JOB SUMMARY

Do you have a passion for Cyber Security?
Do you have experience as a cyber security professional, working as part of a Security Operations team?
Are you interested in working for an organisation that truly champions a healthy work/life balance?
If so, continue reading to find out more about this fantastic opportunity to join UKHSA Cyber Security.
Now is a great time to join us as we establish a team of outstanding people in the field of Cyber Security Operations. This is a chance to work on services that matter and affect the lives of millions of citizens.
UKHSA’s Cyber Security Operations team is responsible for the operational cyber security of UKHSA.
We are looking for an enthusiastic Cyber Security Operations Team Member, with great technical and collaborative skills. In this role you will participate in areas such as security engineering, protective monitoring, vulnerability management and incident response.

JOB DESCRIPTION

Reporting to a Cyber Security Operations Team Lead you will be a part of the UKHSA Security Operations team, to ensure effective delivery of security operations projects and BAU delivery into the business. You will also support in complex incident management, including response activities, working with technical staff and suppliers to detect, contain and remediate security events and risks. The role can be fast paced and reactionary when dealing with a live incident.
You will manage networks of internal and external stakeholders. You will have a technical background in cyber security operations, with some knowledge of key security technologies, frameworks and best practices.

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

In addition to the above core skills the successful individual will be expected to:

• Contribute to strong operational relationships with internal cyber security, technology, and privacy teams to maintain efficient communication and collaboration on security issues.
• Any other responsibilities appropriate for this grade. Cyber Security Operations can be fast paced and will require a degree of flexibility

DETAILED JOB DESCRIPTION AND MAIN RESPONSIBILITIES

The successful individual will be expected to carry out all functions in all of the “Operations” Role Family outlined in Government Security Profession Career Framework, including:

Monitoring

• Monitor, triage and investigate security alerts on protective monitoring platforms to identify security incidents and perform analysis of security event data to support the response, reporting or escalating where appropriate
• Design, develop and support automated monitoring processes, using a variety of the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity and ensure continuous improvement through dashboard monitoring or retrospective assessment

Response

• Carry out UKHSA’s response policies and processes to meet the needs in line with appropriate standards
• Provide standardised advice on mitigation, escalating to a team leader where appropriate

Vulnerability Management

• Triage and prioritise vulnerabilities, implement mitigating measures, and support in the life cycle of vulnerability management, providing standardised advice on ways to improve control mechanisms and mitigate risk
• Communicate common mitigation strategies such as patching and basic configuration change (system hardening)

Digital Forensics

• Support the application of forensic readiness policy and work with other teams to ensure its implementation
• Analyse evidence to identify breaches of policy, regulation or law

In addition to the above core skills the successful individual will be expected to:

• Contribute to strong operational relationships with internal cyber security, technology, and privacy teams to maintain efficient communication and collaboration on security issues.
• Any other responsibilities appropriate for this grade. Cyber Security Operations can be fast paced and will require a degree of flexibility.

ESSENTIAL ROLE CRITERIA

• An interest in cyber security
• A proactive approach to investigating data in a work or educational environment
• Demonstrable ability to analyse and interpret data
• Effective verbal and written communication skills
• Knowledge of Common Security Vulnerabilities (CVEs) and remediation techniques
• Solid operational knowledge of working with Threat Intelligence Platforms, SIEM appliances, or intelligence feeds that have been acquired in large organisations
• Experience with large LANs and cloud environments, preferably AWS/Azure