Cyber Incident Operations Manager

Summary

At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.

We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.

If you're looking to challenge yourself and develop, you are looking in the right place.

We are the UK's tax, payments and customs authority. We collect taxes and duties from 45 million individuals and 5.2 million businesses, support trade and growth through customs and pay tax credits to 4.6 million household and Child Benefit to 7.5 million families. We have a complex IT estate with a big digital strategy that sees us already handle 1.15 billion transactions a year - 70% of all government transactions.

You will have read and heard in the news how getting Cyber Security wrong has the potential to destroy the reputations of organisations. So with such an important role for government and making great progress with online digital services we take Cyber Security seriously.

We invest in our people and you'll work along aside committed people who want to be the best at what they do. You will have access to some of the latest technologies and platforms and be given the space and support to help drive innovation.

Job description

The area you will work in is the Incident Management Team, an exciting and fast paced team responsible for monitoring and responding to threats. You will lead a small specialised team providing support and guidance on technical issues and have experience of keeping a cool head under pressure.

You will need to have a passion for detail, be curious and investigative in your approach and want to gain an understanding of our IT systems, networks and processes.

HR management of five staff.

We would like to hear from applicants with an interest in developing the following cyber security operations skills:

• Triaging and investigating security alerts from multiple systems.
• Responding to incidents and following through until remediation.
• Developing alerts and use cases against very large data sets over some of the latest technology.
• Malware analysis and techniques.
• We would especially welcome applicants with experience of working in these fields.

Responsibilities

Essential Criteria:

• Experience of using a variety of analytical tools to identify security compromises within large amounts of complex data.
• Experience of analysing large datasets to find unusual system and user behaviours.
• Knowledge of multiple technical environments, including but not limited to, cloud, networking, operating systems, databases.
• Exposure to the cyber security, including knowledge and experience of the breadth of threat actors and depth of threat vectors available.
• Proven expertise using digital forensic and malware analysis tools, whether that be commercial products or open source.
• A understanding of the structures underpinning corporate IT systems and how these structures can be compromised and exploited.
• Proven understanding of security monitoring, intrusion detection, prevention and control systems including firewalls, anti-virus, web proxies.

Desirable Criteria:

These will help set you apart:

• Evidence of interest and passion for the subject of Cyber Security.
• Evidence of managing a multi-discipline technical team.
• Evidence of being adaptable, creative and with the capability to learn quickly.
• Evidence of problem solving and effective decision making to resolve potential threats.

Desirable Qualifications:

• Cyber Security Degree.

Behaviours

We'll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Changing and Improving

Technical skills

We'll assess you against these technical skills during the selection process:

• Cyber Security Analysis

Benefits

• Access to learning and development tailored to your role.
• A working environment that supports a range of flexible working options.
• A working culture which encourages inclusion and diversity.
• A civil service pension.
• 22 days leave (pro rata for part time staff), which increases to 25 after a year's service and 30 days after 10 years' service.

Team members that are moving offices as a result of the Locations Programme will be entitled to a Moves Adjustment Payment for three years where they incur additional costs. This is calculated based on the difference between the costs of travelling to and from the new and old office, over a weekly period. You will get more detail on this as part of targeted locations move communications.

Apply before 11:55 pm on Monday 23rd May 2022.