Job description
About us:
Do you have knowledge, skills or experience from which to learn network monitoring, incident management and utilise Security Incident and Event Management software?
Do you want to join an organisation that will support your continuous development, leading to industry recognised qualifications?
Defence Digital provide digital and technology services to our Armed Forces, ensuring they can operate securely via radio, satellite, and the internet. Operating at scale, with an annual budget in excess of £2Bn and a diverse team of 2,500 colleagues, we're aiming to make our Armed Forces some of the most technologically advanced in the world. To do that we're growing our capabilities in disciplines like data science, automation and cyber security.
If you can see yourself contributing to the world of Defence Digital, the next chapter of your career may be with us!
This role attracts the regular Shift Allowance and weekend premiums. A Market Skills Allowance (MSA) of up to £9k per annum may be payable with this post, paid in increments upon reaching the required level of competence.
The role:
Within the Global Operations and Security Control Centre (GOSSC), the Security Operations Centres (SOCs) provide a coherent, holistic and coordinated approach to Cyber Defence, under execution of the MOD's Defensive Cyber Operation.
The role of Monitoring is to collect and analyse security event data arising from activity across the enterprise, recommend tuning to improve rules generating security alerts, and follow up by investigating indicators of potentially malicious activity, escalating incidents, or initiating responses.
Within this specific SOC, the Defensive Monitoring and Incident Response element are responsible for the 24/7/365 detection and response of Cyber incidents impacting the MOD.
As an analyst, you will use defensive processes and information, from a multitude of sources, to identify, analyse, triage and report events that occur or might occur within the network. This will enable you to support protecting the information, systems and networks from threats.
In return, you’ll benefit from excellent learning and development opportunities tailored to your role and beyond. Whilst in post, you’ll be able to gain industry recognised qualifications and more and we’ll support you throughout the process. You’ll also be able to take advantage of our excellent benefits package, including discount services, a generous leave allowance and a market-leading Civil Service pension.
What you'll be doing:
The successful candidates will be required to:
- Support implementation of the monitoring road-map to enhance monitoring in line with requirements, policies, and standards to govern all activities and outputs.
- Monitor, triage and investigate security alerts on protective monitoring platforms to identify security incidents and perform analysis of security event data to support the response, reporting or escalating where appropriate.
- Deliver operationally focused direction, guidance and SME (subject matter expert) advice to junior personnel and less experienced staff, following current training guidelines, providing coaching and mentoring as required.
- Support the design and development of automated monitoring processes, using a variety of the latest SIEM (Security Information and Event Management) and network analysis tools, techniques, and procedures to:
- Detect malicious activity.
- Ensure continuous improvement of detection and processes.
- Accurately follow Standard Operating Procedures in the execution of incident response and defensive monitoring duties within the Security Operations Centre.
- Ensure that work carried out complies with all extant policy and orders, to maintain accurate records of activities across the business.
- Perform event correlation using information gathered from a variety of sources within the scope of the SOC's enterprise, using specified Security Information and Event Management tooling.
- Provide timely detection, identification and alerting of possible attacks/intrusions, anomalous activities and misuse activities and distinguish these incidents and events from benign activities, using cyber defence tools.
- Conduct research, analysis and correlation across a wide variety of all source data sets (indications and warnings) and validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.
- Temporarily operate out of alternative places of work, as the part of the Business Continuity Plan, when operational output is placed at risk or affected.
About you:
If you have previous knowledge, skills and experience or a strong relevant background in information technology from which to learn network monitoring, incident management and utilising Security Incident and Event Management software, we would love to hear from you!
If you have knowledge, experience and the desire to continue to learn and develop, we will provide opportunities to gain these in post. We can help you achieve the following industry qualifications, certifications or similar, where required:
- Membership of a relevant institution or body e.g., Institute of Information Security Professionals, Council for Registered Ethical Security Testers, British Computer Society (BCS)
- Relevant industry qualifications and accreditations e.g., Certified Security Operations Centre Analyst
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Continuous Monitoring Certification (GMON)
Beneficial qualifications or experience:
- Apprenticeship in cyber/computer related subject
- BSc in cyber/computer related subject
Additional details:
This role is part of a four-way shift-based system (each shift currently working 2 Days, 2 Nights & 4 Off), as a result this role attracts the Regular Shift Allowance and Weekend Premiums.
The successful applicant will be part of a 4/5-person team, which operates a 1 in 4 shift roster: 4 on, 4 off, pattern. Please note that there may be a requirement to change shifts (with notice) to fulfil operational requirements.
Working hours: 24/7 shift work - 2 x 11-hour days, 2 x 13-hour nights, followed by 4 days off.
All shifts will have mandatory start and finish times, details will be provided at the interview stage.
This job role may be suitable for hybrid working, which is an informal, non-contractual and voluntary arrangement, blending a balance of attendance in the workplace (your permanent duty station which is based on business assessment of where the work is best done) and working from home as a personal choice (if the role is suitable for this). If you are successful, any opportunities for hybrid working will be discussed with you prior to you taking up your post.
Dependent on the business need, there may be a requirement to travel within the UK (or potentially occasional overseas visits) for meetings, training or operational reasons.
Why we're great:
- Learning and development tailored to your role
- A culture encouraging inclusion and diversity
- A Civil Service pensionwith an average employer contribution of 27%
- Family Friendly – Maternity, Paternity and Adoption Leave.
- A wide range of discounts – Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, company discounts with Virgin, Vodafone, and Microsoft Office.
- 5 days per year Learning & Development
- In year rewards and ‘thank you’ schemes.
- Generous leave allocations.
- Please see Benefits Leaflet for more detail
Equality and Diversity
Our people are at the heart of everything we do at Defence Digital. It’s vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so we’re proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please let us know in your application or at any stage throughout the process if this is something you want to explore.
For more details on this role, please click Apply.
Job Types: Full-time, Permanent
Salary: £27,080.00 per year
Benefits:
- Company pension
- Employee discount
- On-site parking
- Sick pay
Schedule:
- 12 hour shift
Work Location: In person
Reference ID: 269814