JOB SUMMARY

The Integrated Corporate Services (ICS) is a new shared corporate service, launched in July 2023. It provides corporate services (HR, Finance, Digital, Commercial, Security and Estates) across the Department for Energy Security & Net Zero (DESNZ) and the Department for Science, Innovation & Technology (DSIT).
Our team of just over 300 professionals will be leading the way in how these functions will be delivered in the future. Our ambition is to be the leading provider of integrated corporate services for government and set the standard for quality, efficiency, and innovation in our field.
We offer great working benefits including a world-class pension, flexible working options and a career where your learning and development is taken seriously. We are enormously proud to be a Disability Confident Leader employer. We support candidates with adjustments throughout our recruitment process. Information about disability confidence and just some examples of the adjustments that you can request can be found in the reasonable adjustment section below.
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

JOB DESCRIPTION

Join ICS Digital, where innovation meets expertise to create digital solutions. We are a cohesive digital community who work in the open, solving problems together and fostering a culture of transparency and collaboration. Our commitment to user-focused design and data-driven decision-making ensures that we deliver accessible services tailored to the needs of our customers.
The ICS Cyber team are a cohesive digital community who work in the open, solving problems together and fostering a culture of transparency and collaboration. Our commitment to user-focused design and data-driven decision-making ensures that we deliver accessible services tailored to the needs of our customers.
The ICS Cyber team work within ICS Digital to monitor and protect the systems and services we provide to our customers in DSIT and DESNZ.
We are seeking Vulnerability Scanner Specialist to join our Cybersecurity Team. In this role, you will be responsible for managing and conducting regular vulnerability assessments scans using existing tooling against a variety of internal and external systems. You will be responsible for identifying suitable systems for scanning, reaching out to system owners and ultimately providing recommendations and reports to teams for improvement of the organizations security posture from this perspective. You will work closely with Teams and departments to ensure that vulnerabilities are properly mitigated, and security best practices are followed.
The role is critical in developing our defensive capabilities, utilising the vulnerability tooling we have available to use, and leveraging the benefits of this across the wider customer base we serve in DSIT and DESNZ.
Visit our blog to learn more about us and our work: https://icsdigital.blog.gov.uk/

QUALIFICATIONS

Current certification: CompTIA Network+

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

Your main responsibilities will be:

• Planning, execution and management of vulnerability assessment scans across multiple environments to develop our internal and external scanning programme.
• Maintain relationships with development teams responsible for bringing public facing websites online and ensure regular scanning of external websites is completed.
• Create scan overview reports for senior management to provide an overview of scanning activities and results based on environments, severity and risk levels.
• Work with stakeholders to provide recommendations for improving overall system security where appropriate.
• Ensure all scans are comprehensive and current, adapting to new vulnerabilities and emerging threats.
• Monitor and maintain scanning platforms, plugin updates and system availability.
• Participate in security assessments to ensure compliance with internal and external security standards.
• Document process and procedures in relation to scanning activities.
• Manage distribution and access to scan reports