Ofwat (Water Services Regulation Authority)

Contents

• Location
• About the job
• Benefits
• Things you need to know
• Apply and further information

Birmingham based with hybrid working

About the job

Job summary

We are Ofwat, the Water Services Regulation Authority, a non-ministerial government department responsible for regulating the water sector in England and Wales.

We are at the source of everyday life. We help the sector build trust and confidence with customers, the environment and wider society: keeping water flowing, ensuring water bills don’t cost a penny more than needed, holding water companies to account. We push hard to improve day-to-day water company performance for customers, including on leakage, sewer flooding and customer service. We drive the sector to take a longer-term view and to take steps now to protect and enhance the environment, using digital and data innovations and making sure our water supplies are secure for future generations. Through our five-yearly price reviews, we oversee billions of pounds of investment into the water sector across England and Wales. 

Our work is high-profile and fast-moving, within a dynamic and agile environment. The work that you’ll be involved in every day will help us to deliver our strategy, to make us the regulator we want to be and help the sector to deliver for customers and society. 

You can find out more about why you should join Ofwat, our strategy, values and our framework for success in the attached Information for Candidates Pack.

Job description

The Role

As the Head of Security Operations and Incident Response, you will be responsible for the Security Strategy in Ofwat, our security operations, and overseeing the monitoring and response to security threats and incidents. You will lead a high-performing team and be the primary point of contact for the leadership team and business stakeholders for any security event, ensuring comprehensive monitoring and effective response to cyber security threats across all networks, assets, and users. You will also be responsible for managing incidents related to personnel, technical, and physical security breaches, working with the appropriate stakeholders.

As Head of Security Operations, you will shape response policies and processes to ensure they meet evolving needs, in line with appropriate government and other standards; including the UK Government Security Group and GovS007 security standard. You will provide reporting and insights to key stakeholders. 

Key Deliverables

In this role you will be expected to: 

• Security Operations Centre Management -Oversee the Ofwat security operations covering incident and event management, vulnerability management, threat intelligence both managing the internal team and working with suppliers in the delivery of quality services ensuring effective incident response and reporting. 
• Incident Management - Manage the response procedures and investigations of security events. Work with delivery teams to contain and remediate incidents, identify potential process improvements, and maintain organisational readiness. 
• Stakeholder Communication - Serve as the go-to person for any cyber security event. Provide reporting and insights to key stakeholders, Security Strategy, Policy and Process Development - Shape Ofwat's Security Strategy and response policies and processes to ensure they meet evolving needs, in line with appropriate government and other standards, including the UK Government Security Strategy and GovS007 security standard. 
• Security audits – Responsible for ensuring audits are completed in accordance with our obligations with Government Security Group.
• Security Culture – Lead on improving the security culture in Ofwat through effective Security education and awareness, embedding policy and process to protect Ofwat’s people, data and their assets.
• Cross-functional Collaboration - Work closely with various teams and suppliers, to ensure effective monitoring and response to cyber security threats. 
• Team Development -Contribute to and support the team's professional development 
• Supplier Management - Manage service providers required to run security operations. 
• Reporting Responsible for reporting on Security activity to Board level including service, incident and audit updates.
• Expert Advisory- Become a recognised expert and adviser to Ofwat and stakeholders in other Government Departments.

Person specification

To be successful in this role you will need the below essential experience, skills, knowledge and attributes:

Experience, skills and knowledge 

1. Lead Criterion: Strong understanding of cyber security operations, monitoring, response, and incident management processes. 
2. Proven experience in incident management, incident investigation, and response. 
3. Experience in leading and coordinating a high-performing operational security team across multiple locations. 
4. Experience of creating security strategies to improve the security maturity of an organisation
5. Proven experience and expertise in one or more of the following: SIEM systems preferably Microsoft Sentinel, network and systems security, intrusion detection/prevention, and malware analysis. 
6. Strong analytical skills, with the ability to correlate and identify trends, patterns, and outliers within large security datasets and telemetry.
7. Professional Qualifications: At least one professional qualification such as CISSP, CISM, SANS, or equivalent.
8. Understanding of legislation relevant to incident response, network monitoring, and investigations
9. Knowledge and awareness of information risk assessment and risk management. 
10. Professional Memberships: Membership of a relevant institution or body, e.g., Institute of Information Security Professionals, Council for Registered Ethical Security Testers

Attributes

• Creates Clarity
• Promotes Collaboration

Attributes as per Ofwat's Framework for Success for Principal Band. You can read more about Attributes here.

Benefits

Why You Should Join Us: 

We’re forward-thinking, creative, innovative, and ambitious. We constantly push the boundaries and embrace new ways of working. 

With us, your work matters, your voice is heard, and your impact is felt. Ours is a culture of trust, flexibility, autonomy, collaboration, and innovation. We all want positive change for water customers, the environment, and the future of water. 

But for us, change is more than what happens on the outside – we’ve always pushed boundaries internally, too. From becoming the first Civil Service organisation to achieve ‘Smarter Working’ status, to gaining our prestigious ‘Smarter Working Maturity’ award, we’ve consistently demonstrated our commitment to embracing innovative ways of working. Our people do their best work when given freedom over where, when, and how they work. Which is why we trust our teams to balance meaningful collaboration in the office with the flexibility of working from home. 

You will also benefit from:

• Excellent employer pension contributions of 28.97% (around £16,740 to £19,700 per annum for this role). You can find further details about pension schemes under Terms and Conditions in the Candidate Pack.
• 27.5 days leave (25 days annual leave + 2.5 days privilege leave) increasing to max 32.5 days with each year of service, plus bank holidays
• Access to exclusive discounts on a variety of goods and services, including retail outlets, 
• theatre tickets, holidays, insurance, and a gym membership
• Flexible working arrangements that suit your lifestyle
• Fees paid for membership of relevant professional bodies
• Up to 3 volunteering days per year
• Recognition vouchers scheme
• Generous shared parental leave and pay
• Enhanced sick pay
• Regular development opportunities
• Health and wellbeing initiatives
• Cycle-to-work scheme
• Season ticket loan for home-to-office travel
• Free eye tests and contribution to lenses/spectacles for VDU users

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : recruitment@ofwat.gov.uk
• Email : recruitment@ofwat.gov.uk

Recruitment team

• Email : recruitment@ofwat.gov.uk

Further information

Complaints procedure - The process of recruitment and assessment embraces the principles of fair and open competition and best practice. The first is to maintain the principle of selection for appointment to the Civil Service on merit on the basis of fair and open competition as outlined in the Civil Service Recruitment Principles. The second is to promote an understanding of the https://www.gov.uk/government/publications/civil-service-code/the-civil-service-code which sets out the constitutional framework in which all civil servants work and the values they are expected to uphold, and to hear and determine appeals made under it. If you feel your application has not been treated in accordance with the recruitment principles and you wish to make a complaint, you should contact recruitment@ofwat.gov.uk in the first instance. If you are not satisfied with the response you receive from us, you can contact the Civil Service Commission at info@csc.gov.uk

Read Full Description