JOB SUMMARY

Discover a career in your hands at HMRC. Whether you’re seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it’s really like to work at HMRC.
Visit our YouTube channel to watch the full series and come and discover your potential.
Do you have a passion for Cyber Security?
Are you interested in Cyber Security Architecture, Risk Assessment, and Pen Testing?
Are you interested in a learning challenge to become a Technical Cyber Security Professional.
Are you interested in working for an organisation that truly champions a healthy work/life balance?
If so, continue reading to find out more about this fantastic opportunity to join HMRC - one of the largest and most dynamic IT infrastructures in Europe, and we are now one of the most digitally advanced tax authorities in the world.
Now is a great time to join us as we develop a team of outstanding Cyber Security Professionals in the field of Security Solutions Architecture, Risk Management and Testing, who will create and run these new and improved technology services. This is a chance to work on services that matter and affect the lives of millions of citizens.
At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.
We want to maximise the potential of everyone who chooses to work for us, and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.
Diverse perspectives and experiences are critical to our success, and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.
See what it’s like to work at HMRC: “https://hmrc-jobs.career-inspiration.com/app/home”, find out more about us or ask our colleagues a question.

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

THE ROLE

Working in a multidisciplinary team in Cyber Security Technical Services (CSTS), you’ll be part of our active and encouraging cyber security community, within HMRC and across government.
As a Cyber Security Professional Practitioner, you will play a key role in securing HMRC’s services, to ensure the best possible technical security risk and solution architecture-based advice is given to our customers.
You will engage with multiple stakeholders from many other professions (Finance, Commercials, Legal, Operational) to enable the secure delivery of HMRC solutions and services.
You will work collaboratively with key senior business & technical stakeholders, to deliver appropriate, proportional, and relevant risk and solution architecture-based technical security advice and guidance.
This is an exciting time to join us and the chance to work on multiple services that matter and affect the lives of millions of citizens, UK industry and commerce, including Critical (UK) National Infrastructure.
Broadly, we would expect the successful candidate to align with the Government Security Professional Framework.

RESPONSIBILITIES

Deliver the range of HMRC and CSTS technical cyber security services, while supporting our security lifecycle.
Stakeholder management for major projects ensuring the CSTS work commitment required is delivered to time and quality, working collaboratively with project managers and programme leads to provide subject matter expertise on a range of security architecture & risk requirements.
Act as escalation point to deal with technical security related incidents.
Collaborate with Enterprise Security Risk and Resilience team to manage and handle CSTS-identified cyber security risks.
Identify, raise, and escalate technical cyber risks for the business, supporting and advising on risk mitigation.
Determine skills and resources needed and secure these in collaboration with our Operations Management Team.
Identify and elaborate Secure by Design requirements and architectural solution.
Scope technical security testing (including penetration testing) with project teams, interpreting and impacting outputs.
Provide Vulnerability management and continual security compliance expertise across On premise and cloud-based solutions.
Research, identify, validate, and embrace new technologies and methodologies.
Champion consistency across the business in support of our “one team” ethos
Represent our technical business during project development, delivery, and governance.
Provide peer reviews and coaching and mentoring as appropriate.
The role may involve line management responsibilities.