Find More Than 10K+
United Kingdom Jobs

Day to Day Operations:

• Manage and maintain security of computer networks by monitoring situational awareness feeds to detect Cyber threats to users, and the wider MOD community.
• Conduct analysis of all alerts to determine the threat to computer networks, triaging by employing a methodical and coherent response and escalating in accordance with (iaw) Standard Operating Procedures (SOP’s)
• Create and maintain accurate case management records of all actions taken while analysing and closing incidents iaw SOPs.
• Monitor sensor feeds and heuristic detection tools, performing initial analysis to identify process and network events that may indicate a malicious cyber incident.

Incident Response & Management:

• Brief management regarding ongoing security incidents including status and actions to be taken.
• Raise and perform response actions of any incidents that arise during your response time, which may include liaison with external agencies or analysis using the tools available.
• Maintain all incident documentation using the various case management toolsets to maintain the single source of knowledge of the cyber defence task.
• Deliver briefings where required to support the defensive cyber monitoring task.

SOC Development:

• Develop new or improve Security Use Cases, ensure accurate supporting documentation is maintained and reports, rules, and alerts for SIEM tools developed in unison.
• Deliver operationally focused direction, guidance, and SME (subject matter expert) advice to junior security staff and non-security staff.
• Engage with various partners, including service providers within industry regarding the defensive monitoring.

Personal & Professional Development:

• Maintain knowledge of current cyber issues, vulnerabilities and exploits through research, technical reports, and briefs.
• Undertake continual knowledge development in line with NIST Work Role PR-CDA-001

Other Duties as directed by SOC TL and SOC manager/director.

As a Defensive Cyber Analyst, you will work independently and as part of a team, you will be responsible for proactive monitoring and detection of security events. You will be responsible for analysing, investigating, and communicating cyber security incidents and risk. You will be an effective team player and bring your good understanding of computer networks (LAN/WAN, network protocols and OSI model) and knowledge of computer-based network attacks (MITRE ATT&CK, NIST CSF) to contribute to successfully defending organisational systems. You will be responsible for seeking opportunities to improve your own knowledge and sharing knowledge with others.

The ideal candidate will have the following traits:

• A passion for cyber security and a keen interest in IT
• Adopts a creative, yet methodical mind-set when investigating and responding to cyber threats
• Persevering in the face of stressful circumstances, prioritise and meet deadlines.
• Superb attention to detail, good analytical and problem solving skills to assist in resolving Events of Interest and potential Indicators of Compromise
• A continuous desire and willingness to learn and develop your current knowledge and skills
• Good verbal and written communication skills, with particular ability to communicate technical information to non-technical collaborators.

We'll assess you against these behaviours during the selection process:

• Changing and Improving
• Leadership
• Developing Self and Others
• Making Effective Decisions
• Working Together

We only ask for evidence of these behaviours on your application form:

• Changing and Improving
• Leadership
• Developing Self and Others

We'll assess you against these technical skills during the selection process:

• SFIA – IT Infrastructure (ITOP) – Level 1
• SFIA – Network Support (NTAS) – Level 2
• SFIA – Incident management (USUP) – Level 3
• SFIA – Security operations (SCAD) Level 3

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%
• 25 days’ paid annual leave rising (one day per year) to 30 days after five years’ service
• Access to onsite gymnasium and cafe

External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period.

This post does not offer any assistance with relocation allowances.

Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at www.childcarechoices.gov.uk

Please note: Interview travel expenses will not be reimbursed.

The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment by 31st December 2022. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments.

MOD Recruitment Satisfaction Survey – we may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Notice sets out how we will use your personal data and your rights.

Job contact :

Name :
Civilian Workforce Adviser
Email :
[email protected]

Recruitment team

Email :
[email protected]