsibilities.
• Leading a team of c300 security and information experts, motivating the team to deliver and creating a culture where people can thrive.
• Ensure that the department's security, information and fraud risks are identified, managed and mitigated.
• Drive the implementation and monitoring of compliance to relevant regulatory and government requirements. Oversee the identification, evaluation and reporting of legal and regulatory, IT, and cyber security risk to information assets and fraud risks, while supporting and advancing business objectives.
• Lead MoJ's departmental security governance, providing regular reporting on the delivery of the security and data protection strategy senior leaders including the Executive Committee, Audit and Risk Assurance Committee, Departmental Board and Non-Executive Directors.
• Build strong external networks and liaise with external agencies, such as law enforcement and other advisory bodies, including National Technical Authorities, the Public Sector Fraud Authority as necessary, to ensure that the organisation maintains a strong security posture and is kept abreast of relevant threats.
• Represent MoJ on relevant cross government Boards and engage with the Government Security Group, DSIT and the public sector fraud authority to influence and support the cyber, physical and personnel security and counter fraud agenda across government.
• Lead the delivery of advice, guidance and proactive communications to build and reinforce a strong security, privacy and information culture.
• Provide operational oversight to managing high-volume and often complex Subject Access Requests.

It is important through your CV and Statement of Suitability that you give evidence and examples of proven experience of each of the below essential criteria:

Essential criteria:

• Excellent technical credibility in security and compliance, and a proven ability to use sound judgement on decisions relating to security matters.
• Demonstrable ability to build trusted partnerships with senior stakeholders, communicate with impact across different types of audiences, and experience utilising sophisticated influencing skills to effect change.
• Proven experience leading a diverse team of senior security experts in a complex operating environment.
• Deep experience leading transformation efforts, and a track record of achieving substantial improvements to operations and processes.

Desirable Criteria:

Experience of working within the justice system.