Job Description

Details

-----------

Reference number

416539

Salary

54,416 - 68,344
Per annum, Pro Rata (Market Pay Supplement, from 5,000 - to 15,000)
A Civil Service Pension with an employer contribution of 28.97%
GBP

Job grade

Grade 7

Contract type

Permanent

Type of role

Information Technology

Working pattern

Flexible working, Full-time, Homeworking, Job share, Part-time

Number of jobs available

2

Contents

------------

Location About the job Benefits Things you need to know Apply and further information

Location

------------


Remote working (anywhere in the UK)

About the job

-----------------

Job summary

Do you have a passion for Cyber Security?


Do you have experience as a cyber security professional, working at a Management Level in an organisation?


Are you interested in working for an organisation that truly champions a healthy work/life balance?


If so, continue reading to find out more about this fantastic opportunity to join UKHSA Cyber Security.


Now is a great time to join us as we establish a team of outstanding people in the field of Cyber Security Operations. This is a chance to work on services that matter and affect the lives of millions of citizens.


UKHSA's Cyber Security Operations team is responsible for the operational cyber security of UKHSA.

We are looking for an enthusiastic Cyber Security Operations Team Lead, with great leadership and technical skills and a drive to improve the security of our services. In this role you will lead across areas such as security engineering, protective monitoring, vulnerability management, and incident response, as well as contributing to strategic team growth and maturity initiatives.

#

Working for your organisation

We pride ourselves as being an employer of choice, where Everyone Matters promoting equality of opportunity to actively encourage applications from everyone, including groups currently underrepresented in our workforce.


UKHSA ethos is to be an inclusive organisation for all our staff and stakeholders. To create, nurture and sustain an inclusive culture, where differences drive innovative solutions to meet the needs of our workforce and wider communities. We do this through celebrating and protecting differences by removing barriers and promoting equity and equality of opportunity for all.

Job description

Reporting to the Head of Cyber Security Operations you will supervise individuals within the UKHSA Security Operations team, to ensure effective delivery of security operations projects and BAU delivery into the business. You will also contribute to strategy, providing technical input and guidance to Senior Leaders, Risk Owners, UKHSA staff and partners. You will support and occasionally lead in complex incident management, including liaison with the National Response Centre if required, response activities, working with technical staff and suppliers to detect, contain and remediate security events and risks. The role can be fast paced and reactionary when dealing with a live incident.


You will work closely with contacts across Government and manage networks of internal and external stakeholders. You will have a technical background in cyber security operations, with knowledge of key security technologies, frameworks and best practices. You will also have an awareness of the challenges presented in delivering effective, high performing security services in a complex and evolving environment.


Individuals will be expected to communicate via a number of different tools and methods, such as email, teams, and telephone.

Detailed job description and main responsibilities

The successful individual will be expected to carry out all functions in all of the "Operations" Role Family outlined in Government Security Profession Career Framework, including:


Monitoring

Manage the monitoring, triaging, and investigation of security alerts on protective monitoring platforms to identify security incidents, and reviewing analysis of security event data to manage security incident response, reporting, or escalation where appropriate Lead small monitoring teams in the design, development and enablement of automated monitoring processes, recommending and implementing the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity and ensure continuous improvement through dashboard monitoring or respective assessment

Response

Manage an organisation's response policies and processes to meet the needs in line with appropriate standards Manage post-incident review, including root cause analysis, to feedback information and so improve monitoring
Vulnerability Management
Manage the triage of vulnerabilities, ensuring mitigation measures are implemented, and managing the life cycle of vulnerability management for a set of assets, providing tailored advice on ways to improve control mechanisms and mitigate risks Manage collaboration with stakeholders to create tactical plans relating to managing vulnerabilities, and oversee subsequent activities

Digital Forensics

Co-ordinate team scene investigation and capture evidence in accordance with legal guidelines to minimise disruption to the business and preserve evidentiary integrity, using specialist equipment as appropriate Review evidence to identify breaches of policy, regulation or law

In addition to the above core skills the successful individual will be expected to:

Manage individuals within the Cyber Security Operations team which may include UKHSAs external Cyber Security partners that provide augmented resourcing. Maintain Cyber Threat Intelligence and analysis capabilities to improve organisational understanding and awareness of technical security risks. Contribute to strong operational relationships with internal cyber security, technology, and privacy teams to maintain efficient communication and collaboration on security issues. You will coordinate your teams to investigate problems, implement solutions and take preventive measures and form part of an on-call rota for service continuity. Any other responsibilities appropriate for this grade. Cyber Security Operations can be fast paced and will require a degree of flexibility.

Person specification

Essential role criteria

Undergraduate degree in a STEM subject, or Professional Cyber Security qualification Significant experience of working at tier 2 or tier 3 in a SOC Previous management/mentoring responsibilities Effective verbal and written communication skills Leadership skills Demonstrable experience with KQL or similar query language. Demonstrable knowledge and experience of intrusion detection and analysis skills. Demonstrable experience in cyber security incident management Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience of vulnerability management

Benefits

------------


Alongside your salary of 54,416, UK Health Security Agency contributes 15,764 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an employer contribution of 28.97%

Things you need to know

---------------------------

Selection process details

This vacancy is using Success Profiles and will assess your Behaviours, Experience and Technical skills.


All individuals must undertake a technical test, presentation and pass the interview process successfully. This allows us to set the rate of the MPS awarded successfully.

Stage 1: Application & Sift

You will be required to complete an application form. You will be assessed on the listed (10) essential criteria, and this will be in the form of a:

Application form ('Employer/ Activity history' section on the application) upto 1250 word supporting statement.

This should outline how your skills, experience, and knowledge, provide evidence of your suitability for the role, with reference to the essential criteria.


The Application form and supporting statement will be marked together.

Longlisting:

In the event of a large number of applications we will longlist into 3 piles of:

Meets all essential criteria Meets some essential criteria Meets no essential criteria

The following will be taken through to the next stage:

Meets all essential criteria Meets some essential criteria

Shortlisting:

In the event of a large number of applications we will shortlist on the following:

Significant experience of working at tier 2 or tier 3 in a SOC
o Demonstrable experience in cyber security incident management

o Previous management/mentoring responsibilities


If you are successful at this stage, you will progress to interview & assessment.


Please do not exceed 1250 words. We will not consider any words over and above this number.


Feedback will not be provided at this stage.


Please note you will not be able to upload your CV. You must complete the application form in as much detail as possible. Please do not email us your CV.

Stage 2: Interview (success profiles)

You will be invited to a (single) remote interview.


Behaviours, technical, and experience, will be tested at interview.


You will be asked to prepare and present a 10-minute presentation. The subject of this will be sent to you prior to interview.


The Behaviours tested during the interview stage will be

Making Effective Decisions Managing a Quality Service - lead behaviour Delivering at Pace Leadership

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Eligibility Criteria - External

Open to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants).

Location

This is a homeworking role.

Security Clearance Level Requirement

Successful candidates must pass a disclosure and barring security check.


Successful candidates must meet the security requirements before they can be appointed. The level of security needed is Security Clearance.


For meaningful National Security Vetting checks to be carried out individuals need to have lived in the UK for a sufficient period of time. You should normally have been resident in the United Kingdom for the last 5 years as the role requires Security Check (SC) clearance. UK residency less than the outlined periods may not necessarily bar you from gaining national security vetting and applicants should contact the Vacancy Holder / Recruiting Manager listed in the advert for further advice.

Reasonable Adjustments

The Civil Service is committed to making sure that our selection methods are fair to everyone. To help you during the recruitment process, we will consider any reasonable adjustments that could help you. An adjustment is a change to the recruitment process or an adjustment at work. This is separate to the Disability Confident Scheme. If you need an adjustment to be made at any point during the recruitment process you should contact the recruitment team in confidence as soon as possible to discuss your needs.


You can find out more information about reasonable adjustments across the Civil Service here: https://www.civil-service-careers.gov.uk/reasonable-adjustments/

International Police check

If you have spent more than 6 months abroad over the last 3 years you may need an International Police Check. This would not necessarily have to be in a single block, and it could be time accrued over that period.

Artificial Intelligence (AI)

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.


Link below:


Artificial intelligence and recruitment , Civil Service Careers

Internal Fraud check

If successful for this role as one aspect of pre-employment screening, applicant's personal details - name, national insurance number and date of birth - will be checked against the Cabinet Office Internal Fraud Hub and anyone included on the database will be refused employment unless they can show exceptional circumstances. Currently this is only for External candidates to the Civil Service.

Careers website

Please visit our careers site for more information https://gov.uk/ukhsa/careers



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .



See our vetting charter .
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:


UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.



We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles .
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy .

Apply and further information

---------------------------------


Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

#

Job contact :

Name : Gurkamal Bhambra Email : gurkamal.bhambra@ukhsa.gov.uk
#

Recruitment team

Email : recruitment@ukhsa.gov.uk

Further information

The law requires that selection for appointment to the Civil Service is on merit on the basis of fair and open competition as outlined in the Civil Service Commission's Recruitment Principles. If you feel your application has not been treated in accordance with the Recruitment Principles, and you wish to make a complaint, in the first instance, you should contact UKHSA Public Accountability Unit via email: Complaints@ukhsa.gov.uk If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission: Visit the Civil Service Commission website: https://civilservicecommission.independent.gov.uk