Head of cyber security delivery

Head of Cyber Security Delivery


Vacancy Reference Number

19657

Number of Vacancies

1

(B) OCU

Digital, Data & Technology

Location

Bow, Other

Building

BOW CENTRAL COMMS

Band

Band S

Part/Full Time

Full Time

Hours per Week

36 hours per week

Type of Contract

Permanent

Job Advert

Job Title: Head of Cyber Security Delivery

Salary: The starting salary is £90,336, which includes allowances totalling £2,928.

The salary is broken down as £87,408 basic salary, which will increase annually until you reach the top of the scale £96,341. Plus, a location allowance of £1,928 and a non-pensionable allowance of £1,000.

Location: The primary Met Location for this role is Bow. Travel across the Met Estate, to attend meetings as required by the business, is expected.

"Keep checking Met Careers on a daily basis for new and exciting opportunities being released to join DDaT"

Policing London is a hugely complex challenge that evolves every day. To make sure the Met is up to the task, we need the right IT and systems across our organisation. As a Head of Cyber Security Delivery, you will help to enable us to do our best for the London area. Join us and play your part in making London the safest capital in the world and delivering 'More Trust, Less Crime and High Standards'.

As a member of the Met, you will also enjoy great benefits including annual leave, civil service pension arrangements, maternity/paternity support, as well as being part of a continuous learning culture.

Digital, Data and Technology (DDaT)

The mission of Digital, Data and Technology (DDaT) is to provide the Met with information (and specifically data), communications and technology to help frontline officers and Met staff do their jobs more efficiently, in order to deliver the New Met for London plan. In other words, DDaT is about "passionately delivering trusted technology for precise data driven policing".

As well as keeping up to speed with developments in technology and making recommendations for new equipment and systems that will help modernise policing, DDaT also comprises the Data Office which:

* Owns and drives the data compliance and analytics agenda.
* Brings together the accountabilities that are currently dispersed across the Met business areas.
* Consolidates and further develops existing Met data and insight services.
* Enables data sharing and collaboration to serve the public and external partners.

DDaT is committed to creating an inclusive working environment. We support hybrid working, and the hiring manager will be happy to discuss arrangements for this role.

Job Purpose

* The Head of Cyber Security Delivery oversees the Security functions (Risk & Assurance) within the Cyber Security team on behalf of the Met and covers the entire Met portfolio. The function directly advises the Head of Cyber Security, Director of Technology and on occasions the CDTO and where necessary the SIRO (by exception) around matters pertaining to technological risks for existing and proposed future solutions as well as having several day-to-day responsibilities. The Digital Data and Technology Cyber Security team are responsible for:

Cyber Risk / Threat Analysis

Cyber Security Operations

Cyber Security Architecture

Cyber Security Assurance

Cyber Risk and Compliance

Cyber Security Strategy

Cyber Security Delivery

* Identify if technology and services are Critical National Infrastructure, and risk manage accordingly.
* Ensure that MPS identify risk-informed security controls which:
* Mitigate applicable threats.
* Are kept current and actively managed.
* Protect against, detect and correct malicious behaviour.
* Ensure that critical technology and services are resilient to disruptive challenges such as Cyber-attacks and have the means to recover from these.
* Work to provide a holistic approach to centralised security activities, chorale the MSSP and MPS Security specialists in addressing key risks with appropriate mitigations.
* The role provides security assurance across the DDaT third party supplier chain ensuring compliance in line with contractual obligations, policy and processes. They are a contact point for suppliers and Met staff on security matters.
* Have a proactive responsibility to deliver secure systems and implement proportionate controls to enable business outcomes and transform ways of working, in line with the MPS risk tolerance.

Key Role Responsibilities

* Advising the Head of Cyber Security and/ or Director of Technology on matters of Cyber risk and ongoing management and mitigation of these risks.
* Work with 3rd party suppliers to ensure MPS solutions comply with security principles and standards and deliver best value.
* Ensure Assurance Scheme(s) are in place for 3rd party suppliers and updated accordingly when required.
* Maintain regular cadence with MSSP through Operational Security Meetings with key MSSP stakeholders.
* Produce policy on maintaining an appropriate security position in the live estate (covering patching, security monitoring, reporting etc).
* Maintain and oversee the implementation of the Cyber Security Maturity Improvement Plan.
* Sponsor / commission periodic re-assessments of the maturity level and agree the target for different functions.
* Engage with supplier Security Leads around ongoing monitoring, performance and assurances of activities.

Vetting Clearance

This post requires access to the most sensitive intelligence material on a daily basis. Applicants must hold or be prepared to undergo National Security Vetting (NSV) Developed Vetting (DV) level before taking up the post.

Additionally, this material is of particular sensitivity to the UK and its distribution must be restricted to UK nationals. In approved circumstances dual nationals (of which one element is British) may also be granted access. However, in the event that potential conflicts of interest cannot be managed the post holder will not be able to see the intelligence material and will not be able to perform their duties. For the purpose of safeguarding national security and in line with Cabinet Office Policy, supported by Section 82(2) to (4) of the Police Reform Act (2002), applicants who do not hold or acquire Security Check (enhanced) (SC(e)) OR Developed Vetting (DV) clearance and meet the nationality requirements cannot be offered the post.

Hybrid Working

Hybrid Working available in line with the Metropolitan Police Service hybrid working policy.

How to apply

To begin your career at the Met, please click the "apply now" button below. The application process requires a comprehensive CV, a Personal Statement (1000 words maximum), and an online application form. In your Personal Statement, you should explain your interest in the position and illustrate how your skills and experiences make you a suitable candidate. Please note that you should not submit two copies of your CV, and ensure that your documents are saved in either PDF or Word format, clearly labelled as CV and/or Personal Statement.

Completed applications must be submitted by 23:55 on 25th September 2025.

Once received, your application will be reviewed against eligibility criteria, following this, your application will be reviewed by the hiring manager. The application review for this vacancy will commence mid-August.

Following application review, successful candidates will be invited to interview. Interview dates will commence early September.

Essential For The Role

Essential For The Role, e.g. qualifications, licenses, languages, training

Essential Criteria:

* Understanding of managing multiple suppliers in a live service environment including security, change and incident management.
* ITIL knowledge and experience or working within ITIL aligned structures and processes.
* An understanding of operational policing requirements.
* Understanding of Cyber Security related security standards and models such as ISO27001 and NIST.
* Excellent stakeholder and supplier management.
* Excellent interpersonal skills, including teamwork, collaboration and negotiation.
* Ability to identify, analyse and resolve problems to effective solutions.
* Experienced in the delivery of information assurance processes, audit and risk management.
* Experience of working within a public sector environment that has a Managed Service delivery of services.
* They will need to act as 'intelligent customer' for the MPS to service providers and technology suppliers in the Cyber Security sector.
* The candidate must also have working relationships at the appropriate levels across the security, policing and government sectors.
* Experience of building and applying Assurance Schemes / Frameworks.
* Experience of working with a Managed Security Services Organisation.

Desirable Criteria:

* Knowledge of developing Security Architecture.
* Knowledge of Cyber Security Solutions.

Required Languages

English

Reports To

Band S1 - Head of Cyber Security

Candidate Information Pack

Band-S-BET-Head-of-Cyber-Security-Delivery- – 158KB Opens in a new window

Converted File Band-S-BET-Head-of-Cyber-Security-Delivery- – 194KB Opens in a new window

Additional Information

mps_a-new-met-for-london_external-summary-rgb-accessible_online- – 590KB Opens in a new window

Disability Confident Statement

The Met is committed to being an equitable (fair and impartial) and inclusive employer for disabled people, striving to have a diverse and representative workforce at all levels. We encourage applications from people from the widest possible range of backgrounds, cultures and experiences. We particularly welcome applications from people with disabilities and long-term conditions, ethnic minority groups and women.

As a Disability Confident Leader, the Met has committed to making disability equality part of our everyday practice. We ensure that people with disabilities and those with long term conditions have the opportunities to fulfil their potential and realise their aspirations.

The Met is committed to making reasonable adjustments to the recruitment process to ensure disabled applicants can perform at their best. If you need any reasonable adjustments or changes to the application and recruitment process, we ask that you include this information within your application form. All matters will be treated in strict confidence.

Please note, if you are applying for a police officer role or to become a police community support officer (PCSO) or designated detention officer (DDO), there is a minimum requirement that you must pass a job-related fitness test (JRFT) at point of entry. This does not apply to police staff roles. Find out more about police fitness standards.

Read our full disability confidence statement.