Senior Security Analyst
Sector: Central Government
Location: Glasgow, York, Manchester, Bristol
Date posted: 05/07/2022
Salary: £49,700 - £64,500 per annum
The Cabinet Office are seeking a Senior Security Analyst to join on a permanent basis.
The Cabinet Office supports the Prime Minister and ensures the effective running of government. It is also the corporate headquarters for government, in partnership with HM Treasury, and takes
the lead in certain critical policy areas.
We are the Cabinet Office’s cyber security team, and our mission is to secure the department against cyber threats. We protect our nationwide internal IT infrastructure, and high-profile citizen-facing digital services such as GOV.UK.
The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and vulnerability management capabilities for the Cabinet Office, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you’ll take a leading role in building and delivering these core capabilities, focusing on incident response.
As a Senior Security Analyst with responsibility for incident response, you will:
- lead the investigation of security alerts to understand the nature and extent of possible cyber incidents
- lead in-depth forensic analysis of systems, files, network traffic and cloud environments
- lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions
- review previous incidents to identify lessons and actions
- identify and deliver opportunities for continual improvement of the incident response capability
- work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities
- develop and update internal plans, playbooks and knowledge base articles
- act as an escalation point for, and provide coaching and mentoring to, security analysts
- be responsible for leadership and line management of security analysts
Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join.
We’re interested in people who have:
- significant experience investigating and responding to cyber incidents
- significant experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyber incidents
- experience managing and coordinating the response to cyber incidents
- experience coaching and mentoring junior staff
- an in-depth understanding of the tools, techniques and procedures used by threat actors
- excellent analytical and problem solving skills
- excellent verbal and written communication skills
It’s desirable, but not essential, that you have:
- experience with Splunk
- experience working in an Agile environment
- experience with cloud environments such as AWS
We’ll assess you against these behaviours during the selection process:
- Making Effective Decisions
- Delivering at Pace
- Working Together
- Managing a Quality Service
To apply, please provide a tailored CV demonstrating the skills and experience you offer against the criteria for the role. Applicants will be asked to complete a diversity form.
The closing date for applications is Tuesday 19th July 2022.