Birmingham, Bristol, Cardiff, Leeds, Manchester, Nottingham, Swindon
Job Summary
The Government Property Agency is the largest property holder in government, with more than £2.1 billion in property assets and over 55% of the government's office estate.
We are transforming the way the Civil Service works by creating great places to work, leading the largest commercial office programme in the UK, working towards halving carbon emissions from government offices, and achieving greater value for taxpayers. And we are looking for innovative, solutions-focused people to join our team.
Representing the best covenant in the UK – His Majesty's Government – we are leading significant transformational programmes such as the Government Hubs Programme, Whitehall Campus Programme and Net Zero Programme. We are also delivering cost- effective property services such as asset management, lifecycle replacement and workplace services.
Innovation And Progress Underpin Our Behaviours. We Foster a Culture Of Lifelong Learning, Where Curiosity And Self-improvement Are Encouraged. Our Four Core Values Are At The Heart Of Everything We Do. They Shape Our Culture And Guide How We Work, Lead And Grow Together:
* Striving for excellence- We always aim to deliver great results
* Empowering through respect- We insist on fair treatment for all, always
* Acting with integrity- We consistently do the right thing
* Succeeding together- We rely on each other to achieve success
Join our dynamic and diverse team that leads with purpose, improving sustainability, nurturing social value, driving inclusivity and flexibility, and kickstarting economic growth. We are driven by purpose, and you can be part of it too: where you make a meaningful impact; where you influence; where your voice really matters; where you help to shape our future direction.
The GPA is committed to representing the communities we serve by making Diversity, Equality and Inclusion part of everything we do.
To ensure that we are always recruiting and retaining a diverse mix of talent, we are particularly inviting applications from candidates who are disabled, ethnically or gender diverse, and people who identify as being part of the LGBTQ+ community.
Job Description
You will support the Chief Security Officer and Security Advisor in the delivery of the security strategy by being a Subject Matter Expert, apply your expertise to identify, analyse, evaluate, and mitigate risks for a variety of systems and services.
Working closely with the business and key stakeholders to provide trusted advice and support across all aspects of Security – data, information, assurance, cyber, and 3rd party suppliers, safeguarding the Department's assets and managing security risks.
This is a varied and complex role that directly focuses on the delivery of Personnel, Cyber, Information and Supply Chain security, whilst working with other teams on the delivery of Physical, Technical and Operational security.
Lead and work collaboratively with stakeholders to provide subject matter expertise on a range of security & risk requirements and oversee the Identification, delivery and escalation of security risks for the business, influencing appropriate decisions in keeping within the GPA risk appetite.
You will deliver and implement a wide range of security risk and assurance activities, aligning our delivery to Government Standards, Frameworks and Industry best practice, continuously adapting our approach to improve our security maturity.
You will be responsible for communicating security standards, articulate threats, negotiate security enhancements, and conduct assurance activities across various environments, including on-premise and cloud solutions.
Conduct regular security assessments to identify vulnerabilities and recommend appropriate controls aligning to both government and industry best practice, identifying opportunities for continuous improvement in our delivery.
Delivering holistic security across the whole lifecycle of systems and services, embedding security into our supply chain and reviewing compliance to standards by advising on appropriate mitigations and controls.
You will lead on creating a positive, engaging and inclusive security culture through security education and awareness programmes, building a network of security partners across Government, and the broader security industry to share best practice, adopt common approaches and foster joint working on areas of mutual interest.
*Key Responsibilities:*
* Incident Management: Being the initial escalation point for managing incidents, advising on remediation actions, and developing security plans for future improvements via lessons learnt exercises.
* Security Policies: Implementing comprehensive security policies and procedures in alignment with UK government standards and best practices.
* Security Awareness and Training: Support the delivery of security awareness programs to educate staff on security best practices and promote a security first culture throughout the organisation.
* Compliance and Assurance: Ensure compliance with relevant security regulations and standards, conducting regular security audits, supporting Secure by Design and completing DSHC, CAF etc
* Supply Chain Security: Working with others across the business to carry out security assurance activities, providing expert security advice for tenders or contracts, and working collaboratively to mitigate risks throughout the lifecycle of the service.
* Reporting: Supporting the Security Advisor in preparing regular reports on security metrics, incidents, and our compliance status for key governance forums and government authorities.
* Risk Management: Maintaining the security risk register by continually assessing security risks and vulnerabilities of projects and services, regularly communicating with service/asset owners to mitigate risks.
* Security Operations: Overseeing day-to-day security operations, including incident response, threat detection, and security monitoring, to promptly identify and address security incidents.
You will support the Chief Security Officer and Security Advisor in the delivery of the security strategy by being a Subject Matter Expert, apply your expertise to identify, analyse, evaluate, and mitigate risks for a variety of systems and services.
Working closely with the business and key stakeholders to provide trusted advice and support across all aspects of Security – data, information, assurance, cyber, and 3rd party suppliers, safeguarding the Department's assets and managing security risks.
This is a varied and complex role that directly focuses on the delivery of Personnel, Cyber, Information and Supply Chain security, whilst working with other teams on the delivery of Physical, Technical and Operational security.
Lead and work collaboratively with stakeholders to provide subject matter expertise on a range of security & risk requirements and oversee the Identification, delivery and escalation of security risks for the business, influencing appropriate decisions in keeping within the GPA risk appetite.
You will deliver and implement a wide range of security risk and assurance activities, aligning our delivery to Government Standards, Frameworks and Industry best practice, continuously adapting our approach to improve our security maturity.
You will be responsible for communicating security standards, articulate threats, negotiate security enhancements, and conduct assurance activities across various environments, including on-premise and cloud solutions.
Conduct regular security assessments to identify vulnerabilities and recommend appropriate controls aligning to both government and industry best practice, identifying opportunities for continuous improvement in our delivery.
Delivering holistic security across the whole lifecycle of systems and services, embedding security into our supply chain and reviewing compliance to standards by advising on appropriate mitigations and controls.
You will lead on creating a positive, engaging and inclusive security culture through security education and awareness programmes, building a network of security partners across Government, and the broader security industry to share best practice, adopt common approaches and foster joint working on areas of mutual interest.
*Key Responsibilities:*
* Incident Management: Being the initial escalation point for managing incidents, advising on remediation actions, and developing security plans for future improvements via lessons learnt exercises.
* Security Policies: Implementing comprehensive security policies and procedures in alignment with UK government standards and best practices.
* Security Awareness and Training: Support the delivery of security awareness programs to educate staff on security best practices and promote a security first culture throughout the organisation.
* Compliance and Assurance: Ensure compliance with relevant security regulations and standards, conducting regular security audits, supporting Secure by Design and completing DSHC, CAF etc
* Supply Chain Security: Working with others across the business to carry out security assurance activities, providing expert security advice for tenders or contracts, and working collaboratively to mitigate risks throughout the lifecycle of the service.
* Reporting: Supporting the Security Advisor in preparing regular reports on security metrics, incidents, and our compliance status for key governance forums and government authorities.
* Risk Management: Maintaining the security risk register by continually assessing security risks and vulnerabilities of projects and services, regularly communicating with service/asset owners to mitigate risks.
* Security Operations: Overseeing day-to-day security operations, including incident response, threat detection, and security monitoring, to promptly identify and address security incidents.
Person specification
*Experience & Technical Skills*
* Excellent communication skills, both verbal and written, to effectively convey security risks and strategies to stakeholders at all levels.
* Ability to build collaborative relationships with internal and external partners.
* Flexible approach to work in a dynamic and fast-paced environment with ability to prioritise workloads.
* Proven experience in conducting risk assessments and managing cyber security risks, including identifying potential threats, evaluating their impact, and implementing mitigation strategies.
* Ability to demonstrate strong knowledge of cybersecurity frameworks, including NCSC CAF, NIST CSF, ISO 27001, OWASP and GDPR.
* Experience working with cloud based solutions e.g. Software as a Service (SaaS) or platforms such as Platform as a Service (PaaS).
* Strong analytical and problem-solving skills, with the ability to analyse complex security issues, identify root causes, and develop effective solutions
*Qualifications And Accreditations
Essential criteria:*
* This role has been mapped to 'Cyber Security Risk Manager Principal' in the UK Government Security Profession Career framework and will require the skills attributed for a Cyber Security Risk Manager at Principle level.
Behaviours
We'll assess you against these behaviours during the selection process:
* Changing and Improving
* Making Effective Decisions
* Communicating and Influencing
Technical skills
We'll assess you against these technical skills during the selection process:
* Customer Perspective
* Commercial Acumen
* Property Market Knowledge
* Innovation
Alongside your salary of £56,500, Government Property Agency contributes £16,368 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
* Learning and development tailored to your role
* An environment with flexible working options
* A culture encouraging inclusion and diversity
* A Civil Service pension with an employer contribution of 28.97%
* Generous annual leave
Selection process details
This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.
We encourage applications from people from all backgrounds and aim to have a workforce that represents the communities and wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and well-being and aim to create a sense of belonging in a workplace where everyone feels valued. The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a
Disability Confident Scheme (DCS)
for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a
Redeployment Interview Scheme (RIS)
to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Sift
The sift is due to take place week commencing 14th September 2025.
As part of the application process, you will be asked to include a CV and a 500 word personal statement. The personal statement should then align with the person specification.
Interview
GPA policy is for interviews to be held face to face, with virtual interviews only by absolute exception. The date and location will be confirmed if you are invited to interview. If you feel this will be a problem for you, please contact to discuss prior to submitting your application.
At interview, applicants will be scored against 3 behaviours - Making Effective Decisions, Communicating and Influencing, and Changing and Improving.
Interview questions will be a blend of Behaviour, Experience, and Technical (core skill) questions.
Further Information
A reserve list may be held for a period of 12 months from which further appointments can be made.
Any move to GPA from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare; for further information visit the Childcare Choices website.
Reasonable Adjustment
If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.
If you need a change to be made so that you can make your application, you should:
Contact Government Recruitment Service via as soon as possible before the closing date to discuss your needs.
Complete the 'Assistance required' section in the 'Additional requirements' page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you're deaf, a Language Service Professional.
If successful and transferring from another Government Department a criminal record check may be carried out.
In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf.
However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre- stating the job reference number in the subject heading.
Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.
For further information on National Security Vetting please visit the Demystifying Vetting website.
New entrants are expected to join on the minimum of the pay band.
Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant's details held on the IFD will be refused employment.
A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.
This role is full time only. Applicants who wish to work an alternative pattern are welcome to apply however your preferred working pattern may not be available and you should discuss this with the vacancy holder before applying.
Feedback will only be provided if you attend an interview or assessment.
This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.
Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
This Job Is Broadly Open To The Following Groups:
* UK nationals
* nationals of the Republic of Ireland
* nationals of Commonwealth countries who have the right to work in the UK
* nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
* nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
* individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
* Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job Contact :
* Name : Roma McLoughlin
* Email :
Recruitment team
* Email :
Further information
If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, in the first instance, you should contact
If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission:
Click here to visit Civil Service Commission