Offered Salary 1000
Experience 4 Years
Full Job Description
Join a team at the heart of the global economy!
We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video!
Our Digital, Data and Technology team develops and operates tools, services, and platforms such as great.gov.uk that enable the UK government to provide world leading support to businesses in the UK and overseas.
You’ll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade.
The role will be based in either London, Cardiff, Darlington, Belfast or Edinburgh and may require occasional travel to other DIT Offices. Please be aware that this role can only be worked from within the UK and not overseas.
Informal hybrid working arrangements will be available as agreed with the vacancy manager and in line with the requirements of the role.
Most DIT employees will be working a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Commuting costs to meet this requirement and travelling to the main office location will not be covered by DIT, however commuting costs will be covered for travel to a DIT office which is not the employee’s main office location under the Department’s Travel and Expenses Policy.
Let us tell you a little bit about the role…
This is an exciting new role for a Cyber Security Analyst to work within the DIT SOC (Security Operations Centre), reporting to the senior SOC analyst. The Cyber Security Analyst is responsible for the identification and handling of threats, both internal and external, to the security of DIT. This is achieved by the monitoring of DIT systems and the identification, through analysis of security data or threat intelligence, of unusual activities which could be malicious.
Focussing on supporting the delivery of the monitoring aspects of DIT’s Target Operating Model (TOM), this role will involve the analysis of security event data, management of security alerts and the response to, and investigation of, security incidents. These incidents will be documented, including the identification of lessons learned, which forms an integral part of the Cyber Security Analyst’s continuous improvement cycle.
This role will be suitable for an individual who has some experience in Cyber Security Analysis and is looking to increase their cyber knowledge, or for someone looking for a career change who has transferrable skills in areas such as data analysis or machine learning. Appropriate training, such as SANS courses, or others provided through the Government Cyber Profession, will be available for the right candidate.
What we’re looking for from you…
You will be an experienced Cyber Security Analyst that can:
Supporting the Senior SOC Analyst and SOC Manager in the implementation of the monitoring roadmap.
Analysing security event data arising from activity across the organisation with the goal of detecting malicious activity.
Investigating security alerts and incidents generated by security tooling within DIT, resolving or escalating as appropriate.
Producing documentation relating to the processing of alerts and incidents which includes the identification of improvements to processes and/or tooling.
Production and maintenance of SOC dashboards.
Updating DIT security tooling with Indicators of Compromise (IOC) from commercial and/or ad-hoc threat intelligence.
Testing of new features or alerts within the security tooling.
Following DIT cyber playbooks during incidents, updating and improving those playbooks as necessary, and where identified the creation of new cyber playbooks.
Essential Skills and Experience:
You’ll have demonstrable skills and experience of:
Experience of working as a tier 1 security analyst or in a role with transferable skills (e.g., investigation based or data analysis/machine learning roles).
Demonstratable experience of using KQL (Kusto Query Language) or a similar query language.
Understanding of the principles of intrusion detection and analysis.
Understanding of the cyber threats that an organisation can face and how they might be mitigated.
Effective verbal and written communication skills.
Ability to correlate data to be able to draw insights or conclusions.
Desirable Skills and Experience:
This isn’t necessary but would be ideal if you:
Knowledge of Security Incident Event Management (SIEM) and Security Tooling.
Relevant educational or security-based qualifications.
Experience of coding or scripting.
Understanding of various security frameworks (e.g. NIST).
Learning and development tailored to your role
An environment with flexible working options
A culture encouraging inclusion and diversity
A Civil Service pension with an average employer contribution of 27%
Things you need to know
Successful candidates must pass a disclosure and barring security check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check.
See our vetting charter.
People working with government assets must complete basic personnel security standard checks.
Selection process details
We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview.
Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way.
How to Apply
This vacancy is using Success Profiles, and will assess your Experience and Technical Skills.
Unless otherwise specified, all interviews are currently being held online. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way.
Sift will take place week commencing: 20th September 2022
Interviews will take place week commencing: 26th September 2022
Please notes these dates are indicative and may be subject to change.
As part of the application process you will be asked to upload a CV and complete a personal statement outlining your experience, skills and fit for the role.
At the sift stage for this role, we assess you against the essential criteria listed above.
At the interview stage for this role, we assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around behaviours and technical skills.
There will be a Technical element within the interview where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context. We’ll assess you against these technical skills during the selection process:
Intrusion Detection and Analysis
Incident Management, Investigation and Response
We’ll assess you against these behaviours during the selection process:
Delivering at Pace
Developing Self and Others
Changing and Improving
Appointments may be made to candidates in merit order based on location preferences.
The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Click through to apply and find out more.
Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised.
SC Clearance Details
All security clearances require you to provide evidence of your UK footprint where you have been physically present in the UK.
The requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years.
Failure to meet the residency requirements will result in your security clearance application being rejected.
If you require SC clearance you will need to provide evidence of the below requirements.
Checks will be made against:
Departmental or company records (personnel files, staff reports, sick leave reports and security records).
UK criminal records covering both spent and unspent criminal records.
Your credit and financial history with a credit reference agency.
Security Services record.
If successful and transferring from another Government Department a criminal record check may be carried out.
The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation.
Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you.
Please note – the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role.
Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www. childcarechoices.gov.uk” >here
New entrants are expected to join on the minimum of the pay band.
If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.
If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs.
Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners’ Recruitment Principles.
If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: (See complete description on Civil Service Jobs)
If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission:
Click here to visit Civil Service Commission.
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the ‘Contact point for applicants’ section.
For further information and to apply please click the link to direct you to the advertisers website.
Find out about our benefits, application process and practical details like our office locations on the things you need to know page. Remember to check out our blog, Digital Trade.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles. The Civil Service Code sets out the standards of behaviour expected of civil servants.
Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners’ Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: (See complete description on Civil Service Jobs) If you are not satisfied with the response you receive, you can contact the Civil Service Commission, which regulates all Civil Service recruitment. For further information on bringing a complaint to the Civil Service Commission please visit their web pages: Click here to visit Civil Service Commission/Complaints.
Feedback will only be provided if you attend an interview or assessment.
This job is broadly open to the following groups:
nationals of Commonwealth countries who have the right to work in the UK
nationals of the Republic of Ireland
nationals from the EU, EEA or Switzerland with settled or pre-settled status or who apply for either status by the deadline of the European Union Settlement Scheme (EUSS)
relevant EU, EEA, Swiss or Turkish nationals working in the Civil Service
relevant EU, EEA, Swiss or Turkish nationals who have built up the right to work in the Civil Service
certain family members of the relevant EU, EEA, Swiss or Turkish nationals
Further information on nationality requirements
Working for the Civil Service
The Civil Service Code sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles.
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment.
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : (See complete description on Civil Service Jobs)
Email : (See complete description on Civil Service Jobs)
Recruitment team :
Email : (See complete description on Civil Service Jobs)
AttachmentsDIT Candidate Pack (1) Opens in new window(pdf, 608kB)DIT Terms Conditions – New Opens in new window(doc, 44kB)
Job Types: Full-time, Part-time, Permanent
Part-time hours: 15 – 37 per week
Salary: £30,100.00-£37,100.00 per year
Cycle to work scheme
Work from home
8 hour shift
Monday to Friday
Reference ID: 236450