Head of Security Strategy and Performance

To apply direct for this role please visit Civil Service Jobs and quote ref no. HMRC Security helps protect HMRC by demonstrating statutory compliance, responding to complex threats and ensure we maintain revenue to the state. In particular, inspiring public trust by protecting citizens' data and assets from harm. Our aims are: Protect HMRC from security risk. Defend against security incidents. Improve customer service. Enhance HMRC security culture. HMRC Securitys vision is: 'Our vision is to equip HMRC with the tools, skills, capability, and experience to understand business risk, protect assets and deliver critical services to the UK." Key to delivering this vision is an Enterprise-wide Security Strategy that; Provides a stable base for good security decision making in HMRC. Communicates the common frame of reference that enables HMRC to align its internal security operating model with the cross-government security ambition and its operational delivery aims. Because the business & security landscape is rapidly evolving, the Strategy will need constant maintenance to ensure it can encompass and rapidly respond to new threats that face HMRC in protecting public data, finances and our reputation as a respected government organisation. HMRC Security is currently implementing a new security operating model and therefore this in an evolving role and will have additional accountabilities as the model is implemented. By joining HMRC Security, you will be a vital part of the UK Governments vision for creating a world class security service provided by expert security professionals. Job description HMRC recognise that the strategic security threat landscape is dynamic and the team responsibilities are growing in response. As Head of Security Strategy & Performance team within HMRC Security, you will lead a team who have responsibility to develop, deliver and maintain the HMRC security strategy plus lead investment planning, governance and the Directorates front door, including but not limited to: Leading the development and implementation of HMRC Security Strategy. Leading engagement and approvals with the senior stakeholder network across HMRC and wider Government. Leading the team that will establish and embed new governance processes, evolve maturity statements, create and manage new Key Performance Indicators. Oversee all Governance structures and responsibilities for HMRC Security liaising with internal and external stakeholders such as Internal Audit and wider CDIO to inform business planning and oversight of Risk. Partner with other business areas to ensure the correct reflection of HMRC Security Strategy is embedded into the forward plans and policies of teams responsible for business strategy delivery. Lead and direct HMRC Security Front Door team balancing the running or the service with improving the service. Champion operational risk analysis, using this information to embed security by design into transformation at the pre-Business Case stage. Ensuring HMRC Security influences/informs strategic business thinking decisions by having representation at appropriate governance forums; embedding security by design. Leading the HMRC contribution to cross-government security strategy working groups. Briefing and presenting to the Chief Security Officer and senior stakeholders on HMRC Security Strategy and Performance matters. Horizon scanning, pre-Discovery and impact assessment to inform the HMRC response to emerging Enterprise level security threat and strategies. Building investment cases, including financial cases and impact assessments, and submission through governance of Enterprise Level security change projects, with input from specialists as necessary. Support new initiatives and projects as required, undertaking pre-Discovery and facilitating risk assessment. Person specification Essential Criteria: Recent experience of developing an Enterprise Level Strategy or strategic initiative for Government or large Private Sector Organisation. Well-rounded leadership providing compelling vision, prioritisation, team motivation and management. An ability to manage multiple priorities concurrently, drive forward work independently, and hold a proactive and inquisitive mindset. Excellent relationship building skills and strong evidence of demonstrating credibility with senior stakeholders. A strong communicator with excellent briefing and drafting skills including the ability to communicate complex messages succinctly and clearly to senior audiences. Desirable Criteria: Recent experience of building successful Business or investment case. A good working understanding of Cross Government Functional Security Strategy and National Cyber Strategy. Ability to understand policy and align change delivery, cascading vision and driving delivery objectives through your team. Experience of monitoring longer term delivery of benefits against business case and ensuring appropriate benefits realisation strategy is in place. Awareness of Green and Orange books and application of the principles. TPBN1_UKTJ

Created: 2025-08-15