Head of Proactive Protection in London

Job description

The Fraud Prevention Centre (FPC) is a strategic capability within HMRC Security, designed to safeguard customers and the organisation against identity-related fraud and emerging threats. Its mission is built on three interconnected pillars: Protection, Detection, and Response, all underpinned by advanced threat intelligence and customer support. The Centre operates across multiple functional areas, including Proactive Protection, Customer Support & Response, and Strategy & Advisory, to deliver a holistic approach to fraud prevention.

The Proactive Protection function is central to this mission. It focuses on anticipating and mitigating fraud risks before they materialise, through anomaly detection, threat intelligence, and the design of preventive technical controls. This team will lead efforts to identify vulnerabilities, develop and manage innovative countermeasures, and collaborate with internal and external partners to strengthen HMRC\’s fraud resilience. By leveraging intelligence-led insights and advanced technology, Proactive Protection ensures that HMRC stays ahead of evolving fraud tactics and maintains trust in its services.

Person specification

Responsibilities:

• Strategic Leadership:
• Set the vision and direction for the Proactive Protection function, ensuring alignment with HMRC\’s purpose, organisational objectives and security strategy, protecting services critical to the UK and millions of global user accounts.
• Threat Intelligence integration:
• Develop relationships across HMRC and externally for the collection, analysis, and application of threat intelligence to dynamically adapt proactive fraud prevention measures, technical controls, and ensure senior risk owners are informed.
• Preventive Control Operation:
• Lead and manage the operation of technical security controls and detection capabilities, leveraging intelligence to prevent identity-related fraud before it occurs across all customer communications channels.
• Collaboration and Stakeholder Engagement:
• Build strong partnerships across FPC and HMRC (including our Customer Compliance teams, tax and customs service leads) and with external bodies to ensure a coordinated approach to fraud prevention and victim support.
• Innovation and Continuous Improvement:
• Drive innovation in fraud prevention techniques, leveraging automation, anomaly detection, and advanced analytics to stay ahead of evolving threats, and ensure a prompt and effective response.
• Team Development and Capability Building:
• Recruit, lead, and develop a multidisciplinary team of analysts, investigators, and technical specialists to operate proactive protection services in close collaboration with the FPC Engineering lead.
• Governance and Assurance:
• Establish robust governance frameworks, ensuring compliance with legal, regulatory, and organisational standards for fraud prevention.
• Performance Monitoring:
• Define and track key performance indicators for proactive protection activities, reporting progress to senior leadership and adapting strategies as needed.
• Customer-Centric Approach:
• Ensure that fraud prevention measures protect customers effectively while maintaining trust and minimising friction in HMRC services.

Essential Criteria

• Proven Leadership in Fraud Prevention or Cybersecurity
• Demonstrated experience in leading strategic online fraud prevention and/or security functions within a large, complex organisation, able to take a hands-on approach to develop and grow a rapidly growing capability. Track record of working across industry and government sectors to build resilience collaboratively against mutual threats.
• Expertise in Identity-based Fraud and Threat Management
• Deep understanding of risks to financial organisations, threat intelligence, and proactive protection techniques, including anomaly detection and adaptive controls. Knowledge of cyber security fields and methodologies, including MITRE ATT&CK, threat modelling.
• Strategic Planning and Delivery
• Ability to define and execute a vision for proactive fraud prevention, aligning with organisational objectives, international standards and good practice, and regulatory requirements.
• Technical Acumen
• Current knowledge of threats to internet services including authentication and identity proofing, cybercrime tools, techniques and procedures, familiarity with fraud prevention technologies such as dynamic risk scoring, behavioural analytics, zero-trust security models and relevant industry and government standards. Technical skills should be evidenced by relevant academic qualifications, industry certifications and professional membership.
• Stakeholder Engagement and Collaboration
• Strong track record of building partnerships across internal teams in a large organisation and external bodies, including internationally, to deliver integrated fraud prevention solutions.
• Governance, Legislative and Compliance Knowledge
• Understanding of governance frameworks, assurance processes, and legislative requirements relevant to intelligence collection, fraud prevention and data protection to ensue activity is lawful and outputs are actionable by law enforcement teams.
• Change and Transformation Leadership
• Experience in driving organisational change, embedding new capabilities, and managing cultural shifts towards proactive fraud prevention.
• Analytical and Decision-Making Skills
• Ability to interpret complex data, assess risk, and make informed decisions under pressure.

Desirable Criteria

• Experience of law enforcement and intelligence
• Familiar with applying relevant legislation to activity, management of information and criminal justice processes (e.g. IPA, RIPA, CPIA, PACE, CMA, Fraud Act and law enforcement directives of the Data Protection Act).
• Knowledge of tax, customs and benefits services and investigation of fraud
• Familiarity with HMRC services, criminal methods and investigative techniques would be helpful, but can also be quickly learned.

Additional Security Information

Candidates should hold DV clearance, or be willing and able to achieve that level of clearance. This is considered a \’Reserved Post\’ under the Civil Service Nationality Rules and is open to UK nationals only.