Security Analyst x 2
UK Export Finance
Apply before 11:55 pm on Sunday 8th December 2024
Details
Reference number
Salary
Job grade
Contract type
Business area
Type of role
Working pattern
Number of jobs available
Contents
Location
About the job
Job summary
The Digital, Data and Technology function is responsible for the provision of IT and related services to all UKEF users. The Division has three principal areas of responsibility:
- The provision of IT infrastructure, equipment and support services for the Department;
- The definition, development and testing of bespoke software for the Department; and
- Definition of the Enterprise Architecture for the Department and the logical design and business analysis of UKEF IT systems.
This post sits within the IT Operations function (number 1 above) within UKEF. The IT Operations functions vision is to provide a secure first class employee experience with technology. We deliver, provide, manage and support critical IT services to the UKEF business. We own and define the employee experience across all technology our customers use, to enable greater productivity throughout the business.
We are here to enable and ensure that our employees have a first class, seamless and productive experience with their technology.
Job description
Our aim is to provide high quality Digital services for our staff using a mix of internal and external teams to deliver evergreen cloud services. Delivering this responsibility comes with a high demand for adoption of new technologies, systems and applications that require security review and scrutiny to ensure the department operates in a safe and secure environment that is overseen by centralised security products such as a SIEM, vulnerability scanners and security validation tools.
Security has never been more important in delivering services for our staff and customers. The Department is committed to meeting the objectives set out in the Government Cyber Security Strategy and is committed to undertaking an ambitious cyber security improvement programme. This is an extremely exciting time to join our team, as we build a new SOC capability to ensure we can continue to grow and mature our cyber defence capabilities.
As a SOC Analyst in our IT Operations team you will be responsible for working with colleagues in DDaT, our Departmental Security and Resilience Team, other government departments and third-party suppliers as part of a small team of internal SOC analysts.
You will collaborate with cross-functional teams to detect, analyse, and respond to potential security incidents, ensuring the protection of our data and information systems. Your expertise in cybersecurity, team skills and deep technical knowledge will be essential in identifying emerging threats , supporting implementation of effective security measures, and maintaining the highest standard of cybersecurity within UKEF.
Should you be successful in this role, there is the opportunity to undertake an Apprenticeship in Cyber Security (subject to course availability and candidate’s existing qualifications).
Person specification
Essential
Qualifications
- 5 GCSE passes, or equivalent (including Maths and English) at Grade 4 (C) or above. (A)
- Technology Operations experience (A,I)
Knowledge
- Demonstrable knowledge of cyber security principles, frameworks, and best practices (A,I)
- In-depth understanding of security technologies, including some of the following - Microsoft Sentinel, Cisco Meraki, Microsoft Defender, End-point protection (A,I)
Skills/Ability
- Ability to analyse and interpret security logs, event data, and alerts to identify potential threats (A,I)
- Demonstrable problem-solving and analytical skills, with the ability to investigate and resolve security incidents effectively (A,I)
Experience
- Experience of managing security operations incidents and events (A,I)
- Experience as a SOC analyst in an enterprise scale organisation (A,I)
- Experience of security operations and incident response planning (A,I)
- Hands-on experience with incident response and forensics tools (e.g Cellebrite, Magnet DomainTools), , techniques, and methodologies (A,I)
- Familiarity with security technologies such as SIEM, IDS/IPS, firewalls, endpoint protection systems, and vulnerability scanners (A,I)
- Knowledge of network protocols, traffic analysis, and cyber-attack methodologies (A,I)
Desirable
Qualifications
- Relevant degree in Cyber Security or security qualification.
- Certifications such as Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), or Certified Ethical Hacker (CEH) (A)
Knowledge
- Knowledge of automation, playbooks, and workbooks (I)
Skills/Ability
- Ability to communicate complex subject matter content to non-technical audiences (A,I)
- Contribution to wider corporate understanding of cyber security (A,I)
Experience
- Familiarity with continuous improvement of incident response processes, methodologies and tools (I)
Qualifications
• Technology Operations experience (A,I)
Behaviours
We'll assess you against these behaviours during the selection process:
- Managing a Quality Service
- Delivering at Pace
Technical skills
We'll assess you against these technical skills during the selection process:
- Following the sift, successful applicants will be invited to attend an initial short teams interview – this will be based on several technical questions relevant to the role.
- A formal panel interview where you will be interviewed across the two behaviours below and your technical ability to successfully carry out the role.
Benefits
- Learning and development tailored to your role
- An environment with flexible working options
- A culture encouraging inclusion and diversity
- A Civil Service pension with an employer contribution of 28.97%
Things you need to know
Selection process details
All applications will be sifted against our essential criteria outlined in the personal specification.
- Qualification - 5 GCSE passes (including Maths and English) at Grade 4 (C) or above AND Technology Operations Experience
- Statement of suitability - you should fully articulate in 500 words how you meet the essential criteria outlined in the person specification within the Information Pack.
For the initial sift your application will be evaluated against:
- Experience - Application and Statement of Suitability
In the event of a large number of applications there will be a pre-sift on the following essential criteria:
- Experience of managing security operations incidents and events
- Familiarity with security technologies such as SIEM, IDS/IPS, firewalls, endpoint protection systems, and vulnerability scanners
Following the sift, successful applicants will be invited to attend an initial short teams interview – this will be based on several technical questions relevant to the role. If you are successful following the initial teams interview, you will then be invited to attend a 2nd interview; this will include the following assessment:
Behaviours/Technical/Experience - a formal panel interview where you will be interviewed across the two behaviours below and your technical ability to successfully carry out the role.
- Behaviour- Delivering at Pace
- Behaviour- Managing a Quality Service
- Technical – Technical questions relevant to the role.
Details of interview panel members will be e-mailed to all successful candidates who are invited for interview.
Feedback will only be provided if you attend an interview or assessment.
Security
Nationality requirements
Working for the Civil Service
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
Diversity and Inclusion
Apply and further information
Contact point for applicants
Job contact :
- Name : UKEF Recruitment Team
- Email : recruitment2@ukexportfinance.gov.uk
Recruitment team
- Email : Recruitment2@ukexportfinance.gov.uk