Head of Technology Risk

The risks facing government and the public sector mirror the scale and complexity of government. There are risks that exist in aggregate across government and the public sector, risks that need management to stop them impacting multiple areas or becoming a national security issue. Risk management across such a vast landscape of public organisations and supply chains, creates a significant and critical challenge to define who should be responsible for, and involved in, the management of cyber security and digital resilience risks.

The Head of Technology Risk is a pivotal leadership role at the heart of government's digital and data function. You will lead the design, implementation and continuous improvement of the cross-government Technology Risk Framework helping departments and public bodies better identify, manage and report technology risks in line with government-wide standards and expectations.

You'll shape the government's position on systemic technology risk through the ability to articulate and escalate risk in areas like legacy IT, digital resilience, third-party risk and emerging technologies, and ensure senior leaders have the insight and capability they need to take informed action. You'll work across central teams, departments and the risk profession to uplift maturity, develop reporting and create consistent approaches to setting appetite, managing controls and driving remediation.

This is a high-profile role offering the opportunity to work with senior officials, HMT's Risk CoE and various boards to ensure the government's digital services remain resilient, secure and sustainable.

This is a rare opportunity to lead the UK government's approach to technology risk at scale. You'll shape policy, frameworks and capability that impact every department, every citizen-facing service and the resilience of our critical national infrastructure.

If you care about building dependable digital services, and want to make a difference on a national level, this is the job for you.

As Head of Technology Risk, you'll:

• Establish and lead the technology risk function, building a team to deliver the responsibilities below.
• Lead the development and rollout of the cross-government Technology Risk Framework, ensuring it aligns with government risk policy, standards and guidance.
• Work closely with the Head of Assurance to ensure the TRF is integrated with existing governance and assurance mechanisms, such as GovAssure, the scheme for assessing the cyber resilience of government's critical systems.
• Work closely with the Heads of Policy and Services to embed a smooth process for feeding technology risks into targeted policy and service interventions.
• Consult and advise on the management of cross-government technology risks, including cyber security and digital resilience, so that decisions can be made by government technology risk owners through appropriate governance.
• Create clear, consistent approaches to identifying, categorising and measuring technology risk including legacy IT, digital resilience, supply chain, and emerging technologies.
• Work with departments to improve their capability to assess, manage and report technology risks, including articulating, setting and monitoring risk appetites.
• Provide expert advice to senior leaders and boards on critical, systemic and aggregate technology risks.
• Coordinate with assurance, policy and operational leads to ensure technology risk is considered in decision-making and portfolio planning, using insights from data, assessments and engagement to drive accountability and investment.
• Represent GDS in cross-government forums, working closely with HMT, Cabinet Office, NCSC, GSG and other stakeholders to align technology risk management with wider risk, cyber and resilience strategies.
• Provide input on cross government risk processes such as the National Security Risk Assessment.
• Develop and support capability building across the risk profession, including training, guidance and peer learning., We'll assess you against these behaviours during the selection process:
• Changing and Improving
• Making Effective Decisions
• Communicating and Influencing, At interview we will assess you against the following Civil Service Behaviours:
• Changing and Improving
• Making Effective Decisions
• Communicating and Influencing

We'll also be assessing your experience and specialist technical skills against the following skills defined in the Government Risk management framework

• Framework management
• Risk management: Stakeholder Management and Understanding the Operating environment

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Recruitment Timeline (subject to change)

Sift and interview dates to be confirmed.

Interview location: Your interview will either be conducted face to face or by video. You will be notified of the location if you are selected for interview.

Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

Sponsorship

DSIT cannot offer Visa sponsorship to candidates through this campaign. DSIT holds a Visa sponsorship licence but this can only be used for certain roles and this campaign does not qualify.

Further Information

A reserve list may be held for a period of 12 months from which further appointments can be made.

Any move to Cabinet Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare; for further information visit the Childcare Choices website.

Reasonable Adjustment

If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes., A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5-year period following a dismissal for carrying out internal fraud against government.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

For further information on National Security Vetting please visit the Demystifying Vetting website.

Please be aware the levels of national security clearance are changing which may impact on the level needed for this role by the time of appointment. All efforts will be made to keep candidates informed of any changes and what that will mean in terms of vetting criteria. For more information please See our vetting charter

Feedback Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting .

See our vetting charter . People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Do you have experience in Presentation skills?, * Have strong experience in managing technology or operational risk in a complex environment, and some understanding of cyber security issues in practice.

• Understand the principles of risk appetite, assessment and treatment, and how to apply them in large organisations. A cyber security risk certification such as CISM or CRISC would be an advantage, or broader risk qualification such as IRM certificate in enterprise risk management.
• Are confident influencing and advising senior stakeholders, including boards and executive teams
• Can work across organisational boundaries to drive consensus, alignment and action
• Are comfortable designing policy, frameworks or guidance that support consistent implementation at scale
• Have experience of creating and implementing risk management framework.
• Understand the challenges of digital service delivery, including legacy systems, resilience and technical debt
• Can use data and insights to support decision-making, governance and performance monitoring
• Are committed to building capability and improving maturity across people, processes and systems
• Have a good working knowledge of the HM Treasury Orange Book and Government Functional Standard 007, This vacancy is using Success Profiles , and will assess your Behaviours, Experience and Technical skills.

£69,308 - £80,342 National Pay Band: £69,308 - £74,129 London Pay Band: £73,690 - £80,342

Offers above the band minimum are subject to our assessment of your skills and experience as demonstrated at interview. Salaries over the band minimum will be paid as a non-pensionable allowance. A Civil Service Pension with an employer contribution of 28.97% GBP, Alongside your salary of £69,308, Cabinet Office contributes £20,078 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

There are many benefits of working at GDS, including:

• Flexible hybrid working with flexi-time and the option to work part-time or condensed hours.
• A Civil Service Pension with an average employer contribution of 28.5%.
• 25 days of annual leave, increasing by a day each year up to a maximum of 30 days.
• An extra day off for The King's birthday.
• An in-year bonus scheme to recognise high performance.
• Career progression and coaching, including a training budget for personal development.
• Paid volunteering leave.
• A focus on wellbeing with access to an employee assistance programme.
• Job satisfaction from making government services easier to use and more inclusive for people across the UK.
• Advances on pay, including for travel season tickets.
• Death in service benefits.
• Cycle to work scheme and facilities.
• Access to children's holiday play schemes across different locations in central London.
• Access to an employee discounts scheme.
• 10 learning days per year.
• Volunteering opportunities (5 special leave days per year).
• Access to a suite of learning activities through Civil Service learning.

The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern digital government. Our priorities are to drive a modern digital government, by: * Joining up public sector services * Harnessing the power of AI for the public good * Strengthening and extending our digital and data public infrastructure * Elevating leadership and investing in talent * Funding for outcomes and procuring for growth and innovation * Committing to transparency and driving accountability We are home to the Incubator for Artificial Intelligence (I.AI), the world-leading GOV.UK and at the forefront of coordinating the UK's geospatial strategy and activity. We lead the Government Digital and Data function and champion the work of digital teams across government. We're part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol. The Government Digital Service is where talent translates into impact. From your first day, you'll be working with some of the world's most highly-skilled digital professionals, all contributing their knowledge to make change on a national scale. Join us for rewarding work that makes a difference across the UK. You'll solve some of the nation's highest-priority digital challenges, helping millions of people access services they need.