JOB SUMMARY

We have an exciting opportunity for a Cyber Security Monitoring Advisor to join our Digital and Technology group.
This is a full-time opportunity, on a fixed term/loan/internal move or temporary promotion basis until 15 June 2026. The role can be based in 10 South Colonnade, Canary Wharf London, E14 4PU or South Mimms, Hertfordshire. Please be aware that this role can only be worked in the UK and not overseas. We are open to requests for part-time, job shares and flexible working. Please discuss this with the recruiting manager before accepting an appointment.

We are currently operating a hybrid way of working, with a minimum of 40% of contracted hours working on site to enable the collaboration and contact with partners and stakeholders needed to deliver MHRA business. This may rise to 60% during the year. Attendance on site is driven by business needs so depending on the nature of the role, some roles will need to be on site more regularly.

• This role is required to participate the in 24-hour security and operations incident response rota on a periodic basis. An on-call allowance will be paid based for this.

WHO ARE WE LOOKING FOR?

The successful candidate will have at previous experience of working in a cyber security team and will help to deliver the agency’s security agenda.
You will have a track record of managing and resolving cyber security vulnerabilities and you will be adept at communicating complex technical information to a non-technical audience.
You will be used analysis a range of data and information from internal and external sources to support decisions and be able to present strong recommendations in a timely manner, which consider a range of options, costs, benefits and risks. You should be a strong communicator and be able to build relationships across different teams.
If you would like to find out more about this fantastic opportunity, please read our Job Description and Person Specification!
Please note: The job description may not open in some internet browsers. Please use Chrome or Microsoft Edge. If you have any issue viewing the job description, please contact careers@mhra.gov.uk

SELECTION PROCESS DETAILS

We use the Civil Service Success Profiles to assess our candidates, find out more here.

• Online application form, including questions based on the Behaviour, Experience and Technical Success Profiles. Please ensure all application questions are completed in full; your application may not be considered if any responses are left blank. Our applications are CV blind, and our Hiring Managers will not be able to access your CV when reviewing your application.
• Interview, which can include questions based on the Behaviour, Experience, Technical and Strengths Success Profiles.

In the instance that we receive a high number of applications, we will hold an initial sift based on the lead criteria of Experience of managing and resolving cyber security vulnerabilities.
Applicants are assessed on whether they meet any mandatory requirements as well as the necessary skills and experience for the role. Applications are scored based on the competency-based answers provided- ensure you have read these thoroughly and allow sufficient time. You can view the competencies for this role in the job description.

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

WHAT’S THE ROLE?

The role exists to ensure that cyber security is maintained throughout the MHRA. The role requires a technically skilled Cyber Security Monitoring Advisor to join a team of cyber security staff to help shape and deliver the agency’s cyber security agenda.
The role sits within the Cyber Security Team within The Technology & Service Operations function within The Digital and Technology Group. It will help to enable several key cyber security initiatives which will help to maintain and build the cyber security of the agency.

KEY RESPONSIBILITIES

• Support the Cyber Security Monitoring Lead in their day-to-day role. Covering for them when needed.
• You will work collaboratively with the Information Security Team and Data Protection Teams.
• You will be responsible for management of several key cyber security mailboxes.
• You will be responsible for monitoring of vulnerability management feeds.
• You will be responsible for monitoring and maintaining the agency’s threat intelligence feeds.
• You will engage with other cyber security teams across government such as NHS England Cyber Security Operations Team and others.
• Support implementation of the monitoring roadmap to enhance monitoring in line with requirements, policies and standards to govern all activities and outputs
• Monitor, triage and investigate security alerts on protective monitoring platforms to identify security incidents and perform analysis of security event data to support the response, reporting or escalating where appropriate
• Design, develop and support automated monitoring processes, using a variety of the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to:
• Detect malicious activity
• Ensure continuous improvement through dashboard monitoring or retrospective assessment

We are currently operating a hybrid way of working, with a minimum of 40% of contracted hours working on site to enable the collaboration and contact with partners and stakeholders needed to deliver MHRA business. This may rise to 60% during the year. Attendance on site is driven by business needs so depending on the nature of the role, some roles will need to be on site more regularly.

• This role is required to participate the in 24-hour security and operations incident response rota on a periodic basis. An on-call allowance will be paid based for this

Certain roles within the MHRA will require post holders to have vaccinations, and in some circumstances, routine health surveillance. These roles include:

• Laboratory-based roles working directly with known pathogens
• Maintenance roles, particularly those required to work in laboratory settings
• Roles that involve visiting other establishments where vaccination is required
• Roles required to travel overseas where specific vaccination may be required