Cyber Security Analyst London, England
Job description
Details
Reference number
Salary
Job grade
Contract type
Business area
Type of role
Security
Working pattern
Number of jobs available
Contents
Location
About the job
Benefits
Things you need to know
Apply and further information
Location
About the job
Job summary
The role is central to how the DMO delivers its cyber security strategy, which is aligned with the UK Government’s National Cyber Security Strategy, and the Cyber Assessment Framework. It is focused on cyber-attack monitoring, incident response, cyber defence, threat intelligence, and the support of cyber security assurance programmes (e.g. GovAssure).
Strong technical skills in cyber security operations, incident response, and threat intelligence are essential. There is particular emphasis on the use of Security Information and Event Management (SIEM), Network/Endpoint Detection and Response (NDR/EDR), and threat hunting (e.g. MITRE, TTPs).
In addition to strong technical skills, the candidate will need to be self-directed and motivated, an effective communicator, and enjoy working across teams for delivery. A focus on collaboration and consensus building is essential.
Job description
Conduct cyber security operations, comprising Security Information and Event Management (SIEM), Network/Endpoint Detection and Response, threat intelligence, and threat hunting (e.g. MITRE, TTPs)
Conduct cyber security incident investigation, analysis, containment, and recovery. To include continuous improvement of SOP and development of metrics.
Provide a threat intelligence capability for current and emerging threats, risks, vulnerabilities, and technology developments, for continuous improvement of detection, response, and threat hunting capabilities (e.g. Indicators of Compromise, TTPs)
Conduct vulnerability assessments and cyber-attack simulations, and develop hardened device configuration standards, working with stakeholders for implementation
Support cyber assurance programmes (e.g. GovAssure)
Person specification
Demonstrable experience with Intrusion Detection (IDS) and Network and Endpoint Detection/Response (NDR/EDR), Security Information and Event Management (SIEM), and other common cyber-security technologies
Demonstrable knowledge of cyber-attack analysis, able to correlate multiple event sources to provide a complete analysis of an intrusion, and to effective threat hunt (e.g. MITRE, kill chain)
Demonstrable experience with best practice Incident Response principles (e.g. NCSC/NIST)
Demonstrable knowledge of Threat Intelligence reporting and modelling
Desirable: familiarity with NCSC Cyber Assessment Framework (CAF)
Behaviours
We'll assess you against these behaviours during the selection process:
- Seeing the Big Picture
- Changing and Improving
- Communicating and Influencing
- Working Together
- Delivering at Pace
Technical skills
We'll assess you against these technical skills during the selection process:
- Threat intelligence and threat assessment (Working)
- Intrusion Detection and Analysis (Working)
- Incident management, incident investigation and response (Practitioner)
- Cyber Security Operations (Practitioner)
Benefits
- Learning and development tailored to your role
- An environment with flexible working options
- A culture encouraging inclusion and diversity
- A Civil Service pension with an average employer contribution of 27%
Things you need to know
Selection process details
There will be a one stage interview process for this vacancy.
Applicants for this post will be assessed against the elements of Success Profiles and the Government Security Profession career framework listed above. Candidate guidance on Success Profiles, and how you will be assessed, is available here. Candidate guidance on Government Security Profession career Framework , is available here
- Technical Test: Shortlisted Candidates will be asked to undertake an open book technical test and will be assessed against the elements of the Government Security Profession career framework and Success Profiles listed above.
- All Applicants who were shortlisted for Stage 1 Technical Test will undertake an Interview. This interview will be in person and will be assessed against the elements of the Success Profiles recruitment framework listed above.
Application deadline: 23:55 on 27/09/2023
Shortlisting: Week commencing 02/10/2023
Technical Test: commencing 02//10/2023
Interview: Week commencing 09/10/2023
These dates are indicative and may change
Feedback will only be provided if you attend an interview or assessment.
Security
See our vetting charter (opens in a new window).
Nationality requirements
This job is broadly open to the following groups:
- UK nationals
- nationals of the Republic of Ireland
- nationals of Commonwealth countries who have the right to work in the UK
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
- Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Working for the Civil Service
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
Apply and further information
Contact point for applicants
Job contact :
Recruitment team
Further information
