Salary: £44,720 (plus a capability allowance of up to £12,680)
Location: Manchester (hybrid with 60% office attendance)
Advert close: 4th December
Job summary
Cyber Security Response at the Home Office is at the front end of protecting a large government department and safeguarding critical digital infrastructure.
This role manages the response procedures and investigations of security events or incidents.
You’ll use your skills to:
* Lead a response team, developing capability to meet emerging threats and implement complex solutions.
* Support strategy and policy development for risk response focussing on process improvement.
* Support the management of the response to incidents, communicating with other business areas to ensure an effective response and mitigate against future incidents.
You’ll join an expert team of cyber professionals, committed to fighting cyber-attack across a complex network of systems. You’ll be aided by a supportive organisational culture, and a commitment to further your continuous development.
Job description
Response managers play a critical role in safeguarding the Home Office’s infrastructure and critical national infrastructure. Response managers use targeted threat intelligence to understand threats to our systems, apply that intelligence to guide threat hunting, and leverage threat modelling to strengthen and improve the Home Office’s overall security posture.
Your main day-to-day responsibilities could include:
* Proactively monitoring the internal and external threat landscape to identify cyber security threats to help inform defensive priorities and ensure detection capabilities remain effective.
* Analyse and prioritise risks to networks, systems, and applications using threat intelligence; taking a risk-based approach to respond to threats where appropriate.
* Conducting incident response exercises including red / purple teaming. Communicating the results of investigations and risk mitigations to improve the response to new threats and attack vectors. Conducting post-incident reviews.
* Conducting Threat Hunting activities against Critical National Infrastructure through SIEM and EDR. Performing digital forensics processes to gather evidence of potential security breaches.
* Conducting Threat Modelling that aligns to NCSC guidance and incorporates frameworks like STRIDE. Identify and prioritise threats and attack vectors to improve detection coverage of onboarded systems.
* Conducting Threat Intelligence activities against prominent threat actor groups. Communicating intelligence and risks to improve the response to new threats and attack vectors across networks, systems and applications.
* Continuously seeking to identify service and process improvements leveraging your knowledge of industry best practices and problem-solving skills to improve security operations.
* Carrying out response policies and processes in line with appropriate standards. Providing standardised advice on mitigation and escalating to a team leader where appropriate.
Person specification
You’ll have a demonstrable passion for response with the following skills, knowledge or some experience in:
* Conducting investigations within a Security Operations Centre environment and communicating those findings in both a verbal and written manner, tailoring format to different audiences.
* Applying MITRE ATT&CK frameworks to map and analyse adversary tactics and techniques.
* Utilising query languages, including Splunk SPL and/or Kusto KQL, for threat detection and investigation.
* Implementing Threat Modelling methodologies to identify and mitigate potential security risks to systems and application.
* Building strong partnerships with peers across an organisation and navigating the complex landscape of technologies, 3rd party suppliers, and other teams.
* Managing a team in a technical environment.
Benefits
* A Civil Service Pension with employer contribution rates of at least 28.97%.
* In-year reward scheme for one-off or sustained exceptional personal or team achievements.
* The ability to potentially adopt flexible working options that suit your work/life balance, plus the opportunity in future to take a career break.
* 25 days annual leave on appointment, rising with service.
* Eight days public holidays, plus one additional privilege day.
* 26 weeks maternity, adoption or shared parental leave at full pay, followed by 13 weeks statutory pay and a further 13 weeks unpaid, after qualifying service.
* Maternity and adoption support leave (also known as paternity leave) of two weeks full pay, after qualifying service.
* Paid leave for fostering approval processes, support when a child is substantively placed with you plus a foster to adopt policy.
* Support for Guardians and Kinship carers.
* Corporate membership of ‘Employers for Carers’ providing additional information and advice for carers, plus a ‘Carer’s Passport’ to discuss workplace needs and underpin supportive conversations.
* Time off to deal with emergencies and certain other unplanned special circumstances.
Please click on apply now to be redirected to our application portal