Summary

At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.

We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.

If you're looking to challenge yourself and develop, you are looking in the right place.

We are the UK's tax, payments and customs authority. We collect taxes and duties from 45 million individuals and 5.2 million businesses, support trade and growth through customs and pay tax credits to 4.6 million household and Child Benefit to 7.5 million families. We have a complex IT estate with a big digital strategy that sees us already handle 1.15 billion transactions a year - 70% of all government transactions.

You will have read and heard in the news how getting Cyber Security wrong has the potential to destroy the reputations of organisations. So with such an important role for government and making great progress with online digital services we take Cyber Security seriously.

We invest in our people and you'll work along aside committed people who want to be the best at what they do. You will have access to some of the latest technologies and platforms and be given the space and support to help drive innovation.

Job description

The area you will work in is the Incident Management Team, an exciting and fast paced team responsible for monitoring and responding to threats.

You will need to have a passion for detail, be curious and investigative in your approach and want to gain an understanding of our IT systems, networks and processes.

Responsibilities

• Continual real-time monitoring of the HMRC's Security Platforms such as Splunk.
• Ensure the prompt analysis of anomaly detection tools to help identify security breaches, cyber-attacks.
• Triage events and raise incidents tickets for the incident response team to investigate.
• Build documented processes and procedures to ensure all aspects of incident response, digital forensics and malware analysis are carried out in an empirically secure manner and comply with all statutory, Departmental and ethical guidelines.
• Exercise, tune and innovate security incident playbooks/standard operating processes.

Essential Criteria:

• Passion and aptitude for technical Cyber Security work with the motivation to develop and maintain subject matter expertise.
• Demonstrable experience of paying meticulous attention to detail in your day to day work.

Desirable Criteria:

• Working experience on known SIEM and Log Correlation Tools.
• Understanding of the systems and high-level architecture which underpin corporate IT systems and the techniques deployed to compromise these assets.
• Experience using scripting languages (Python, Powershell, Bash, etc.)
• A good understanding of modern malware - execution methods, persistence, detection, C2 methods, delivery mechanisms and entry points. Understanding of network protocols - TCP/IP.
• A BSc or MSc in Cyber Security or a computing related field.

Behaviours

We'll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Changing and Improving

Technical skills

We'll assess you against these technical skills during the selection process:

 

• Cyber Security Analysis

Benefits

 

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension
•  22 days leave (pro rata for part time staff), which increases to 25 after a year's service and 30 days after 10 years' service.

Team members that are moving offices as a result of the Locations Programme will be entitled to a Moves Adjustment Payment for three years where they incur additional costs. This is calculated based on the difference between the costs of travelling to and from the new and old office, over a weekly period. You will get more detail on this as part of targeted locations move communications.

 

Apply before 11:55 pm on Friday 20th May 2022.