Threat and Vulnerability Manager

This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider, well established security function operating within a highly regulated environment.

In this role, you will lead and continuously enhance the management of vulnerability assessments across our hybrid IT estate. You will prioritise remediation activities using a risk based, threat informed approach, collaborating with stakeholders to strengthen the security posture of our systems and services.

You will also develop and mature our threat intelligence capability, identifying and maintaining relevant intelligence sources to inform tactical, operational, and strategic decision making. You will produce

and share high quality threat intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities.

Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPO’s protection, detection, and response capabilities.

If you have strong relevant expertise, excellent communication skills and a collaborative working style we would love to hear from you.

Working Style

This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office.

The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working arrangements with the recruiting manager to agree a reasonable balance between working from home and the office., * Lead and enhance the organisation’s vulnerability management programme, including our Penetration Testing programme across a complex hybrid IT environment covering both infrastructure and applications. This will include scoping, scanning, prioritising work, engaging with stakeholders, and ensuring remediation activities happen in a timely fashion.

• Prioritise vulnerabilities using a risk-based, threat-informed approach to support organisational objectives, regulatory requirements, and audit needs.
• Oversee the full lifecycle of vulnerabilities, including triage, mitigation planning, remediation recommendations, and stakeholder coordination.
• Develop and maintain vulnerability management policies, procedures, standards, and best practice guidance.

Threat Intelligence

• Produce high quality tactical, operational, and strategic intelligence assessments and briefings using analysis and interpretation of current threat intelligence. Utilising and liaising with internal stakeholders, commercial sources, open-source intelligence and government partners to provide a rounded, comprehensive view of the current threat landscape.
• Lead initiatives to strengthen the organisation’s intelligence capability and participate in information sharing communities.

Cyber Risk Management

• Play an integral part in Cyber Security risk management, conducting risk and threat assessments aligned with regulations. Using your knowledge of standards and expertise to support our stakeholders by providing pragmatic and proportionate advice and best practice guidance.

Metrics & Reporting

• Develop and maintain actionable metrics that demonstrate the effectiveness of the organisation’s vulnerability management and threat intelligence capabilities.

Incident Response Support

• Contribute to and enhance our incident response processes, representing Cyber Security in operational incident calls, keeping stakeholders informed and liaising with government bodies to ensure timely and effective management of threat intelligence and threat hunting., * Upload an anonymised copy of your current CV. Please remove all identifying markers such as name, title, education institution etc.
• Make sure it clearly shows how you meet the essential criteria listed in the Person Specification.

500-word Personal Statement

• Use this to explain why you're suitable for the role.
• Structure your statement around the essential criteria in the Person Specification.
• Make sure to provide clear examples to show how you meet each requirement.

Technical

• Provide a 250-word example that demonstrates your technical ability:
• Penetration testing (focussed on managing penetration testing programs rather than conducting the tests yourself) :
• Level - Practitioner
• Make sure it aligns with the Technical criteria listed in the Person Specification., We'll assess you against these behaviours during the selection process:
• Seeing the Big Picture
• Managing a Quality Service
• Changing and Improving

Technical skills

We'll assess you against these technical skills during the selection process:

• Penetration testing (focussed on managing penetration testing programs rather than conducting the tests themselves) : Level - Practitioner Penetration testing - UK Government Security - Beta, This post is being advertised to Internal, across Government and external candidates at the same time.

Incomplete and/or late submissions will not be accepted or considered. Feedback will only be provided if you attend an interview or assessment.

We do not routinely reimburse travel expenses for candidates, however if participating in the selection process would cause you undue financial hardship or if it restricts your ability to participate, please contact the recruitment team for more information.

In line with Government guidance, successfully appointed candidates will need to provide documents for our Right to Work checks. Information on this will be sent within the invite to interview text.

If you require a reasonable adjustment at any stage of the recruitment process, then please let the recruitment team know via;recruitment@ipo.gov.uk

Please be aware that only one application per candidate is permitted for each recruitment campaign. Multiple applications, including those made using different accounts, may result in your application being withdrawn or rejected at any stage of the process.

For more information on the IPO’s terms and conditions, please review the attached IPO Modernised Terms and Conditions document attached at the bottom of this advert. Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .

See our vetting charter . People working with government assets must complete baseline personnel security standard (opens in new window) checks., * UK nationals

• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Do you have experience in Software development?, * Strong understanding and experience of vulnerability management, threat intelligence and security operations within a complex enterprise environment

• Experience of managing and developing penetration testing programs
• Knowledge of secure development practices and where security testing for vulnerabilities fits into the Software Development Lifecycle (SDLC)
• Broad technical knowledge, especially around hybrid and cloud architectures, identity management and application security.

Essential Experience

• Highly organised and self-motivated, able to manage and deliver on multiple concurrent tasks.
• Excellent communication and interpersonal skills. Ability to interact with stakeholders of all levels with the ability to explain complex security concepts to non-technical audiences.
• A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.
• Sense of urgency and an ability to respond to tasks proactively and promptly.
• Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs., This vacancy is using Success Profiles , and will assess your Behaviours, Experience and Technical skills.

Additional details on security and vetting

Successful candidates must pass a disclosure and barring security check and if successful you must also hold, or be willing to obtain, a higher Security Clearance.

For meaningful checks to be carried out individuals will need to have lived in the UK for a sufficient period of time, depending on the level of clearance, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. For this role the successful individual will need to have consistently lived in the UK for a minimum 5 years in order to meet the relevant security clearance.

£47,766 - £58,575 Maximum salary amount includes Recruitment Retention Allowance and Technical Allowances of up to £8,420. Final salary package will be dependent on skills and experience. A Civil Service Pension with an employer contribution of 28.97% GBP, Alongside your salary of £47,766, Intellectual Property Office contributes £13,837 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Unlimited Pluralsight video learning access
• Access to Microsoft’s ESI training suite
• Hybrid working with no core hours
• Substantial support for career progression
• 25 days annual leave moving to 30 days in annual increments
• You will also get 8 days public leave and 1 day privilege leave