G7 Cyber Security Vulnerability Analyst

Contents

• Location
• About the job
• Benefits
• Things you need to know
• Apply and further information

Bristol, Glasgow, London, Manchester

About the job

Job summary

The Cabinet Office supports the Prime Minister and ensures the effective running of government. It is also the corporate headquarters for government, in partnership with HM Treasury, and takes the lead in certain critical policy areas.

We are the Cabinet Office’s Cyber and Information Security function. Our mission is to secure the Cabinet Office’s digital and information assets against misuse, and enable the secure delivery of the department’s mission. We do this by developing, operating, and governing the cyber and information security controls which protect our nationwide internal IT infrastructure, and high-profile citizen-facing digital services such as GOV.UK.

Job description

This role is within the Cyber Defence team, which is responsible for understanding, detecting and responding to cyber threats and vulnerabilities impacting the Cabinet Office. This role reports to the Red Team Manager, and is responsible for operating and continually improving the team’s vulnerability management capabilities.

Responsibilities

As a cyber security vulnerability analyst, you will:

• manage the implementation and operation of vulnerability assessment capabilities across the Cabinet Office’s on-premise and cloud-based IT estate and digital services
• coordinate the triage and remediation of identified vulnerabilities using a risk-based approach, working closely with service teams and developers to ensure that appropriate mitigation measures are implemented
• work closely with other teams across Cyber and Information Security and the wider Cabinet Office to proactively reduce cyber security vulnerabilities
• produce regular reporting which delivers insights on vulnerability management activities and the impact on cyber security risk
• establish a detailed understanding of Cabinet Office data security and architectures enabling the delivery of consistent security advice
• define requirements for improving and expanding our security tooling
• develop and update internal plans, processes, and knowledge base articles
• support wider Cyber Defence activities
• line manage, act as an escalation point for, and provide coaching and mentoring to, associate security analysts

Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join.

Person specification

Essential Criteria

We’re interested in people who have strong vulnerability management experience, including:

• experience developing, implementing and operating vulnerability management capabilities
• experience using a variety of sources of information to identify, analyse and report on relevant threats and vulnerabilities.
• experience deploying, configuring and using vulnerability assessment (such as Tenable and the NCSC’s Active Cyber Defence Toolkit) and Attack Surface Management tools
• excellent stakeholder management skills
• excellent verbal and written communication skills, and the ability to communicate technical security issues to both technical and non-technical stakeholders
• experience with cloud environments such as AWS and Azure

Desirable Criteria

• experience with bug bounty programmes and platforms
• experience with digital brand protection
• experience investigating and responding to cyber incidents
• ability to work as part of a team in a multidisciplinary environment

Additional information:

A minimum 60% of your working time should be spent at your principal workplace. Although requirements to attend other locations for official business will also count towards this level of attendance.

Behaviours

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Communicating and Influencing
• Managing a Quality Service
• Delivering at Pace

Benefits

Alongside your salary of £53,400, Cabinet Office contributes £14,418 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role.
• An environment with flexible working options.
• A culture encouraging inclusion and diversity.
• A Civil Service Pension which provides an attractive pension, benefits for dependants and average employer contributions of 27%.
• A minimum of 25 days of paid annual leave, increasing by one day per year up to a maximum of 30.

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : Gabriel Currie
• Email : gabriel.currie@digital.cabinet-office.gov.uk

Recruitment team

• Email : menurecruitment.grs@cabinetoffice.gov.uk

Further information

Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. If you feel that your application has not been treated in accordance with the Recruitment Principles, and wish to make a complaint, then in the first instance you should contact Government Recruitment Service by email at : cabinetofficerecruitment.grs@cabinetoffice.gov.uk

If you are not satisfied with the response you receive, then you can contact the Civil Service Commission at info@csc.gov.uk. For further information on the Recruitment Principles. and bringing a complaint to the Civil Service Commission, please visit their website at: https://civilservicecommission.independent.gov.uk.

Read Full Description