Offered Salary 1000
Experience 3 Years
Qualifications degree / masters
£34,404 – £36,985
Labour Market Supplement of £10,000 payable depending on qualifications and experience
Higher Executive Officer
HMRC – CDIO – Chief Information and Security Officer (CSIR)
Type of role
Flexible working, Full-time, Homeworking, Part-time
Number of jobs available
About the job
Things you need to know
Apply and further information
Telford, West Midlands (England), TF3 4NT
About the job
At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.
We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.
Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.
HMRC collect more than £600bn in revenue for the UK Government, money used to run vital services for more than 67m people across Great Britain. As you’d expect then, the security of our online services and data assets is something we take incredibly seriously, and we’re now looking to add a Senior Cyber Security Analyst to the team.
Primarily working within the Investigation and Response element of the team, you’ll get to investigate, contain, correct and prevent re-occurrence of malicious traffic and incidents.
This is varied, interesting and vital work so if you’re looking for a new challenge, putting your experience and skills to the test, we’d love to hear from you.
See what it’s like to work at HMRC: “https://hmrc-jobs.career-inspiration.com/app/home”, find out more about us or ask our colleagues a question.
The Incident Management Team are the front-line operational arm of the HMRC Cyber Security Team, responsible for protecting the confidentiality, integrity and availability of HMRC online services and data assets. The team and the successful individual undertake the following 2 core activities:
Detect and Identify
Investigate and Respond
The Jobholder should be aware of the potential for the risk of financial loss in the day to day work and be responsible for taking action when you or your staff identify instances of this. The Jobholder will be accountable for ensuring mitigating action is taken as appropriate.
Continual real-time monitoring of the HMRC’s Security Platforms such as Splunk.
Ensure the prompt analysis of anomaly detection tools to help identify security breaches, cyber-attacks, and reporting activity.
Progressive maintenance and improvement of CST Splunk dashboards.
Build procedures to ensure all aspects of incident response, digital forensics and malware analysis are carried out in secure manner and comply with statutory, guidelines.
Exercise, tune and innovate security incident playbooks/standard operating processes.
Taking ownership of CST’s cases and following CST tickets to full resolution state – in line with CST procedures.
Collaborative working with external suppliers.
Perform analysis and forensics on network artefacts and malware samples to document attack capabilities, understand propagation characteristics and define signatures for detecting its presence.
You will already have knowledge and experience of:
Using a variety of analytical tools to identify security compromises within large amounts of complex data.
Analysing large datasets to find unusual system and user behaviours multiple technical. environments, including but not limited to, cloud, networking, operating systems, databases.
Exposure to the cyber security, including knowledge and experience of the breadth and depth of threat actors and vectors available.
Using digital forensic and malware analysis tools, whether that be commercial products or open source.
The structures underpinning corporate IT systems and how these structures can be compromised and exploited.
Security monitoring, intrusion detection, prevention and control systems including firewalls, anti-virus, web proxies.
We’ll assess you against these behaviours during the selection process:
Making Effective Decisions
Changing and Improving
We’ll assess you against these technical skills during the selection process:
Cyber Security Analysis
Learning and development tailored to your role
An environment with flexible working options
A culture encouraging inclusion and diversity
A Civil Service pension with an average employer contribution of 27%
From 1 September 2021 (when annual leave changes agreed as part of HMRC’s reform deal are introduced), full-time employees have a starting paid annual leave allowance of 25 days per year, pro rata, which will increase by one day for each year’s qualifying service up to a maximum of 30 days.
If you’re transferring over from an Other Government Department (OGD), we will take account of your previous qualifying service, provided there is no break in your service between you working for your previous department and taking up service with HMRC.
If you’re transferring over from a recognised Non-Departmental Public Body (NDPB), you will have your previous qualifying service recognised from 1 March 2011, provided it is continuous with your service with HMRC.
Things you need to know
Selection process details
This vacancy is using Success Profiles, and will assess your Behaviours, Strengths, Experience and Technical skills.
All Criminal Record Checks applications are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.
To apply for this role you will need to submit your CV stating your career history, qualifications, skills and previous experience.
You will also need to submit a Personal Statement of no more that 250 words, outlining your suitability for the role based on the person specification above.
Candidates who pass the initial sift may be progressed to a full sift, or progressed straight to assessment/interview.
At interview, you will be assessed on the Behaviours listed as well as Technical, and Strengths based questions.
Making Effective Decisions
Changing and Improving
Sift and Interview dates to be confirmed.
Please take extra care to tick the correct boxes in the eligibility sections of your application form. We understand mistakes sometimes happen but if you contact us later than two working days (Monday-Friday) before the vacancy closes, we will not be able to reopen your application for you. The inbox to contact is: [email protected] – Use subject line to insert appropriate wording e.g. Please re-open my application – 253916 & vacancy closing date 22/12/2022.
This vacancy is only open to existing civil servants who were recruited under fair and open competition, this does not include contractors, contingent labour or temporary fixed term appointments. If you are in any doubt you must contact your HR department to confirm you are a civil servant, you will not be appointed if it is confirmed at any point during the recruitment process that you are ineligible.
If you are successful and transferring from another Government Department, we will carry out a check of your identity, nationality, and immigration status (including the right to work in the UK) and a criminal record check before confirming your appointment.
Successful candidates must pass a Disclosure and Barring Security Check. Please note that HMRC have an exemption under the Rehabilitation of Offenders Act 1974, which enables us to make enquiries about both unspent and spent convictions.
In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf. However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment.
Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment.
A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.
Additional Security Information
Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.
HM Revenue and Customs is currently going through an exciting ten-year transformation programme to create a tax authority fit for the future. As part of this, we are committed to providing high-quality jobs and giving employees a great place to work, whichever location you work from.
HM Revenue and Customs has made significant progress with its plans to locate in 14 large, modern, flexible offices, equipped with high-speed digital infrastructure supporting improved customer service and compliance activity. These collaborative workspaces will enable smarter working and great training and development facilities, allowing for the sharing of expertise, local training, promotion, and provide great ongoing career development opportunities.
These offices will be located in central locations in the following towns and cities close to accessible transport links: Glasgow, Edinburgh, Belfast, Newcastle, Leeds, Liverpool, Manchester, Nottingham, Birmingham, Bristol, Cardiff, Croydon, Portsmouth and Stratford.
In addition, there will also be a small number of specialist sites where the work cannot be done anywhere else, in Gartcosh (near Glasgow), Telford, Ipswich, Worthing and Dover, as well as our headquarters in central London. What’s more, our Welsh language service has people located in Porthmadog, as well as Cardiff.
We are letting you know about our future plans because if you are recruited into an office that is not one of these locations, you will be expected, subject to HM Revenue and Customs applicable policies, to move to one of these locations in the future. In some cases, this will be via one of our nine transitional sites.
For more information please contact the vacancy holder.
Terms and Conditions
We really hope you decide to apply for this role. If you’re successful you need to know that in February 2021 members of recognised trade unions (ARC and PCS) voted to approve a pay and contract reform offer. This means that HMRC will adopt new terms and conditions for all colleagues as part of a multi-year pay deal and contract offer, the pay deal period is 01 June 2020 – 31st May 2023 and terms and conditions changes take place from the 01 June 2021 onwards. These terms will apply to colleagues who already work in HMRC and if you join us, it will apply to you too. We’ve put together a summary of the key changes that will be made and you can find this attached to the Job Advert.
If you are currently working for an OGD and would like to consider the impact on your pay when joining HMRC, please see the attached document “Pay on Transfer from OGD” for further information. (Please note the attached document could also be called “Combined T&C and OGD Pay English”)
New entrants are expected to join on the minimum of the pay band.
Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement this will be tested as part of the selection process.
A reserve list may be held for a period of 12 months from which further appointments can be made.
Any move to HMRC from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility here.
HMRC welcomes applications from those who need to work a more flexible arrangement and will agree to requests where possible, taking into account our operational and customer service needs. We can’t guarantee that we can meet all requests to work flexibly, as agreement will be subject to business ability to accommodate, and any request to work a more flexible arrangement should be made prior to your acceptance of the provisional offer.
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the ‘Contact point for applicants’ section.
Important information for existing HMRC contractual homeworkers:
Please note that this role is unsuitable for contractual homeworkers due to the nature and/or requirements of the role.
We want to make sure no one is put at a disadvantage during our recruitment process because of a disability, condition or impairment. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate. Please see our Disability Matters: How we can support you during our selection process booklet for more details.
If you need a change to be made so that you can make your application, you should:
Contact Government Recruitment Service via [email protected] as soon as possible before the closing date to discuss your needs.
Complete the “Assistance required” section in the “Additional requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.
Feedback will only be provided if you attend an interview or assessment.
Successful candidates must pass a disclosure and barring security check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check.
See our vetting charter.
People working with government assets must complete basic personnel security standard checks.
Open to UK nationals only.
Working for the Civil Service
The Civil Service Code sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles.
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans initiative.
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Recruitment team :
Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. You have the right to complain if you feel a department has breached the requirement of the Recruitment Principles. In the first instance, you should raise the matter directly with the department concerned via [email protected] If you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission please visit their web pages: Click here