Defence Digital ensures our Armed Forces remain among the most technologically advanced in the world. We do this by putting innovative and effective technology into the hands of over 200,000 users, from the boardroom to the front line.
We lead on cutting-edge data science, automation, and cyber security at scale. Our mission goes beyond the battlefield by leading humanitarian efforts and driving digital innovation that impacts lives across the globe.
Watch to find out more about what we do.
Passionate about using your skills to make a critical difference? Your next career move could be here.
A Market Skills Allowance (MSA) of up to £9k per annum may be payable with this post, paid in increments upon reaching the required level of competence.
The role:
Within the Global Operations and Security Control Centre (GOSCC), the Security Operations Centres (SOCs) provide a coherent, holistic and coordinated approach to Cyber Defence, underpinning the MOD's Defensive Cyber Operation and freedom of action in cyberspace.
The Defensive monitoring and incident response elements are responsible for the 24/7/365 detection of, and response to, cyber incidents impacting the MOD’s digital enterprise.
As a Cyber Security Analyst in the SOC team, you’ll be collaborating with cross-functional teams to detect, analyse and respond to potential security incidents, ensuring the protection of our data and information systems.
You’ll identify emerging threats, support implementation of effective security measures and maintain the highest standard of cyber security within our organisation. You’ll ensure that the confidentiality, availability and integrity of MOD's information and systems are protected from cyber-attacks.
As an analyst, you’ll use tooling, processes and information, from a multitude of sources, to identify, analyse, triage and report cyber events that occur, or might occur, within the network, enabling you to support protecting the information, systems and networks from threats.
What you'll be doing:
* Monitor, triage and investigate security alerts on protective monitoring platforms, to identify security incidents and perform analysis of security event data.
* Perform security log analysis, event correlation and threat intelligence, using information gathered from a variety of sources; using specified Security Information and Event Management (SIEM) tooling to proactively identify security risks and incidents.
* Conduct research, analysis and correlation across a variety of source data sets (indications and warnings) and validate intrusion detection system (IDS) alerts against network traffic, using packet analysis tools.
* Support major incident response efforts and lead on incident responses, including containment, investigation, analysis and reporting. Support implementation of the monitoring roadmap, to deliver and enhance monitoring.
* Support the design and development of automated monitoring processes, using a variety of the latest SIEM and network analysis tools, techniques and procedures to detect malicious activity and ensure continuous improvement of detection and processes.
* Deliver operationally focused direction, guidance and advice to team members, providing coaching and mentoring as required.
About you:
We would expect to see knowledge and understanding of cyber security principles, associated methodologies and frameworks (such as Mitre ATT&CK), in the context of current cyber threats.
You’ll need to show experience, or an understanding, of networking fundamentals and security concepts, alongside familiarity with security technologies, such as firewalls, endpoint protection, SIEM tooling, Microsoft 365 Security & Compliance features and/or other Cyber Security tooling.
You’ll need:
* An analytical mindset and ability to approach complex problems in a methodical manner.
* Excellent communication skills.
* Ability to prioritise and manage own work without supervision.
* The ability to relay technical information to a non-technical audience and provide concise and accurate reports for senior management.
* An interest in cyber security and the commitment to learn and/or provide network and continuous security monitoring, incident response and utilise security incident and event management (SIEM) tools.
If not held already, you’ll have the opportunity to gain the following, or equivalent, when in post:
* Certified Security Operations Centre Analyst
* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Intrusion Analyst (GCIA)
* GIAC Continuous Monitoring Certification (GMON)
Additional information
You’ll be key member of a c.5-person team, which operates a shift-based working pattern, providing 24/7/365 operations.
Shifts cover both days and nights and are rostered in blocks of 4 and 5, with equivalent off-shift blocks. All shifts will have mandatory start and finish times, more details can be provided at the interview stage.
These roles are eligible for a regular shift allowance and weekend premiums.
Allowances: A Market Skills Allowance (MSA) of up to £9k per annum may be payable with this post, paid in increments upon reaching the required level of competence.
What makes us great!:
Alongside your salary of £29,580, Ministry of Defence contributes £8,569 towards you being a member of the Civil Service Defined Benefit Pension scheme.
Our benefits include:
* Learning and development tailored to your role with a dedicated minimum of 5 days per year
* 25 days paid annual leave rising (by 1 day per year) to 30 days upon completion of five years’ service
* Ability to roll up to 10 days annual leave per year
* In addition to eight public holidays per year, you will also receive leave for HM The King’s birthday
* A Civil Service pension
* Parental and Adoption Leave
* Discounts on a range of services within and external to the civil service – Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, Company discounts with Virgin, Vodafone, and Microsoft Office.
* In year rewards and ‘thank you’ schemes such as vouchers and gift cards
* A culture encouraging inclusion and diversity
* Find out more here - Discovermybenefits
Equality and Diversity
Our people are at the heart of everything we do at Defence Digital. It’s vital that our workforce reflects the diversity of both our audience and the wider society in the UK, so we’re proud to be an equal opportunities employer and we actively seek candidates from diverse backgrounds and communities. We also recognise the importance of a good work life balance, so we do everything we can to accommodate flexible working, including part-time and job shares for all our roles. Please just let us know in your application or at any stage throughout the process if this is something you want to explore.
For full details about this vacancy, please click 'Apply' and search job ref.no.: 410379
#J-18808-Ljbffr