Apply Now
Details
Reference number
Salary
Job grade
Contract type
Business area
Type of role
Operational Delivery
Security
Working pattern
Number of jobs available
Contents
Location
About the job
Job summary
The UK government processes a mass of sensitive data, provides a critical service to the public, operates an extensive and complex IT estate, and faces a significant and growing cyber threat. In response we invest in a well funded and innovative cyber-security programme and we are looking for talented individuals who can bring a range of skills and experience to the department.
The Cyber Directorate within GSG(also known as GSG Cyber) sits within Government Security Group(GSG) and covers all aspects of Defensive Cyber Security for Government from strategy, policy and standards to the operational deliverables of incident, risk, threat intelligence and vulnerability management. We manage investment from the National Cyber Security Programme, outreach and engagement across Government and the wider public sector among much else.
The Cyber Operations team provides GSG with reporting cyber operational risk across the government sector, working closely with the Cabinet Office National Security team and the NCSC. The team is responsible for coordinating and understanding operational cyber risk across government.
If youre passionate about protecting government, want to be part of a security evolution, have a grounding in cyber security and want to learn more, this is the team for you. Come and help make government stronger.
Job description
As the cyber threat intelligence lead within GSG you will help to protect HMG against cyber threats.
You will play a key role in defining cross-government threat and work closely with our vulnerabilities team to deliver the operational cyber risk picture.
As part of the wider cyber operations team, you will also support the delivery of the Government Cyber Coordination Centre(GCCC) by driving collaboration across the cyber threat intelligence community, working with NCSC and CDDO in developing innovative ways to work with government data and processes, in support of the Government Cyber Security Strategy(GCSS) and the requirement to Defend as One.
This role will:
- Lead the generation, collection and dissemination of Cyber Threat Intelligence (CTI) across the Public Sector and HMG. Drawing upon all potential sources of data (from inside and outside Government) at all classifications. The postholder will be proactive and ensure the right CTI data gets to the right stakeholders in a rapidly consumable and actionable format.
- Build trusted partnerships across the intelligence community, commercial threat vendors and customer organisations.
- Develop the capabilities, processes and data flows that permit automatic and timely sharing of actionable cyber security relevant data to those that need it in the defence of the Public Sector.
- Ensure that relevant Public Sector cyber security policies and strategies appropriately reflect developed best practices and lessons learnt across CTI including data generation, sharing and management.
Person specification
Responsibilities:
- Establishing, maintaining and developing a cross government community of threat intelligence expertise with both internal/external partners and the wider Assessment Community to improve intelligence flow through collaboration and influence.
- Lead and motivate information sharing forums and maintain other intelligence relationships (internal and external) to enhance understanding of threats within HMG.
- Working closely with GSG Cyber Ops teams to predict and prioritise threats to an organisation and their methods of attack. Analyses the significance and implication of processed intelligence to identify significant trends, potential threat agents and their capabilities.
- Collation, analysis and assessment of threat intelligence and data from a range of sources taking into account its relevance and reliability to develop and maintain situational awareness.
- Apply expertise and insight to enrich threat information, including understanding the behaviour, capabilities and activities of threat actors and assessing possible implications, prioritising remediation of identified vulnerabilities. Sharing information which is insightful, provides clarity, presents clear key judgements and sound recommendations across the community.
- Turn information into action at strategic, tactical and operational levels in support of Government policy.
- The role will also act to support GSGs cyber incident response function as and when required.
Who are we looking for?
Essential Criteria:
- Experience of working in Cyber Security, ideally within a SOC/Operations environment.
- Identifying, collating, analysing and disseminating tactical, operational and strategic cyber threat intelligence from multiple information and data sources, including from CO systems, other government departments (OGDs), open and commercial sources.
- Producing well-written, well-structured, timely and impactful threat products and assessments in clear English, with minimal support that meet the requirements of stakeholders.
- Leading peer review of products and assessments, working closely with wider threat intelligence community.
Desirable Skills/Experience:
- Experience of working in National Security is desirable.
- Communicating effectively at all levels and present technical cyber security intelligence to senior stakeholders in concise business focused language, supplementing own knowledge with research where needed
- Familiarity with MITRE attack techniques.
- Working in an intelligence analysis environment as defined by Professional Head of Intelligence Analysis (PHIA).
Behaviours
We’ll assess you against these behaviours during the selection process:
Technical skills
We’ll assess you against these technical skills during the selection process:
- Candidates will be asked to do a short (5 -10 minutes) presentation on their thoughts on cyber security challenges faced by the Government . Further details will be provided to candidates invited to interview.
Benefits
- Learning and development tailored to your role.
- An environment with flexible working options.
- A culture encouraging inclusion and diversity.
- A Civil Service Pension which provides an attractive pension, benefits for dependants and average employer contributions of 27%.
- A minimum of 25 days of paid annual leave, increasing by one day per year up to a maximum of 30.
Things you need to know
Selection process details
Application process
You will be asked to provide an anonymised CV setting out your career history, with key responsibilities and achievements and 250 word behavioural statements. Further details are listed on the application form.
You will assessed against the following behaviours as outlined in the Civil Service Success Profiles framework:
- Communicating and Influencing
- Delivering at Pace
- Seeing the Big Picture
Selection process
If selected for interview, you will be assessed against the above Behaviours, along with a presentation as detailed below.
Technical Criteria:
Candidates will be asked to do a short (5 -10 minutes) presentation on cyber security challenges facing Government departments. Further details will be provided to candidates invited to interview.
Expected timeline (subject to change)
Expected sift date w/c 30th May
Expected interview date/s TBC
Interview location – Virtual via Google Meet
Further information
A reserve list may be held for a period of 12 months from which further appointments can be made.
Any move to insert Cabinet Office from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk
If successful and transferring from another Government Department a criminal record check may be carried out.
In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service on your behalf.
However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing Pre-EmploymentChecks.grs@cabinetoffice.gov.uk stating the job reference number in the subject heading.
New entrants are expected to join on the minimum of the pay band.
Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicants details held on the IFD will be refused employment.
A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the ‘Contact point for applicants’ section.
Candidates must hold DV clearance or be prepared to go through DV clearance for this role, which would normally need 10 years UK residency in the past 10 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.
Please note terms and conditions are attached. Please take time to read the document to determine how these may affect you.
Reasonable Adjustment
If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.
If you need a change to be made so that you can make your application, you should:
Contact Government Recruitment Service via cabinetofficerecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs.
Complete the Assistance required section in the Additional requirements page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if youre deaf, a Language Service Professional.
Feedback will only be provided if you attend an interview or assessment.
Security
Nationality requirements
Working for the Civil Service
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles (opens in a new window).
Apply and further information
You may want to save a copy for your records.
Contact point for applicants
Job contact :
- Name : Samir Miah
- Email : samir.miah@cabinetoffice.gov.uk
Recruitment team
- Email : cabinetofficerecruitment.grs@cabinetoffice.gov.uk
Further information
If you are not satisfied with the response you receive, then you can contact the Civil Service Commission at info@csc.gov.uk. For further information on the Recruitment Principles. and bringing a complaint to the Civil Service Commission, please visit their website at: https://civilservicecommission.independent.gov.uk.
