Army - Security Compliance Auditor

Andover

Job Summary

The Ministry of Defence (MOD) employs over 50,000 Civil Servants. Within this, the Army Top Level Budget (TLB) employs around 9,000 MOD Civil Servants across more than 300 locations. Our workforce is incredibly diverse, with roles ranging from trainers and human resources professionals to teachers, firefighters, psychologists, storekeepers, financiers, project managers, and policy staff. Each function plays a crucial role in delivering key outputs for the Army, and understanding our workforce through data is essential.

You will be part of the Army Digital Services’ Security and Compliance Team, which operates within the Chief Technology Office at Army Headquarters in Andover. The Army Digital Services (ADS) organisation is part of the Chief Technology Office (CTO) pillar, which is part of the Directorate of Information within Army Headquarters Andover. ADS is the Army's supplier of choice for the design, development, and support of applications and services to provide digital enablement of the Army's processes. It therefore supports the Army’s ambitious and innovative modernisation and transformation agenda. ADS enables this digital transformation by developing bespoke software, hosting applications, including the Army Data Warehouse, and conducting data analytics. The British Army is on a mission to triple its operational effectiveness by the end of the decade through rapid investment in cutting-edge technologies. Central to this transformation is data and digital innovation, led by the Army’s Chief Technology Officer (CTO).

The Security and Compliance Team is responsible for governance, control, audit, and security measures supporting the Army Private Cloud. This includes developing and maintaining policies, standards, processes, and best practices.

We are seeking a dedicated and proactive individual who is passionate about digital transformation and security. You should be someone who thrives in a dynamic environment and is eager to contribute to the Army’s mission. If you are excited about leveraging data and technology to drive change and ensure compliance with policies and regulations, this role is for you.

This position is advertised at 37 hours per week.

Job Description

Join the Army Digital Services’ Security and Compliance Team as a Security Compliance Auditor and play a pivotal role in the British Army’s digital transformation.

In this critical role, you will provide first-line assurance and audit capabilities for the Army Digital Services (ADS) IT infrastructure, applications, and hardware. Your primary responsibility will be to ensure that all applications and hosting infrastructures comply with the HMG Security Policy Framework, including JSP 440, the Data Protection Act (DPA), General Data Protection Regulation (GDPR), and JSP 453. Your expertise will be essential in managing risks and securing our applications and infrastructures from potential threats, achieving security assurance from Cyber Defence and Risk (CyDR).

Key Responsibilities Include:

• Security Assurance: Validate applications & services, Undertake Supplier Security Audits, Security Training Audits, SyOps Checks and lead on the Information Security Management System (ISMS)
• Asset Management: Undertake Asset management Audits, Hardware and software checks and ensure destruction procedures of assets are in place. Assist with 102 audits
• Technical: Ensuring Vulnerability assessments are undertaken, assist work on ADS BCDR to ensure it is continually tested. Assist Security Operations Centre (SOC) audits
• Data: Undertake Data Obfuscation, Data Destruction, Data Transfers audits
• Access: Undertake Server Room Access, System Administrator Access, User Access audits
• CICD pipeline security: Assure Separation of duties, Regression testing
• Support the delivery of the Security Assurance Contract and the Security Test as a Service Contract
• Line Management Responsibilities.

Person Specification

We are looking for enthusiastic individuals who can handle the pressure of coordinating a wide range of activities and should be comfortable working within the service management profession, willing to challenge established norms and process and be prepared to adapt to changing priorities.

Essential Criteria:

• Understanding of security processes for handling data
• Experience of conducting assurance and audit activities
• Applicants should also have effective written and verbal communication skills and display a positive and professional attitude
• Stakeholder management and communication skills
• Experience in using and exploiting MS Office 365 tools.

Desirable Criteria:

• Experience in using and exploiting MS Office 365 tools especially SharePoint and Teams
• ITIL v4.0
• Foundation Certificate in Information Security Management Principles

Behaviours

We'll assess you against these behaviours during the selection process:

• Leadership
• Working Together
• Communicating and Influencing
• Making Effective Decisions
• Managing a Quality Service

Selection Process Details

This vacancy is using Success Profiles, and will assess your Behaviours and Experience.

At Application You Will Be Assessed Against:

• Personal Statement of 750 words describing how you meet the essential criteria outlined in the advert
• 2 behaviours: Leadership and Working Together

Applications will be sifted using the Behaviours that have been chosen for this campaign, but in the event of 10 or more applications, an initial sift will be conducted on the lead behaviour: Leadership.

At interview you will be assessed against the following behaviours:

• Communicating and Influencing
• Making Effective Decisions
• Managing a Quality Service

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk

Contact point for applicants
Job Contact :

• Name : Michael Pearson
• Email : michael.pearson220@mod.gov.uk

Recruitment team

• Email : DBSCivPers-Resourcingteam3@mod.gov.uk