Register  |  Log In  |  Contact Us

Information Security Manager (Development)

HM Revenue & Customs
Contract Type
Defence & Security, IT
Expiry Date
08/03/2018 09:15:00
Location: Shipley Contract type: Permanent Closing date: 5/3/18Within HMRC, our digital division is called CDIO (Chief Digital Information Officer Group) and has a number...

Job Description

Location: Shipley
Contract type: Permanent
Closing date: 5/3/18

Within HMRC, our digital division is called CDIO (Chief Digital Information Officer Group) and has a number of internal delivery groups all working towards our digital transformation. The delivery group in which this vacancy sits, is called Data Engineering; this delivery group provides data analytics and reporting services for the whole of HMRC across legacy and new systems, with a focus on investing in future technologies to create the most digitally-advanced tax authority in the world. Data Engineering provides support to HMRC’s Hadoop-based Enterprise Data Hub (EDH) services, is primarily based in Manchester and also has a presence across sites in London, Southend and Telford. 

This is an exciting opportunity to join Data Engineering, as an Information Security Manager (Development). 

Our services are made within Agile frameworks and are deployed and operated via DevOps practices and the opportunity exists to work with the development teams to ensure that they design, develop and operate secure services by default. This role would suit someone who has worked in a software development environment, has a good understanding of software development methodologies and has an interest in software and application security. 

 You will:
  • Build a DEDG Security Champions Network (DSC) of developers from each product area/scrum team across the delivery group
  • Engage with the DSC network to ensure that security related user stories are considered at sprint 0, that threat models are undertaken in order to determine the risks that service presents and that security is built in to the way that the services are designed and operated
  • Translate technical risks into business risks in order that the business risk owner and assurance team [formerly accreditors] understand the level of risk exposure from all new and change projects
  • Work with developers and architects to understand the technical risks that their service presents
  • Support DevOps engineers in ensuring that security patches are up to date for all DEDG servers and that automatic code scanning results are interpreted and actioned
  • Maintain close working relationships with key internal and external stakeholders including corporate HMRC security (and other shared services), Human Resources, Legal, Outsourced Service Suppliers and Internal Support teams
Essential skills and experience: 
  • Understanding of software development lifecycles and how they integrate with security
  • Knowledge of hosting environments and the associated security context e.g. AWS, Azure, GCP, private cloud, etc.
  • Knowledge of virtualisation and containerisation technologies e.g. Docker
  • Must hold or be willing to undertake SC clearance

Desirable skills and experience: 

• Experience in operating within HMG security frameworks e.g. SPF, JSP-440, etc. 
• Experience of implementing security policy above OFFICIAL 


Relevant security qualifications on a par with: 

• Senior/Lead CESG Certified Practitioner (CCP), or 
• Undergraduate degree/Postgraduate qualification/Masters in an Information Security discipline

If you are interested in this role, please apply and should your skills and experience match the above job spec, a HMRC recruiter will be in touch with you. For further information regarding the role, it is also advertised through Civil Service Jobs. 
Register and Apply
Log In and Apply

Please fill in the form, upload your CV to complete your application. You will also register during this process to enable you to log in track you application and setup Job Alerts.

How did you find us?*
Profile Options
By submitting this form you agree to our terms of use
Register & Apply