Lead Cyber Security Analyst

This role is being recruiting via Public Sector Resourcing, please ensure you contact them with any questions.

Would you like to be a part of a digital transformation journey and be part of a growing team that is constantly evolving? Do you want to be involved in work that has a meaningful purpose? If yes, then this could be the role for you!, As the head of our new SecOps team, you will report to the Head of Service and Infrastructure within Digital Services. You’ll lead threat detection, response, and IT Health Checks while establishing security standards, policies, and automated monitoring processes.

Working alongside product teams, you will leverage advanced SIEM and network analysis tools to mitigate vulnerabilities. You are responsible for resolving active issues and collaborating with Operations and Development to prevent future risks. This leadership role requires proactive communication with executives, ensuring our infrastructure remains resilient through continuous improvement of our security capabilities and response strategies., * lead monitoring, triaging, and investigation of security alerts on Azure and AWS platforms to identify security incidents

• lead the SecOps team in the design, development and enablement of automated monitoring processes, advising on the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity, while communicating directly with leadership on the progress and status of monitoring
• coordinate the triage and remediation of identified threats using a risk-based approach, working closely with service teams and developers to ensure that appropriate mitigation measures are implemented
• produce regular reporting which delivers insights on security monitoring activities and the impact on cyber security risk
• develop and update internal plans, processes, and knowledge base articles, and define requirements for improving and expanding our security tooling
• support wider Cyber Defence activities, working closely with other teams within the Directorate and Information Security to proactively reduce cyber security threats and vulnerabilities, GCA operates a smarter working model that balances flexibility with collaboration. Successful candidates are expected to spend at least 26 days per quarter (approximately 2 days per week, pro-rata) at their contracted office, another GCA site, or off-site for meetings. For the remainder of the time, you may work from home or another suitable location that meets business needs., * UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Do you have experience in SaaS?, * A track record in cyber security leadership, strategy development and planning in large and complex organisations, with demonstrable technical security knowledge of modern security concepts, principles and technologies for Azure, AWS, and SaaS.

• Experience using SIEM and Cloud provider monitoring tools such as AWS CloudWatch, CloudTrail and GuardDuty, Azure Defender for Cloud and Azure Sentinel for threat monitoring, alerting and response
• Expert knowledge of typical threats and attack vectors with appropriate monitoring and remediation strategies.
• experience using a variety of sources of information to identify, analyse and report on relevant threats and vulnerabilities.
• Developed problem solving skills including addressing complex technical security and process challenges that ensure delivery at pace to an appropriate risk appetite.
• Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders, influence stakeholders and create easy to consume articles such as blogs, policies and presentations., * Delivering at Pace
• Leadership
• Making Effective Decisions
• Changing and Improving

Technical skills

We'll assess you against these technical skills during the selection process:

• understanding of security event analysis and remediation specific to AWS or Azure Cloud environments and workloads., Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .

Alongside your salary of £59,877, Government Commercial Agency contributes £17,346 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Valuing our people:

• Competitive salary
• Generous pension scheme
• A discretionary non-contractual performance related bonus
• Working remotely in addition to working in advertised office location
• Flexi time scheme (available for B1-B6) -
• Minimum 25 days annual leave to a maximum service related 30 days excluding bank holidays

Want to make a difference? Find out more about the rewarding work that we do in our candidate pack.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.