Security Analyst (Incident Response Lead)

Cabinet Office
Charing Cross, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
£ 75K

Job location

Charing Cross, United Kingdom

Tech stack

Computer Networks
Information Technology

Job description

The Cabinet Office supports the Prime Minister and ensures the effective running of government. It is also the corporate headquarters for government, in partnership with HM Treasury, and takes the lead in certain critical policy areas.

The Cyber Defence team delivers cyber threat intelligence, threat detection and incident response capabilities for the Cabinet Office, and is responsible for defending both internal IT infrastructure and citizen-facing services. As an Incident Response Lead, you'll take a primary role in building and delivering these core capabilities, focusing on managing and responding to incidents.

IMPORTANT: SECURITY VETTING

This role requires SC (Security Check) which will be conducted by the NSV (National Security vetting). You need to have been resident in the UK within the past five years in order to apply. Here is a short video why this is necessary.

https://www.youtube.com/embed/lRit8RA7Zpo?si=CTOlUU2qHk9vbAvX

As an Incident Response Lead, you will:

  • Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents
  • Lead the forensic analysis of systems, files, network traffic and cloud environments
  • Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions
  • Support the wider coordination of cyber incidents
  • Review previous incidents to identify lessons and actions
  • Identify and deliver opportunities for continual improvement of the incident response capability
  • Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities
  • Develop and update internal plans, playbooks and knowledge base articles
  • Act as an escalation point for, and provide coaching and mentoring to, security analysts
  • Be responsible for leadership and line management of security analysts

Requirements

Disability Confident About Disability Confident A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to .

Apply for this position