Defence Digital Cyber Security Analyst

Ministry of Defence

Apply now

Details

Reference number

396255

Salary

£29,580

A regular shift allowance and weekend premiums are applicable to this role. A Market Skills Allowance (MSA) of up to £9k per annum may also be payable.

A Civil Service Pension with an employer contribution of 28.97%

Job grade

Executive Officer

Contract type

Permanent

Business area

MOD - Strategic Command

Type of role

Digital
Information Technology
Security
Other

Working pattern

Full-time, Shift working

Number of jobs available

4

Contents

• Location
• About the job
• Benefits
• Things you need to know
• Apply and further information

Location

MOD Corsham, Westwells Road, Corsham, Wiltshire SN13 9NR

About the job

Job summary

Defence Digital ensures our Armed Forces remain among the most technologically advanced in the world. We do this by putting innovative and effective technology into the hands of over 200,000 users, from the boardroom to the front line.

We lead on cutting-edge data science, automation, and cyber security at scale. Our mission goes beyond the battlefield by leading humanitarian efforts and driving digital innovation that impacts lives across the globe.

Defence Digital forms part of Strategic Command which manages the MOD’s joint capabilities for the Army, RAF, and Royal Navy.

▶ Watch to find out more about what we do.

Passionate about using your skills to make a critical difference? Your next career move could be here.

Within the Global Operations and Security Control Centre (GOSCC), the Security Operations Centres (SOCs) provide a coherent, holistic and coordinated approach to Cyber Defence, underpinning the MOD’s Defensive Cyber Operation and freedom of action in cyberspace.

The Defensive monitoring and incident response elements are responsible for the 24/7/365 detection of, and response to, cyber incidents impacting the MOD’s digital enterprise.

As a Cyber Security Analyst in the SOC team, you’ll be collaborating with cross-functional teams to detect, analyse and respond to potential security incidents, ensuring the protection of our data and information systems.

You’ll identify emerging threats, support implementation of effective security measures and maintain the highest standard of cybersecurity within our organisation. You’ll ensure that the confidentiality, availability and integrity of MODs information and systems are protected from cyber-attacks.

As an analyst, you’ll use tooling, processes and information, from a multitude of sources, to identify, analyse, triage and report cyber events that occur, or might occur, within the network, enabling you to support protecting the information, systems and networks from threats.

Responsibilities

• Monitor, triage and investigate security alerts on protective monitoring platforms, to identify security incidents and perform analysis of security event data.
• Perform security log analysis, event correlation and threat intelligence, using information gathered from a variety of sources; using specified SIEM tooling to proactively identify security risks and incidents.
• Conduct research, analysis and correlation across a variety of source data sets (indications and warnings) and validate intrusion detection system (IDS) alerts against network traffic, using packet analysis tools.
• Support major incident response efforts and lead on incident responses, including containment, investigation, analysis and reporting. Support implementation of the monitoring roadmap, to deliver and enhance monitoring.
• Support the design and development of automated monitoring processes, using a variety of the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity and ensure continuous improvement of detections and processes.
• Deliver operationally focused direction, guidance and advice to team members, providing coaching and mentoring as required.

Person specification

Please ensure that your CV and application demonstrate the essential criteria below:

We would expect to see working knowledge of cyber security principles, associated methodologies and frameworks (such as Mitre ATT&CK), in the context of current cyber threats.

You’ll need to show experience of working in a technical security role and a good understanding of networking fundamentals and security concepts, alongside familiarity with security technologies such as firewalls, endpoint protection, SIEM tooling, Microsoft 365 Security & Compliance features and/or other Cyber Security tooling.

You’ll need:

• An analytical mindset and ability to approach complex problems in a methodical manner.
• Excellent communication skills.
• Ability to prioritise and manage own work without supervision.
• The ability to relay technical information to a non-technical audience and provide concise and accurate reports for senior management.
• An interest in cyber security and the commitment to learn and/or provide network and continuous security monitoring, incident response and utilise security incident and event management (SIEM) tools.

If not held already, you’ll have the opportunity to gain the following, or equivalent, when in post:

• Certified Security Operations Centre Analyst
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Continuous Monitoring Certification (GMON)

If you aren’t already a member of a professional body, we can help you with the following:

• British Computer Society (BCS)
• Institute of Information Security Professionals
• Council for Registered Ethical Security Testers

Additional information

You’ll be key member of a c.5-person team, which operates a shift-based working pattern, providing 24/7/365 operations.

Shifts cover both days and nights and are rostered in blocks of 4 and 5, with equivalent off-shift blocks. All shifts will have mandatory start and finish times, more details can be provided at the interview stage.

These roles are eligible for a regular shift allowance and weekend premiums.

Please note that there may be a requirement to change teams or shifts (with notice), to fulfil operational requirements.

Allowances: A Market Skills Allowance (MSA) of up to £9k per annum may be payable with this post, paid in increments upon reaching the required level of competence.

Normal place of work is MOD Corsham in Wiltshire and dependent on the business need, there may be a requirement to travel within the UK (or potentially occasional overseas visits) for meetings, training or operational reasons.

If not already held, successful candidates will be required to undergo DV clearance.

Please note that this position is open to sole UK Nationals only.

Candidates who are not sole UK nationals or hold dual nationality, on a student visa or have right to reside, are not eligible for these posts. Please contact us prior to applying if you are unsure of your status.

Behaviours

We’ll assess you against these behaviours during the selection process:

• Changing and Improving
• Making Effective Decisions

Technical skills

We’ll assess you against these technical skills during the selection process:

• Cyber Security operations
• Intrusion detection and analysis
• Threat understanding

Benefits

Alongside your salary of £29,580, Ministry of Defence contributes £8,569 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Our benefits include:

• Learning and development tailored to your role with a dedicated minimum of 5 days per year
• 25 days paid annual leave rising (by 1 day per year) to 30 days upon completion of five years’ service
• Ability to roll up to 10 days annual leave per year
• In addition to eight public holidays per year, you will also receive leave for HM The King’s birthday
• A Civil Service pension
• Parental and Adoption Leave
• Discounts on a range of services within and external to the civil service - Defence Discount Service, Civil Service societies for Sports and Leisure, Healthcare, Insurance, Motoring, Company discounts with Virgin, Vodafone, and Microsoft Office.
• In year rewards and ‘thank you’ schemes such as vouchers and gift cards
• A culture encouraging inclusion and diversity
• Find out more here - Discovermybenefits

Equality and Diversity

Defence Digital operates an organisation model in which every individual belongs to a Government Profession. The successful applicant will be posted into one of the defined Government Professions on Standard Terms of Reference for the grade. Defence Digital reserves the right to move individuals between roles, within their allocated profession, to meet the needs of the business and in support of agile resourcing.

Strategic Command is going through a significant transformation programme which aims to improve the way the Command conducts its business and delivers for Defence and the nation. As a consequence of this, all posts within Strategic Command Headquarters and in time the wider organisation, are/will be subject to review and potential changes as we continuously improve across the period of the transformation programme. These changes may be minor or could be more substantive and will generate new opportunities. Throughout, the Command’s transformation programme is committed to following the MOD’s framework on managing and supporting people through the change process and places an emphasis on early and open consultation and engagement with the Command’s personnel and Trade Unions.

Things you need to know

Selection process details

This vacancy is using Success Profiles , and will assess your Behaviours, Experience and Technical skills.

To apply please complete the CV template provided on the CS Jobs dashboard, ensuring it highlights your relevance to the essential criteria listed in the person specification.

It is essential that all applicants provide a personal statement (max. 1250 words), assessed against your responses to the questions listed below.

Each one will be scored 1-7 and make up part of your overall score to assess your suitability to be invited to interview:

1. Describe your working experience of monitoring and incident response, in a cyber or digital services environment.

2. Describe an experience when you have gathered technical information from multiple sources to reach a conclusion, or decision, in the workplace.

3. Tell us about a time you have provided advice, guidance or support to colleagues on operational or working processes.

If we are in receipt of a high number of applications, we will sift the personal statement on the following essential criteria only:

• Describe your working experience of monitoring and incident response, in a cyber or digital services environment.

Interviews

We’ll assess you against these behaviours and technical skills during the interview process:

Behaviours

• Changing and Improving
• Making Effective Decisions

Technical Skills

• Cyber Security operations
• Intrusion detection and analysis
• Threat understanding

The Government Security Profession Career Framework and the aligned Monitoring Associate role used in this vacancy can be found at: Government Security Profession career framework (opens new window)

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting .

See our vetting charter .

People working with government assets must complete baseline personnel security standard checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles .

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Apply and further information

This vacancy is part of the Great Place to Work for Veterans initiative.

Contact point for applicants

Job contact :

• Name :Defence Digital Talent Acquisition Team
• Email :ukstratcomdd-hr-talentacqdel@mod.gov.uk

Recruitment team

• Email :DBSCivPers-ResourcingTeam3@mod.gov.uk

Further information

Please ensure you read the attached candidate information document prior to completing your application. If you are dissatisfied with the service you have received from DBS, or believe that DBS has failed to follow the recruitment process in line with the Civil Service Commission principles of selection for appointment on merit on the basis of Fair and Open competition, you can raise a formal complaint by writing to DBS at the following address: Defence Business Services, Scanning Hub, Room 6124, Tomlinson House, Norcross Lane, Blackpool, FY5 3WP. If after raising your complaint with DBS you remain dissatisfied you can complain directly to the Civil Service Commission at the following address: Civil Service commission, Room G/8, 1 Horse Guards Road, London, SW1A 2HQ Or by email: info@csc.gov.uk.

Job Types: Full-time, Permanent

Pay: £29,580.00 per year

Schedule:

• Monday to Friday

Work Location: On the road