JOB SUMMARY

Discover a career in your hands at HMRC. Whether you’re seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it’s really like to work at HMRC.
Visit our YouTube channel to watch the full series and come and discover your potential.
See what it’s like to work at HMRC: “https://hmrc-jobs.career-inspiration.com/app/home”, find out more about us or ask our colleagues a question.
Cyber Security provides vital protection for digital assets that provide essential services to the public. This role is essential for the investigation and review of our systems and data to identify security weaknesses, provide recommendations to improve our security posture and to drive delivery of those improvements.
This outcome of the role is to methodically identify and reduce threats to the HMRC estate using the technical countermeasures we have available. Ensuring our cyber security controls are effective and fit for purpose with accurate configuration and security posture. As well as continuously identifying new technical controls to answer risks.

JOB DESCRIPTION

You’ll work in our Incident Management Team, an exciting and fast paced group responsible for monitoring and responding to Cyber threats. You will lead a team of 6 specialists, providing support and guidance on technical issues whilst remaining cool under pressure.
You will have a strong technical background in cybersecurity, a proven track record of managing incident response teams, excellent vendor stakeholder management skills and possess exceptional leadership, communication, and problem-solving skills.

We would like to hear from applicants with the following cyber security operations skills:

• Triaging and investigating security alerts from multiple systems.
• Managing the response to cybersecurity incidents and related investigations, following the incident response lifecycle, to a timely and effective resolution.
• Developing alerts and use cases against very large data sets over some of the latest technology.
• Malware Analysis: ability to perform static and dynamic malware analysis to understand the nature of malware.
• Establish and maintain incident response processes, procedures, and documentation, ensuring they align with industry best practices.
• Serve as a subject matter expert on cyber security frameworks, including NIST, MITRE ATT&CK, and the Cyber Kill Chain.
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.

QUALIFICATIONS/KNOWLEDGE

At least one of the following:

• SANS certification.
• Experience of working in a SOC as part of an incident response function
• Experience using common security technologies such SIEM, EDR, IDPS, Network Security Analysis.

NATIONALITY REQUIREMENTS

Open to UK nationals only.

Security