Archives: Jobs

London

The Government Security Function (GSF) oversees the delivery of protective security across Government. Our Mission is to enable Government to protect citizens and provide vital public services by understanding and managing security risks. We set the strategy and standards for Government Security, monitor departmental security performance, manage pan-government security incidents, support the delivery of key security capabilities and lead the Government Security Profession.

The Government Security Group (GSG) is the centre of the Security Function, based within the Cabinet Office. GSG is transforming the Government’s approach to protective security to ensure it is fit to meet the challenges of the digital age. This role offers an exciting opportunity to work in a fast-paced, dynamic team, with a breadth of stakeholders including in other Government departments, the National Technical Authorities and the Agencies, and to contribute to delivering improved security across Government.

Who are we?

As our name suggests, Government Security Group (GSG) is charged with overseeing the security of HM Government (HMG).

The newly formed Cyber Directorate within GSG (also known as GSG Cyber) is a team of subject matter experts finding innovative solutions across HMG in response to the cyber security challenge. GSG Cyber covers all aspects of Defensive Cyber Security for HMG, from strategy, policy and standards to the operational deliverables of incident response, risk, threat intelligence and vulnerability management.

The Cyber Incident Response Analyst will be joining the Cyber Operations team which sits within GSG Cyber. We support GSG with understanding, managing and reporting cyber operational risk across the Government sector, working closely with the Cabinet Office National Security team and the National Cyber Security Centre (NCSC).

If you’re passionate about protecting Government and the public, want to be part of a security evolution, and have a grounding in cyber security, this is the team for you.

The Cyber Incident Response Analyst role plays a central role at the heart of government incidents, working closely with the NCSC, Government departments, and the National Security Unit. You will support with the coordination of GSG’s response to cyber incidents, working to understand their impacts to HMG individually and collectively, drafting and promoting protective advice. This will offer you unique insights into incidents affecting the breadth of Government, how it responds to these, and becomes stronger as a result.

The work is variable and interesting and you will develop strong contacts across HMG. You will also be involved with the COBR process as required, support with briefings to senior government officials and help drive the security agenda of Government.

As part of the wider Cyber Operations team, you will also support the delivery of the Government Cyber Coordination Centre (GCCC) by collaborating across the incident management community, working with NCSC and the Central Digital and Data Office (CDDO) to develop ground-breaking ways to work with government data and processes.

You will ensure we are collecting and exploiting the right kinds of data to understand impact and risk to Government from cyber events and incidents, individually and collectively. You will also help ensure we are identifying the right lessons from them, to help Government become stronger, more resilient and more secure. Your work will allow Government to “Defend as One,” as part of the expectation set out in the Government Cyber Security Strategy (GCSS).

Ideally you will have some experience of working in a crisis management or incident response environment but this is not critical. A good understanding of cyber security would be a real advantage, though you do not have to be a technical expert for this role.

Key areas of responsibility

The post holder will be responsible for:

• Supporting GSG respond to cyber incidents affecting departments across HMG.
• Develop data driven insights into cross government incidents to inform strategic objectives.
• Develop and maintain subject matter expertise on cyber incidents affecting Government as a sector.
• Identifying lessons from incidents, as well as themes and trends across these, to increase HMG’s resilience against cyber attack by sharing across government to Defend as One under the newly formed Government Cyber Co-ordination Centre.
• Informing government strategy, policy and cyber assurance activity.
• Development of advice and support to government departments.
• Support to National Security processes including COBR.

Essential skills and experience:

• Experience of working in cyber security.
• Analytical experience including data analysis, research and creativity.
• Experience of working with a range of stakeholders.

Desirable skills and experience:

• Experience of working in a cyber incident response function and/or SOC/Operations environment.
• Understanding of what good cyber incident response looks like, as well as common challenges.
• Experience of developing data-driven insights to inform strategic goals.

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Communicating and Influencing
• Delivering at Pace

• Learning and development tailored to your role.
• An environment with flexible working options.
• A culture encouraging inclusion and diversity.
• A Civil Service Pension which provides an attractive pension, benefits for dependants and average employer contributions of 27%.
• A minimum of 25 days of paid annual leave, increasing by one day per year up to a maximum of 30.
• Our cyber posts attract a skills based DDAT non pensionable allowance. In certain circumstances exceptional candidates may be eligible for a higher starting salary.

Cheltenham, London, Manchester

At GCHQ, we unlock the complex world of data and communications to keep the UK and its citizens safe, both in the real world and online. Working closely with our British Intelligence partners in MI5 and MI6, we protect the UK from threats including serious organised crime, terrorism, and cyber-attacks. A role in GCHQ means you’ll have varied and fascinating work in a supportive and encouraging environment that puts the emphasis on teamwork.

The National Cyber Security Centre (NCSC), part of GCHQ, is the UK Government’s lead authority on cyber security. The organisation is at the heart of the Government’s cyber security strategy and has the aim of making the UK the safest place to live and work online.    

The Economy and Society (E&S) Resilience team is one of four Resilience teams in the NCSC. Directly contributing towards the delivery of HMG’s National Cyber Strategy, the team provides cyber security support, guidance, products and services to a wide range of sectors including businesses, educational organisations and charities. It also helps prevent attacks from reaching citizens and empowers them to secure themselves online. The team prides itself on being diverse, friendly and supportive, and is regularly one of the highest scoring teams for “engagement” in GCHQ’s staff survey. We are currently recruiting a Policy Lead to join the team. 

This role will sit within the recently formed Market Incentives Team, which seeks to understand the barriers to organisations developing better cyber resilience; find innovative solutions to incentive cyber resilience; and support boards and other governance mechanisms find the assurance they need in their organisations’ cyber resilience. 

As Policy Lead, your role will be to cohere and lead strands of work across the Economy and Society Team, spotting opportunities where we can have an impact across multiple sectors and working with lead government departments and industry stakeholders to deliver an impact on cyber resilience from their policy initiatives. A key part of that will be acting as a hinge between the work of the NCSC’s overarching Cyber Policy team and the specific policy work undertaken within the Economy and Society Resilience team. An example of one of those initiatives will be to lead aspects of NCSC’s input into the Home Office’s Cyber Duty to Protect programme for online service providers.  

The post may also take on some work looking at future technology and policy challenges that may be encountered by the Economy and Society Resilience team as we seek to build greater cyber resilience in our sectors over the next 5-10 years. 

The post holder will need to coordinate and deconflict across multiple NCSC teams and directorates and as such the successful candidate should be comfortable operating independently and taking responsibility for delivering against specific objectives and key results within the Economy and Society Business Plan.    

We are looking for candidates who are enthusiastic, proactive, organised team players who can comfortably engage with a wide variety of external and internal stakeholders. We are looking for candidates with experience of policy development or delivery and must be comfortable managing relationships both internally and externally. The applicant should be willing to represent NCSC externally, including attending meetings with industry stakeholders. 

The role is not technical and previous cyber security experience is not essential, however there may be an opportunity to use relevant technical skills and knowledge in the role and to more broadly support the NCSC’s objectives. The NCSC’s Cyber Security Development Framework is available to support colleagues’ development and informal learning via colleagues also provides a proven route to cyber literacy. 

The successful applicant will need to have: 

The responsibilities of the role will include: 

• Ensuring the principles of Equality, Diversity and Inclusion are included in every action undertaken. 
• Delivering against the NCSC business plan and taking ownership of a number of key activities related to cross-government initiatives to enhance the cyber resilience of the UK’s economy and society.   
• Measuring and reporting progress against qualitative and quantitative key results to demonstrate the impact of the team’s work. 
• Working closely with other colleagues from across NCSC to ensure your work maximizes impact and efficiency across the department.
• Writing and delivering presentations, reports and briefings as required.
• Efficiently recording external engagements in the NCSC’s Customer Relationship Management System and Internal systems.
• Representing the NCSC externally at a range of different meetings and events.
• Assisting the wider team as appropriate depending on priorities.
• Working with colleagues in E&S, across the wider Resilience Directorate and across the NCSC to develop cyber security guidance, products and services and promote them through partners as appropriate.

The scope of these responsibilities may be subject to change as the work of the team evolves to meet the requirements of HMG’s National Cyber Strategy and the NCSC’s Business Plan. 

GCHQ Competency Requirements

• Communication and Knowledge sharing    – Intermediate 
• Corporate Vision and Efficiency   – Intermediate 
• Change and Innovation   – Intermediate
• Analysis and Decision Making – Higher
• Contribution to Delivery   – Higher
• Managing the Customer Relationship – Higher
• Working with and Leading Others – Higher

You can familiarise yourself with the general competencies we use to assess the aptitude of candidates here – Recruitment Process

At NCSC and GCHQ, we are proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes.  As an organisation that values and nurtures talent, we are committed to helping you fulfil your potential.  With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we will enable you to flourish in your role and perform to the very best of your abilities.

You’ll receive a starting salary of £45,676 plus an annual National Security Payment of £2428, subject to mandatory training. A London Allowance of £6,250 is applicable for London contracted employees.  

Other benefits: 

• 25 Days Annual Leave automatically rising to 30 days after 5 years’ service, and an additional 10.5 days public and privilege holidays 
• An environment with flexible working options 
• Opportunities to be recognised through our employee performance scheme. 
• Interest-free season ticket loan 
• Cycle to work scheme
• Facilities such as a gym, restaurant and on-site coffee bars (at some locations)
• Paid parental and adoption leave.
• A Civil Service pension with an average employer contribution of 27%

Cheltenham, London, Manchester

At GCHQ, we unlock the complex world of data and communications to keep the UK and its citizens safe, both in the real world and online. Working closely with our British Intelligence partners in MI5 and MI6, we protect the UK from threats including serious organised crime, terrorism, and cyber-attacks. A role in GCHQ means you’ll have varied and fascinating work in a supportive and encouraging environment that puts the emphasis on teamwork.

The National Cyber Security Centre (NCSC), part of GCHQ, is the UK Government’s lead authority on cyber security. The organisation is at the heart of the Government’s cyber security strategy and has the aim of making the UK the safest place to live and work online.    

This is an exciting opportunity to play a leading role in building Defend As One communities across UK Government in support of the Government Cyber Security Strategy. 

Based in NCSC’s Incident Management team, the role will work with new and existing communities around the UK to share incident management and cyber security operations knowledge to develop maturity and autonomy across government. 

This role will deliver to the Defend As One ‘pillar’ of the Government Cyber Security Strategy. Defend As One aims to develop communities across government that are empowered to detect and respond to cyber incidents by facilitating the sharing of skills, experience, best practice and maturity. 

The successful candidate will operate as an NCSC representative, performing an enabling role to bring communities together and to work with them to develop good practice by sharing skills and experience both laterally and outwardly from NCSC. 

The successful candidate will act as a hinge into communities, both mature and developing, to pinpoint and develop opportunities for NCSC to foster capabilities within them to identify, analyse, prioritise and respond to incidents with increased autonomy and agility. They will guide Incident Management Response practices to build maturity, act as an interlocutor to join NCSC products and outputs with communities across government and identify and lead collaboration opportunities. 

This post will manage a ‘community of communities’ and facilitate the development of skills and good practice within them, enable them to learn from each other, share laterally, and identify opportunities for NCSC to better support them to operate autonomously and at scale. 

These opportunities will exploit NCSC’s unique position to add value in a scalable way. This will begin with tactical or pilot initiatives, but the lessons learned will see the role define NCSC strategies for contributing in a sustainable way. Skills, tradecraft, process, threat intelligence, Active Cyber Defence projects, sources of tips and NCSC wisdom are all in scope. 

The successful candidate will deliver to NCSC’s Incident Management Strategy and the Government Cyber Security Strategy and will define and deliver a workstream of tactical and strategic initiatives to achieve scaled impact across government. 

To apply for this role, you will already need to hold a valid DV clearance. 

The ideal applicant should be able to demonstrate strong evidence of leadership within a cybersecurity community. Experience of  Cyber Security Operations Centre (SOC) operations and/or Incident Management/Response processes at large/multi organisation scale and best practice is essential for the role. They will be able to demonstrate a foundational knowledge of cyber security principals and an aptitude for identifying and applying relevant skills and knowledge to achieve impact. 

This role requires strong representation skills, in particular the ability to work with customers to positively influence good cybersecurity practices. The successful candidate must be confident leading sessions with a wide range and size of audiences. Travel to meet with key communities will be encouraged. 

Incident Management, or other Cyber security related technical skills would be valued, however they are not a prerequisite for the role.  

GCHQ Competency Requirements 

• Communication and Knowledge sharing    – Higher 
• Corporate Vision and Efficiency   -Intermediate 
• Change and Innovation   – Intermediate 
• Analysis and Decision Making – Intermediate
• Contribution to Delivery   – Higher
• Managing the Customer Relationship   – Higher
• Working with and Leading Others – Higher

You can familiarise yourself with the general competencies we use to assess the aptitude of candidates here – Recruitment Process 

At NCSC and GCHQ, we are proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes.  As an organisation that values and nurtures talent, we are committed to helping you fulfil your potential.  With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we will enable you to flourish in your role and perform to the very best of your abilities.

You’ll receive a starting salary of £45,676 plus an annual National Security Payment of £2,428, subject to mandatory training.  A London Allowance of £6,250 is applicable for London contracted employees.  

Other benefits: 

• 25 Days Annual Leave automatically rising to 30 days after 5 years’ service, and an additional 10.5 days public and privilege holidays
• An environment with flexible working options
• Opportunities to be recognised through our employee performance scheme.
• Interest-free season ticket loan
• Cycle to work scheme
• Facilities such as a gym, restaurant and on-site coffee bars (at some locations)
• Paid parental and adoption leave.
• A Civil Service pension with an average employer contribution of 27%

National

This role sits within UKHSAs award winning Commercial Directorate, which played a critical role during the COVID-19 pandemic. Truly dynamic, our teams operate at significant pace in a commercially complex environment to procure a diverse range of goods and services in a highly competitive global market. UKHSAs Commercial teams continue to play a central role in priority activity, supporting the response to health threats such as Mpox (Monkeypox) and Strep A as they occur, and ensuring a resilient infrastructure to secure the UK in the strongest position.

Location: National – Flexible Working

Please be aware that this role can only be worked from within the UK and not overseas. Relocation expenses are not available

The UK Health Security Agency (UKHSA) offers hybrid working this means that whilst the role will be based in one of our offices, there will be opportunities for an element of working from home. UKHSA have office locations across the UK. This role can be based at one of our UKHSA offices/locations: some examples of our Locations are the following (Leeds, Manchester, London, Cardiff, Bristol, Nottingham, Liverpool, Gloucester, Newcastle, Birmingham and Glasgow) with opportunities for an element of working from home. You will be asked to express a location preference during the application process. The balance between home and workplace working is to be agreed with the line manager, determined primarily by business needs and in line with departmental policy.

As part of the Data, Insights and Systems team within the Commercial function, this key role is responsible for the management of commercial data and reporting. Advocating a self-serve approach to commercial data products, co-ordinating regular reporting commitments and presenting to senior stakeholders will be key elements of this role.

The expectation is that the successful candidate will develop reports, maintain existing business intelligence dashboards, undertake analysis and provide insights using tools such as MS Excel, Power BI and Atamis (Health Family eCommercial System). In addition, you will support the delivery of projects and continuous improvement initiatives in Commercial that enhance the data maturity of the function.

Your role will also involve identifying and interpreting trends or patterns to improve data accuracy and operational performance, ensuring that these improvements are reflected and monitored in reporting.

You will be expected to work as part of a high-functioning team in delivering data products and ad-hoc reporting requests for stakeholders across UKHSA, central government and liaise with other government bodies on commercial data best practise. You will be working in a fast-paced commercial environment providing key management information to drive effective decision- making and strategy. You will be a self-starter, comfortable working on change and transformation.

The Commercial Insights and Data Manager will have a range of responsibilities including but not limited to:

• Support the Commercial Insights and Data Lead on: Recurring BAU reporting of commercial data and performance; Dealing with urgent and sometimes complex data queries delivered to tight timescales; Responding to other requests such as Commercial Senior Leadership Team requests, ministerial requests, Freedom of Information requests and requests from other government departments.
• Drive continuous improvements in the way the Commercial function inputs, processes and utilises data.
• Drive efficiency and accuracy for internal and external commercial reporting.
• Develop relationships with a range of internal and external stakeholders to maximise opportunities to collaborate on best practice and improve capability.

Essential

It is important through your application and Statement of Suitability of no more than 500 words that you give evidence and examples of proven experience of each of the following criteria:

• Advanced MS Excel.
• Experience working in an Analyst/Data Analytics role, including preparing and presenting data to senior stakeholders.
• Business Analysis capabilities including requirements gathering and structured approach to problem-solving.
• Pro-active individual to lead and deliver on projects and drive workstream forward.
• Ability to manage stakeholders effectively and communicate insights through data, strong analytical skills with attention to detail, and experience in analysing data from multiple sources.
• Ability to effectively communicate complex data details into business language and display excellent stakeholder management skills.

Desirable

• Experience working in a Procurement/Commercial environment.
• Experience using data visualisation tools (Power BI, Tableau).
• Public sector experience.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%
• Range of health and wellbeing support

Any move to UKHSA from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at Childcare Choices , 30 Hours Free Childcare, Tax-Free Childcare and More , Help with Costs , GOV.UK

Manchester – Soapworks

The role of the tier 1 analyst is to collect and analyse security event data arising from activity across the organisation, tune and improve rules generating security alerts, and follow up by investigating indicators of potentially malicious activity, escalating incidents or initiating responses.

This is an exciting opportunity to join a team that is responsible for defending the Home Office from cyber-attacks and defending against cyber threats.  The Cyber Security Operations Centre (CSOC) uses cutting edge technologies and as a Tier 1 analyst you will apply a detail orientated approach to investigations and help manage incidents. Working with a highly motivated team you will gain experience from trained cyber professionals in an environment that will nurture your talent and train you to realise your true potential.

The first duty of the government is to keep citizens safe and the country secure. The Home Office has been at the front line of this effort since 1782. As such, we play a fundamental role in maintaining the security and economic prosperity of the UK.

The Home Office leads on immigration and passports, refugee protection, counter-terrorism, policing, fire services, and crime and drugs policy.
Digital Data and Technology (DDaT) enables the Home Office to keep the UK safe and secure. We design and build the services that help people apply for visas or passports; support policing and counter-terrorism operations; and protect the UK’s borders.

This is an exciting time to be at the Home Office. You’ll have a chance to shape the future and support our mission to deliver exceptional public services that work for everyone.

Our work is guided by these principles:

• we put user needs first
• we value delivery and outcomes over process
• we work in the open

Our flexible working policy ensures a healthy work-life balance. We also nurture talent and offer a broad range of learning and development opportunities that will help you flourish in your role.

We work hard to maintain a positive working culture and are committed to helping you fulfil your potential. We value diversity and provide an open, inclusive and supportive environment to help you do your best work.

You can keep up-to-date with our work on the Home Office DDaT blog.

Responsibilities

Your main day-to-day responsibilities will be:

• Use new and emerging technologies, products, services, methods and techniques. Help to assess their relevance and the potential impacts (both threats and opportunities) upon the business, performance or sustainability. Understand emerging technologies and their impact.
• Work with colleagues across government on increasing knowledge of common approaches utilising specialist security tooling to perform assessments and to validate system configuration.
• Support the HOCS strategy to enhance monitoring in line with requirements, policies and standards to govern all activities and outputs. Help teams to understand how Home Office protective security measures can be applied to reduce vulnerability exposure
• Monitor, triage and investigate security alerts on protective monitoring platforms to identify security incidents and aid analysis of security event data to support the response, reporting or escalating where appropriate
• Support design and development of automated monitoring processes, using a variety of the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity, help to ensure continuous improvement through dashboard monitoring or retrospective assessment.
• Continuously seek to identify potential service and process improvements, working to increase your knowledge of industry best practices, good judgment and problem-solving skills to execute security operations and investigations

 Note: An employee may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training.

Other day to day activities

You will also be expected to carry out the following day to day activities:

• Help to process incident communications to include initial reporting, follow-ups, requests for information, and resolution activity. Record lessons learnt and improve existing processes and procedures
• Work as part of a team to perform deep-dive incident analysis and determine if critical systems or data sets have been impacted
• Analyse information from a range of internal and external sources, including the Cyber Security information Sharing Partnership (CiSP) and National Cyber Security Centre (NCSC)
• Provide support for new analytic methods for detecting threats
• Research and gather intelligence on external threats to the Home Office, using the appropriate tools and collaborate with other threat operations teams.
• Assist in conducting identification of internal threats and vulnerabilities and support ongoing digital risk & intelligence processes
• Support research into specific areas of interest to the Home Office regarding strategic threats, vulnerability and risk as directed
• Work collaboratively with colleagues, gaining knowledge on adversary tactics, techniques and procedures and identified Indicators of Compromise (IoCs)
• Keep up to date with the latest cyber security standards and guidance issued
• Contribute to the continuous development of policies, processes and standards.

Note: The post-holder may be required to carry out other duties within the scope of the grade and within the limits of their skill, competence and training.

Essential Skills

You’ll have a demonstrable passion for Cyber security with the following skills or some experience in:

Strategy and Architecture:

• Advice and Guidance
  • Specialist Advice (TECH) – Level 4
  • Delivery and Operation

• Service Management
  • Incident Management (USUP) – Level 4
  • Problem Management (PBMG) – Level 3

• Security Services
  • Security Operations (SCAD) – Level 3

Development and Implementation

• Content Management
  • Knowledge Management (KNOW) – Level 3

People and Skills

• People Management
  • Performance Management (PEMT) – Level 4

The skills listed above are reflective of the Home Office DDaT Profession Skills and Competency Model (based on the industry standard SFIA framework).

Essential Criteria

Please see below for the relevant skills required for your role:

• Some existing knowledge in a related information security, cyber security or information assurance discipline, with experience in information and/or cyber security threat and risk analysis
• Understanding of common tools deployed in enterprise organisations to detect malicious cyber attacks, including Security Information and Event Management (SIEM), end point protection and host/network detection systems
• Knowledge of common cyber security threats, vulnerabilities and exploitation tactics
• Understand and can apply the basic principles behind effective cyber security, threat intelligence, vulnerability identification and cyber risk analysis
• Is highly analytical and can assimilate complex information from multiple data sources and use it to provide accurate insights that support effective risk decision-making
• Applies rigour, has good attention to detail and adopts an evidence-based approach when analysing information to ensure that conclusions and insights gleaned are valid and based on fact
• Is able to undertake research and perform analysis with minimal supervision, but can also work as part of a wider team when engaged on research and analysis tasks
• Is able to work flexibly and proactively in delivering your outputs, often balancing several streams of work at any given time
• Has excellent communication skills, verbal and written, and a good understanding of the use of different methods or styles for delivering information
• Is familiar with key threat intelligence feeds and sources (e.g. NCSC, CiSP etc.)
• Is able to identify best practice and use it to contribute to the ongoing continuous improvement of existing processes and ways of working

Desirable Criteria

Ideally you will also have the following skills or some experience in:

• Working in a ‘Security Operations Centre’ environment
• Building strong partnerships with peers across the technology organisation and navigating the complex landscape of technologies, 3rd party suppliers, internal and cross-government teams
• Communicating in a verbal and written manner, and a good understanding of the use of different channels and formats for different audiences
• Experience of producing high-quality outputs such as reports, process documentation and templates in a timely manner and in a language that is suitable for the intended audience
• Knowledge of cyber risk and controls frameworks
• Experience in vulnerability research, malware analysis and exploit investigation
• Knowledge of common threat analysis models and framework.

We’ll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Delivering at Pace
• Changing and Improving
• Working Together

We only ask for evidence of these behaviours on your application form:

• Making Effective Decisions

We’ll assess you against these technical skills during the selection process:

• Incident Management (USUP)
• Security Operations (SCAD)

• An in-year performance bonus scheme.
• A Civil Service pension with employer contribution rates of between 26.6% and 30.3%, depending upon salary.
• 25 days annual leave on appointment, plus 8 days public holidays and 1 day for the King’s Birthday, rising further with service.
• Flexible working options to enable you to achieve the work life balance that right for you including part-time, flexi time and job sharing.
• Training and development opportunities tailored to your role.
• A culture encouraging inclusion and diversity.
• Season ticket loans and rental deposit loans.
• Cycle to work and payroll giving.
• Employee discounts – including a huge number of retailers, Microsoft Home Use programme and gym membership.
• A variety of staff recognition schemes including thank you vouchers.
• Health and wellbeing initiatives including monthly mindfulness sessions.
• Staff support networks.
• Maternity, adoption or shared parental leave of up to 26 weeks full pay followed by 13 weeks of statutory pay and a further 13 weeks unpaid.
• Maternity and adoption support leave (paternity leave) of 2 weeks full pay.
• Up to five days paid leave for volunteering.
• Study leave and support for studying for a qualification or other accredited development relevant to your role. 

Yon can find more information at Benefits – Home Office Careers

Leeds, Yorkshire and the Humber, LS1 4AP : Telford, West Midlands (England), TF3 4NT

At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve. 

We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.

See what it’s like to work at HMRC: find out more about us or ask our colleagues a question. Questions relating to an individual application must be emailed as detailed later in this advert.

Primarily working within the Investigation and Response element of Cyber Security Incident Management team, you’ll get to investigate and respond to cyber security incidents across HMRC.

This is varied, interesting and vital work so if you’re looking for a new challenge, putting your experience and skills to the test, we’d love to hear from you.

We are recruiting for 2 vacancies, with one to be located in Leeds and one in Telford.

The Incident Management Team are the front-line operational arm of the HMRC Cyber Security Team, responsible for protecting the confidentiality, integrity and availability of HMRC online services and data assets. The team and the successful individual undertake the following 3 core activities:

-Detect and Identify

-Prepare to Respond

-Response and Remediation

The Detect and Identify function of the Incident Management Team consists of monitoring, analysis and triage activities. The successful candidate will use technical tools to check and maintain the health of the HMRC online services and user devices. Analysis of big data sets is undertaken to identify suspicious or malicious activities which is triaged before lower level investigation and response activities can take place.

The Investigation & Response function of the Incident Management Team look to investigate, contain, remediate and prevent future re-occurrence of identified malicious traffic or incidents.

The team includes Apprentices, Fast-streamers and Industrial Placements (on a sandwich year from university) as well as established analysts.

The “Senior Cyber Security Analyst” will predominantly undertake the core roles and functions of the Investigation and Response Team.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check.

Responsibilities include:

• Continual real-time monitoring of the HMRC’s Security Platforms such as SIEMs, EDR and IDS.
• Ensure the prompt analysis of anomaly detection tools to help identify security breaches, cyberattacks, and reporting activity.
• Progressive maintenance and improvement of CST SIEM dashboards.
• Build procedures to ensure all aspects of incident response, digital forensics and malware analysis are carried out in secure manner and comply with statutory guidelines.
• Exercise, tune and innovate security incident playbooks/standard operating processes
• Taking ownership of CST’s cases and following CST tickets to full resolution state – in line with CST procedures.
• Collaborative working with external suppliers.
• Perform analysis and forensics on computer/network artefacts and malware samples to assess the impact of an incident, document attack capabilities, understand propagation characteristics and define signatures for detecting its presence.
• Direct and coordinate analysts’ work and provide expert technical support
• Manage the performance and development of cyber security staff
• Deputise as Incident Response Coordinator 

Essential Criteria:

• Experience of using a variety of analytical tools to identify security compromises within large amounts of complex data
• Experience of analysing large datasets to find unusual system and user behaviours
• Knowledge of multiple technical environments, including but not limited to, cloud, networking, operating systems, databases
• Exposure to cyber security, including knowledge and experience of the breadth of threat actors and depth of threat vectors available
• Knowledge of using digital forensic and malware analysis tools, whether that be commercial products or open source
• A understanding of the structures underpinning corporate IT systems and how these structures can be compromised and exploited
• Proven understanding of security monitoring, intrusion detection, prevention and control systems including firewalls, anti-virus, web proxies.
• Experience or understanding of security incident management frameworks and their practical application during an incident

Desirable Qualifications:

Degree majoring or including Cyber Security / Digital Forensics

We’ll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Changing and Improving

We’ll assess you against these technical skills during the selection process:

• Cyber Security Analysis

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

Team members that are moving offices as a result of the Locations Programme will be entitled to a Moves Adjustment Payment for three years where they incur additional costs. This is calculated based on the difference between the costs of travelling to and from the new and old office, over a weekly period. You will get more detail on this as part of targeted locations move communications.

Find more about HMRC benefits in ‘Your little extras and big benefits handbook’ for further information or visit Thinking of joining the Civil Service.

Bicester – C-Site, LSOC Bicester, Lower Arncott, Oxon, OX251NZ Kineton – DM Kineton, Marlborough Barracks, Temple Herdewyke, Nr Southam, CV472UL Ashchurch – DE&S Ashchurch, Tewksbury, GL208LZ RAF Henlow (Until Qtr 3 2025) RAF Henlow, Henlow camp, Bedfordshire, SG166DN

The Challenge

Do you want to join the Governments Security team of the year and be part of our Gold Standard security service?

We are looking to recruit an Area Operations Manager (AOM) to join our team. We owe our success to the efficiency of our organisational processes. To help maintain and grow this standard we are seeking an AOM to coordinate daily activities. You will be in charge of providing inspired leadership to your team, as well as encouraging and developing innovation, initiative, and creative thinking by MGS officers across your geographical Area of Responsibility (AOR) so that continuous improvement is embedded. We are also looking for someone who can deliver strong financial performance, implement and conduct audit and assurance procedures and outstanding levels of customer service across the board. You will also promote our culture of equality, fairness and inclusiveness.

Part of the role will be visiting other sites, which may include overnight stays.

We employ approximately 4,900 staff from a very diverse range of professions, and we work across the world; in Germany, Cyprus and the Falkland Islands, Norway, Poland, Kenya, Belize, Nepal and Oman.

You can view our YouTube video to see more about our work 

As the Area Operations Manager for MGS Area 19, you will have 5 Operational Managers (EO’s) as direct reports, assisting you with the operational requirements at the Units where MGS Security Officers are based within this geographical area of the country.  You will lead in all aspects of operational delivery for your AOR ensuring the required security tasking is delivered to our customers.

The AOM is responsible for;

• Maintaining an appropriate level of visibility within their AOR and implement good communication regimes.
• Deal promptly with complaints and HR casework, ensuring all Operational Managers (OMs) are following MOD Policy in taking care of absence, recruitment, complaints and misconduct.
• On an annual basis, review and authorise unit Joint Business Agreements (JBAs) and Rosters within AOR.
• Ensuring that accurate and efficient use is made of the Department’s resources by implementing and conducting an effective system of audit and assurance including the accuracy of performance and output returns
• Ensuring service delivery is maintained at agreed levels and provide regular assurance to the Regional Manager by communicating with OMs and reviewing the information entered on the Performance and Operational Reporting Tool (PORT) and operational output returns.
• Maintaining operational output returns and continual maintenance of the Multi Tracking Tool (MTT) on a weekly/monthly basis.
• Ensuring effective Employee Relations within AOR, engaging, and working with the recognised Trades Unions, involving, and consulting with them as appropriate.

Desirable Experience & Skills

Line Management experience

Full UK Driving Licence required to attend meetings and routine unit visits, some of which are remote from public transport links.

We’ll assess you against these behaviours during the selection process:

• Leadership
• Making Effective Decisions
• Changing and Improving
• Delivering at Pace
• Communicating and Influencing

We only ask for evidence of these behaviours on your application form:

• Leadership
• Making Effective Decisions
• Changing and Improving

We enable our people to work at the right place, with the right people, at the right time.

We believe that if we look after our people, they will be passionate about delivering great things for our customers.

We understand the importance of life outside of work and our industry leading flexible working practices, digital technology and modern workspaces will give you the opportunity to enjoy a healthy work-life balance.

The MOD Discover My Benefits page lists the full set of benefits. Some of the many benefits you will receive include:

• A Civil Service pension with an average employer contribution of 27%
• Free Uniform
• 25 days annual leave rising (1 day per year) to 30 days upon completion of 5 years’ service
• Ability to roll over up to 10 days annual leave per year
• Minimum of 15 Days Special Leave in a rolling 12-month period to for volunteer military or emergency service reserve commitments
• Special Paid Leave for volunteering up to 6 days a year
• Enhanced maternity, paternity and adoption leave
• Employee Assistance Programme to support your wellbeing
• Most sites have good travel links with free car parking; many also have other facilities such as a Sports & Social Club, Gym and / or site shops

This post does not offer any assistance with relocation allowances.
Please be advised the department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts.

Learning & Development

• Professional and Personal Development of skills
• Access to thousands of training courses through Civil Service Learning, some free or paid by DIO
• Ability to obtain industry recognised qualifications supported by DIO

Employment Hours

The Ministry of Defence offers a range of flexibilities to enable a better work-life balance for employees. Flexible working, Job Share and Part-Time working patterns will be considered.

DIO is passionate about ensuring that we are a top performing organisation and a great place to work. We host a diverse range of talent where everyone feels valued and supported enabling our people to thrive, bring greater creativity and innovation to achieve higher organisational performance. We are committed to be an equal opportunities employer and creating a culture where everyone can bring their whole self to work and individuality is truly appreciated.

This culture of inclusion is underpinned by our 6 staff networks covering Disability, Faith and Belief, Gender Equality, LGBTQI+, Race, Social Mobility and 3 networks dealing with employee wellbeing and support: Speak Safe Volunteers, Mental Health First Aiders and Equality, Diversity and Inclusion Advisers.

Our staff, future and current will be guided by the 4 Cs and we encourage you to be curious and continuously strive for improvement, collaborative in an inclusive culture, ambitious and resilient and committed to Defence, empowered and able to challenge so you can play a key part in shaping the direction of our organisation.

DIO commits to offer its employees the following experience:

• Meaningful, purposeful work
• The ability to learn and grow
• The right opportunities and resources
• To care about your wellbeing
• To feel valued and included

About DIO

The Defence Infrastructure Organisation (DIO) is the estate expert for Defence, supporting the armed forces to enable military capability by planning, building, maintaining, and servicing infrastructure.

Our responsibilities include:

• Plan and deliver major capital projects and lifecycle refurbishment
• Provide utilities services
• Manage soft facilities management (i.e. cleaning and catering)
• Provide a safe place to train
• Allocate Service Families Accommodation
• Procure and manage routine maintenance and reactive repair
• Provide a central register of asset information to advise infrastructure planning
• Act as steward of the Defence estate
• Provide the unarmed guarding service

Whitehall, London

We are looking for dedicated team players with an aptitude for all-source analysis and assessment to join the JIO’s Assessments Staff.

You will be capable of producing high-quality assessment to tight deadlines, with a track record of working closely with senior customers and subject matter experts. This is an exciting opportunity to work at the centre of HMG’s national security machinery, helping to inform the UK’s response to priority national and international issues.

Those successful in this campaign will be posted to one of our assessment teams that together cover the whole of the JIO’s national security remit. We currently have vacancies within the following teams:

• Russia and FSU

• Science and Technology

• China

• Weapons and Counter Proliferation

• Middle East

• Hostile State Activity

Whilst we may ask for a preference during the recruitment process (and will try to meet them where possible), you should note that you could be posted to an assessment role dealing with any area of national security interest; posting will be determined based on business priorities and your aptitude, skill and experience.

About the JIO

The Joint Intelligence Organisation (JIO) primarily supports the Joint Intelligence Committee (JIC) and the National Security Council, the Prime Minister and other key decision-makers by providing authoritative, robust all-source intelligence assessment on a vast range of national security and foreign policy priorities.

Our work covers, and goes beyond, ‘traditional’ national security topics such as geopolitical issues and threats to British interests. We apply a national security lens to issues such as emerging technology, economic and health security, climate change and horizon scanning (for example, identifying and monitoring countries at risk of instability).

You can read more about working for the JIO in the information pack attached at the bottom of this advert.

The Role

You and your team will produce all-source strategic assessments that help to inform a range of policy decisions. Working closely with other experts across HMG, JIO’s role is to present a single, agreed view on HMG priority issues, as well as writing intelligence highlights for the Prime Minister. 

The successful candidate will need to be prepared to work flexibly during a crisis to support teams in wider JIO as required. 

If your application is successful, you will:

• Analyse information from a range of sources to produce timely, robust and policy-relevant assessments, supporting your team colleagues to do the same.
• Take the lead in authoring a variety of short- and long-form products read by senior customers, including the Prime Minister.
• Develop your subject-matter expertise, including an understanding of policy requirements, emerging trends, and relevant strategic context.
• Establish strong working relationships with HMG stakeholders, customers and international allies. You will also be encouraged to consult academic, think-tank and private sector analysis.
• Routinely use structured analytical techniques in your own work, and facilitate multi-agency and international workshops, including ‘challenge’ sessions.
• Contribute to your team’s wider work or to other JIO work, both to support colleagues and for your own development. You may occasionally be asked to support crisis working or work unsociable hours, often with little or no notice.

Skills and Experience Required

The successful candidate will:

• Be a proactive self-starter, experienced in producing evidence-based assessment for a senior audience. If you have a desire to learn, then we will invest in you to develop your skills and expertise;
• Have experience in gathering and analysing information from diverse sources;
• Be organised, able to work across several different work strands at any given time;
• Have excellent interpersonal skills and be a team player, able to develop and manage close working relationships with colleagues across organisational boundaries, leveraging your network to deliver;
• Have experience of having worked either in an all-source assessment role or on political or security issues;
• Have strong written and oral communication skills. This includes excellent drafting skills and the ability to draw key conclusions from a large volume of (sometimes conflicting) evidence.

Desirable Skills

• Experience of assessment work or relevant subject matter expertise;
• Experience of using structured analytical techniques and methodologies.

We invest in upskilling our team members to enable them to thrive once they start working with us. As such, if you don’t quite match these desirable skills, don’t let it put you off applying as we will equip the successful candidate with them once you are in post. The application process will seek to gauge potential just as much as current performance.

We’ll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Delivering at Pace
• Seeing the Big Picture

We’ll assess you against these technical skills during the selection process:

• Written and Visual Communication of Intelligence Assessment (Proficient)
• Co-Operation, Co-Ordination and Challenge (Proficient)
• Informing Decision Making (Proficient)

National – Flexible Working

This position sits within the Market Engagement, Insight and Resilience team, the team that leads external engagement, market intelligence, insights and resilience activities for UKHSA.

We work across Commercial and the wider business to lead on external commercial engagement, market scanning and building resilience in our relationships. Our work ranges from creating and inputting on events and engagement plans, industry strategies and policy, intelligence and many other activities. It is a varied and exciting area, involved across UKHSA.

Location: National – Flexible Working

The UK Health Security Agency (UKHSA) offers hybrid working this means that whilst the role will be based in one of our offices, there will be opportunities for an element of working from home. UKHSA have office locations across the UK. This role can be based at one of our UKHSA offices/locations: some examples of our Locations are the following (Leeds, Manchester, London, Cardiff, Bristol, Nottingham, Liverpool, Gloucester, Newcastle, Birmingham and Glasgow) with opportunities for an element of working from home. You will be asked to express a location preference during the application process. The balance between home and workplace working is to be agreed with the line manager, determined primarily by business needs and in line with departmental policy.

Please be aware that this role can only be worked from within the UK and not overseas. Relocation expenses are not available.

As a Market Intelligence and Insights Manager you will be a key part of a wider team, providing commercial support to a range of activities. Your role will involve the overseeing of the commercial market intelligence and insights function. You will lead this function and oversee 2 Market Insight Officers (HEO grade).

You will work to help create and maintain a robust market insight function within the team, that will feed into UKHSA Commercial and the wider business.

This includes gathering intelligence from multiple sources and the analysis of this, subsequently providing insights across the business and inputting into strategies, projects, and programmes of work. This will involve regular interaction across Commercial and other functions, for business as usual insights and responding to commissions. In addition, you will work across the wider engagement and resilience functions within the team and help to shape these.

You will feed in insights and intelligence from your team to the Market Engagement Lead and advise on the industry engagement strategy and planning where appropriate. You will also work across the resilience team to share on insights and intelligence where necessary to develop our resilience planning. This is a great opportunity to shape and build the function as you run it!

Working Pattern: Full Time, Part Time, Flexible Working, Homeworking.

The Market Intelligence and Insights Manager will have a range of responsibilities including but not limited to:

• Overseeing the Market Intelligence function. This will include shaping and improving it, alongside the day to day running of it.
• Providing support and leadership to the team to deliver a robust market intelligence function.
• Building and maintaining close relationships within the Commercial function and the wider business in order to gather and disseminate insights and to shape strategies and programme plans as required.
• Leading on the business as usual work, including but not limited to regular reporting of our suppliers and markets, specific intelligence/insight reports for potential projects and feeding into commercial, category and wider strategies as appropriate.
• Leading on responding to commissions for specific market intelligence gathering in response to specifications from the wider business, working closely with Science and Category colleagues to understand the market.
• Creating and managing RFIs (Request for Information) /PINs (Prior Invitation Notice) and EOIs (Expression of Interest) as required.
• Working with wider colleagues on subsequent engagement activities within industry.
• Utilising research and external intelligence platforms, working across the business and working cross-departmentally to share and feed in relevant insights.
• Supporting on the facilitation and running of a UKHSA Market Insights working group
• Supporting the Market Engagement function within the team, including providing responses to enquiries from UKHSA customers, suppliers and partners to navigate engaging activities and signposting upcoming opportunities.
• Shaping and feeding into the Resilience function within the team as required.

Working for the UKHSA

For more information on the UKHSA please visit: UK Health Security Agency – GOV.UK (www.gov.uk)

Any move to UKHSA from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at Childcare Choices , 30 Hours Free Childcare, Tax-Free Childcare and More , Help with Costs , GOV.UK

Essential criteria

• Ability to build up strong relationships and to work across the wider business and to deliver through different stakeholder groups.
• Evidence of strong stakeholder management skills.
• Demonstrable research and analysis skills. Previous experience of intelligence gathering and experience of creating and disseminating reports
• Proven experience improving processes and structures in your work.
• Proven experience influencing and/or empowering colleagues or teams.
• Excellent communication skills, verbal and written at all levels.

Desirable criteria

• Experience managing or leading others in some capacity.
• Working towards or having achieved CIPS or a similar qualification.
• Demonstrable knowledge and experience of working in a commercial role.

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Managing a Quality Service
• Communicating and Influencing
• Working Together
• Delivering at Pace

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

City of Westminster, London (region), SW1A 0AA

House of Commons

The House of Commons is a unique and exciting place to work right at the heart of the UK’s thriving democratic system. 

Behind the scenes, the House of Commons Service is made up of more than 3,000 employees who support and facilitate the smooth day to day running of the House. They provide professional services to Members of Parliament, their staff, and the wider parliamentary community.

Introduction

The Parliamentary Security Department (PSD) is responsible for physical and personnel security across both Houses of Parliament and provides support to Members and staff when away from the Estate. Its purpose is to keep Parliament safe and open for business.   

This is a fixed term role for 24 Months, with potential for extension and/or move to permanent.

The Security Information and Risk Analysis Service (SIRAS) is a new team which will receive, store, analyse and disseminate information about threats to MPs and wider Parliament, and use this information to drive structured and bespoke risk analyses on the risks to Parliament and its people.

The post holder will be responsible for building and maintaining information collection relationships within Parliament, wider government and with other partners.

Some of the responsibilities include:

• Responsible for the effective, timely and compliant collection and analysis of information and threat reporting from within Parliament, wider government, and other partners
• Build and manage relationships with Government Departments and other partners to identify information about threats to MPs and wider Parliament. Analyse the information received, and form strategies on the collection of further information to fill gaps in our understanding of risk
• Work with the Police, wider Parliamentary Security Department and/or Parliamentary Digital Service (PDS), to respond to incidents in an appropriate manner. Track how incidents are being managed
• Ensure collected incident information is collated and prepared in a timely and effective manner for risk assessment processes

To be successful in this role you will demonstrate:

• Experience of working in a security-related discipline is desirable. Experience in the field of physical, cyber or personnel security will be helpful to understand and contextualise the nature of these incidents and to offer advice and support where appropriate
• You will have experience of building new and manage existing relationships. Experience of successful partnership working, effective relationship management, and visible compromise and collaboration will be important in this role
• You will have a strong focus on compliance and a clear sense of discretion with an ability to manage information in line with both legal and reputational considerations
• You will have experience of engaging with a wide range of stakeholders with the ability to communicate clearly, concisely and accurately
• You will have strong organisational skills with the ability to work autonomously on the collection of information and the ability to track, manage and store different flows of information in a proactive and self-starting manner will be beneficial

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%