We are looking for a Cyber Security Vulnerability Analyst to join our Cyber Security Team at the Parliamentary Digital Service (PDS)
Protect the UK’s democratic process working as part of Parliament’s Cyber security team. The Cyber threat to Parliament is a challenging one to meet, balancing security and transparency whilst protecting some very high-profile targets. The Cyber team must remain switched on to geopolitical and domestic activity in order to protect its people, data and technology.
The team is responsible for operational cyber security including Logging and monitoring, incident response, threat and vulnerability management, intelligence-led penetration testing, development of cyber policies and standards, security architecture, forensic investigations and risk management.
You will be part of the cyber security team of parliament and help to define and develop the vulnerability management function and remediation processes. The team is comprised of a cyber security operations centre (CSOC) and an assurance function which you will work with in close proximity on a day to day basis.
You will need a good understanding and background in vulnerability management and hands on experience with industry standard vulnerability scanning tools. You will be providing reporting and metrics on both on-premises and cloud environments and supplement that with the ability to enrich the data provided. You will get involved in scoping penetration tests and reviewing security architectures and configurations for vulnerabilities. You will learn how to further your skills in both threat, vulnerability and penetration testing. You will assist the CSOC with developing new preventative measures as part of our Blue team processes as well as feeding into the accreditation and risk assessment components for the assurance team.
You will also be responsible for the creation and delivery of policies, standards and guidelines to aid and identifying and remediating vulnerabilities across a variety of solutions across Parliaments IT estate. To enable this you will have a solid understanding of contemporary threat and vulnerability trends and the ability to translate those into actionable intelligence for a versatile range of technical and non-technical key stakeholders across the business. No two days at Parliament are the same and you will be an integral part of driving forward Parliaments cyber security defences against a wide range of adversaries and defending democracy itself.
To be successful in the role you will have the following skills/experience:
- Perform Analysis of incident trends, facts and figures to determine the biggest current threats to Parliament. Ensure this information is kept relevant, using it to implement preventative measures and increase security posture
- Experience of configuring vulnerability management tooling, conducting regular scanning and assessment activities as well as the production and delivery of actionable mitigation and remediation plans
- Translate vulnerability management standards and best practice into organisation-specific policies, procedures and guidelines and champion standards and best practice outside security functions
We offer an attractive range of benefits including 30 days’ annual leave (increasing to 35 after a year’s service), contributory pension scheme, Employee Assistance Programme, great training and development programmes, access to various facilities (on-site gym, GP, nursery, hairdressers, post office and travel office) and much more.
So What’s Next?
Before submitting an application, please ensure you have read through the requirements and additional information as laid out in both of the file attachments: (1) Job Description (2) Candidate Information Pack.
When applying, you will be required to demonstrate your suitability against the criterion displayed as seen in “The Requirements” section of the Job Description. It is essential that you respond to each criterion listed using examples of your skills, knowledge and experience in no more than 500 words to each one.