Secondment Opportunity - National Cyber Security Centre - Senior Incident Coordinator, Incident Management

National Crime Agency

Closing date: 1 May 2017

Reference number



Within Superintendent pay scale



Contract type


Length of employment

This is a two year secondment opportunity to the NCSC on a lateral or temporary promotion basis.

Business area


Type of role


Working pattern

Flexible working, Full-time


37 hours a week

Number of posts



Based in London with occasional trips to Cheltenham.

About the job

Job description

Please note that the NCA is advertising this post on behalf of NCSC and the successful candidate will be on secondment to NCSC for the duration of their appointment.

The NCSC’s mission is to understand and reduce the harm caused by cyber threats against the UK, particularly against systems of national significance. The focus of the Incident Management team is on identifying where cyber threats have manifested as incidents and then responding appropriately to better understand what has happened and mitigate the impact of those incidents.
The Senior Incident Coordinator is key in managing NCSC’s holistic response to significant incidents and is directly responsible to the Deputy Director Incident Management. Significantly this role is also the senior liaison between the NCSC and the law enforcement community.
The Senior Incident Coordinator is responsible for:

Ensuring that NCSC’s response to significant incidents (C1, C2 and high end C3) is holistic, effective and commensurate with the identified threat or impact.

Developing incident management plans for those incidents. These should clearly define the intended objectives of NCSC engagement, and address requirements around victim engagement, wider mitigation (including international collaboration), investigative and intelligence gain requirements, including those of law enforcement, active response capabilities, cross government coordination, and media handling.

Overseeing implementation of those plans, including coordination of a virtual team to deliver against the objectives and ensuring effective communication of progress to stakeholders. Liaise with NCSC Incident Management team leads around allocation of resource to support high priority incidents and provide a challenge function to ensure that NCSC is doing all that it can, proportionate to the priority of the incident, to meet the stated incident management objectives.

Leading efforts to internally assess and evaluate to identify good practice, areas for improvement and clarifications required around process and policy. Identify opportunities where the NCSC can add value, for example around the public disclosure of threat intelligence, alerts or advisories, or other formal products. Make recommendations to the national policing lead regarding the adequacy and effectiveness of the national, regional and local cyber crime capabilities.

Maintaining and strengthening relationships with NCSC teams, SIA and LE to develop, implement and improve cyber crime delivery functions at national, regional and local level by identifying and delivering projects arising from the NCSC incident response and referrals, to increase mainstream capability in relation to cyber crime, and deliver the objectives of the national cyber security strategy, serious organised crime strategy and the strategic policing requirement.

Leading/coordinating the LE & NCSC engagement at senior stakeholder level providing business support and governance to operations, national networked service functions, and contributing towards the achievement of the strategic objectives of the Team UK cyber capability.

Engaging in professional development to maintain continual growth in professional skills including ongoing awareness of technical analytical techniques, SIA and law enforcement operational capabilities, ongoing intelligence investigations, real world events and their potential cyber implications, and threat actor TTPs, capabilities and targeting. Additionally the post holder will perform a pastoral care function for those law enforcement officers based within the NCSC.

Contributing to and supporting wider NCSC activities by overseeing and co-ordinating the preparation and delivery of training events, briefings and presentations to a range of key stakeholders to educate on NCSC good practice, cyber crime issues and promote the LE capability.


We'll assess you against these competencies during the selection process:

  • Experience of leading cyber crime operations including an understanding of state sponsored cybercrime, knowledge of technical threats, practical challenges and legislation affecting policing activity nationally and internationally.
  • Extensive experience of the theory and practical application of incident management and response, including victim engagement. Good stakeholder management, planning and resource allocation skills.
  • Excellent written and verbal communication and ability to influence and negotiate complex cybercrime methodology, including briefing senior stakeholders, working on the delivery of government policy and submissions to ministers and dealing with national and local media.
  • An understanding of SIA and LE operational capabilities and priorities together with knowledge of the priorities and a knowledge of the mechanisms for engaging with the government departments responsible for UK cyber security.
  • Experience of working within an Intelligence environment including information sharing across law enforcement, intelligence agencies and industry preferably with direct experience of cyber threat intelligence.



Civil Service pension schemes may be available for successful candidates.

Things you need to know


Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting.


Successful candidates will be expected to have a medical.

Selection process details

All candidates are required to complete the attached application form and send to by 12 midday on Monday 5th May 2017 along with authorisation from their current force.

Please evidence the competencies stated on the advert in your application statement.
Feedback will only be provided if you attend an interview or assessment.

Nationality requirements

Open to UK nationals only.


Candidates in their probationary period are not eligible to apply for vacancies within this department.

Grade entry qualifications

Essential at entry
UK National
DV security clearance or be willing to undergo and obtain this if not already held
Policing or other law enforcement experience

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles.
The Civil Service embraces diversity and promotes equality of opportunity. There is a guaranteed interview scheme (GIS) for candidates with disabilities who meet the minimum selection criteria.

Apply and further information

Contact point for applicants

Tracy - 07468 837625

Sift/interview dates and location

Interviews are scheduled to take place W/C 22nd May 2017

Further information

This role is typically graded at Superintendent level. This is a two year secondment opportunity to the NCSC on a lateral or temporary promotion basis. Applications are welcome from Chief Inspectors (on temporary promotion) or Superintendent (lateral) and from applicants with equivalent experience.

Share this page