About the job

Job summary

HMRC is the UK’s tax, payments and customs authority and we have a vital purpose: we collect the money that pays for the UK’s public services and help families and individuals with targeted financial support.

HMRC’s Fraud Investigation Service (FIS) is responsible for the department’s civil and criminal investigations.

FIS provides HMRC with an effective investigation arm to enforce the Department’s compliance policies. This enables the Department to deliver against the strategic responsibilities across all the taxes and duties it administers. This includes complex offshore evasion, international smuggling of illicit excise goods, exports of controlled weapons and technology, labour market abuses, VAT and Self-Assessment repayment frauds and a host of other fraud attacks targeted at the tax system.

FIS is home to a wide range of people with a variety of skills and professional backgrounds – including accountants, cybercrime specialists, criminal justice professionals, tax professionals and operational delivery support teams to name but a few. We use a range of powers and approaches to protect funding for UK public services, investigating the most harmful tax cheats and ensuring nobody is beyond our reach.

Covert Operations, Digital Exploitation (CODE) sits within HMRC’s wider Fraud Investigation Service (FIS). Working across Law Enforcement and government, CODE provides investigative tools and covert techniques to front-line investigations and works with key partners to develop and provide access to new technology and systems to enable investigators to respond to serious and complex tax evasion and crime.

See what it’s like to work at HMRC: find out more about us or ask our colleagues a question. Questions relating to an individual application must be emailed as detailed later in this advert.

Job description

Covert Operations, Digital Exploitation (CODE) sits within HMRC’s wider Fraud Investigation Service (FIS) responsible for the department’s civil and criminal investigation work. FIS ensures that HMRC has an effective approach to taking on the most serious tax evasion and fraud.

Working across Law Enforcement and government, CODE provides investigative tools and covert techniques to front-line investigations and works with key partners to develop and provide access to new technology and systems to enable investigators to respond to serious and complex tax evasion and crime. 

You will lead a team of Cybercrime specialist technical analysts and investigators, who gather intelligence and investigate online fraud against HMRC, providing evidence to support criminal investigations and insight to shape the security of HMRC’s online services.

Person specification

As Joint Head of Cybercime, you will:

• Lead a high-performing team conducting cybercrime investigations, intelligence collection, forensic analysis, research and development, risk management and advisory services.
• Apply your expert knowledge and experience of industry-recognised practices in cyber security and online counter-fraud defences to HMRC tax services, used by millions in the UK and abroad.
• Provide technical leadership and consultancy across the department, influencing the development, operation and improvement of digital services to be resilient against cybercrime, communicating across professions, from Programme Boards to software developers.
• Direct investigative capability to provide insight into threats to business objectives, gaining understanding of criminal capability, intent and scale to inform strategic responses, whilst providing oversight to ensure activity is lawful, appropriately authorised and risks managed
  Design mitigations for cybercrime risks that you and your team have identified, assessed and communicated in collaboration system owners and their delivery teams.
• Formulate and implement strategies to disrupt and deter criminal activity affecting HMRC, working with public and private sector partners in the UK and overseas on mutual threats, reporting progress against targets to appropriate Boards.
• Represent HMRC on cybercrime matters within UK Government and internationally, influencing policy and legislation, regulation and law enforcement initiatives.

Essential Criteria:

• Have experience leading highly specialist teams, setting strategy and direction and empowering decision-making and accountability for delivering objectives, but able to dive deep into the detail and support people in overcoming problems.
• Have hands-on experience in a number of technical cyber security fields, such as digital forensics & incident response, intrusion analysis, cyber threat intelligence, web application security, offensive techniques, identity verification and authentication and online counter-fraud controls.
• Have knowledge of the tools, techniques and procedures used by cybercriminals, their fit within cyber threat frameworks (e.g. MITRE ATT&CK), be able to apply these in cyber threat modelling to advise on potential risks and mitigations to agile development teams, utilising familiarity with industry good practice guides (e.g. OWASP) and the technology marketplace.
• Be able to build relationships with colleagues and senior stakeholders to establish trust in your advice and guidance, explaining risks and technical topics in a clear and meaningful to non-technical audiences.
• Have academic and industry qualifications that evidence your ability, expertise and credibility, such as a degree in a Science, Technology, Engineering or Mathematics subject, a post-graduate qualification in a cyber security or related topic, and/or industry qualifications like CISSP, GIAC (e.g. GCFE, GREM, GCIH, GCTI), OCSP, etc.
• Be able to give evidence in a criminal court /tax tribunal as a subject matter expert.
• Hold or be able to attain National Security Vetting of Security Check (SC) and be prepared to obtain Developed Vetting (DV) security clearance.

Desirable Criteria:

• Hands-on experience in all of the following technical cyber security fields: digital forensics & incident response, intrusion analysis, cyber threat intelligence, web application security, offensive techniques, identity verification and authentication and online counter-fraud controls.
• Experience in law enforcement or intelligence environments, applying relevant legislation to activity, management of information and criminal justice processes (e.g. IPA, RIPA, CPIA, PACE, CMA and Fraud Act).
• Experience working with Government and industry groups collaboratively to tackle mutual cyber threats, and familiarity with the wider community collaboratively countering cybercrime.
  
• Experience defending large web services against online fraud.
• Knowledge of tax and investigation of tax fraud.

Additional Information:

This role requires security clearance to DV. Any job offer is conditional to the attainment of the security clearance to DV and thus, the security clearance is mandatory. Please be aware that those who do not attain the required security clearance will not be allowed to carry on in this particular post.

Applicants who wish to work alternative working patterns are welcome to apply. The preferred working pattern may or may not be available, agreement will be subject to business need, and any request to work an alternative working pattern should be made prior to your acceptance of the provisional offer.

Depending on individual circumstances and the requirements of the role we may be able to make reasonable workplace adjustments such as flexible working, adjusting breaks and time to complete tasks, providing alternative office equipment, software etc. A successful applicant would be able to discuss this with their manager.

Appointment will be conditional upon satisfactory conduct and discipline checks and security vetting.

Candidates must live within reasonable daily travel of Stratford Regional Centre.

All applicants will be required to declare any past convictions, criminal findings, or police cautions, regardless of whether they are ‘spent’. You must also declare any disciplinary proceedings relating to previous employments.  The disclosure of this information will not automatically disbar you from employment with FIS, but we need to be aware of any event or issue which could impinge on your credibility if questioned in court.

FIS may conduct background checks and any offer will be withdrawn if you fail to disclose any relevant material that causes conflict with you being able to complete the duties of the role.

Benefits

Alongside your salary of £66,957, HM Revenue and Customs contributes £18,078 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

As part of the application process, you will be asked to complete a CV and 750- word Personal Statement. Further details around what this will entail are listed on the application form.

Please complete the Qualifications, Career History and Skills and Experience sections on the CV. (max 250 words per section).

Your personal statement should evidence how your skills and experience would be suitable for the role, referring to the essential criteria as well as the personal specification outlined in the advert. (max 750-words).

Your CV and Personal Statement will be assessed at sift.

Candidates who are successful at sift will be invited to interview and assessed against experience and the behaviours outlined above in the advert.

Technical Skills will also be assessed at interview by way of a presentation with follow up questions. Details regarding the presentation will be provided prior to interview.

Interviews will be held either by video or face-to-face.

Desirable Criteria will only be assessed in the event of tied candidate scores.

The sift and interview process should take place within 5 weeks of the advert closing date.

We reserve the right to raise the score required at any stage of the process in order to manage numbers.

Interview dates to be confirmed. 

A reserve list may be held for a period of up to 12 months from which further appointments may be made for the same or similar roles – if this applies to you, we’ll let you know via your Civil Service Jobs account.

Eligibility

To check that you are eligible to apply, review this eligibility information.

Important information for existing HMRC contractual homeworkers:

This role may be suitable for existing HMRC employees who are contractual homeworkers. Occasional attendance to the office will be required where there is a business need, so please review the advertised office locations for this role when applying and only select locations from the ‘location preferences’ section that you are able to travel to.   

Reasonable Adjustments 

We want to make sure no one is put at a disadvantage during our recruitment process because of a disability, condition, or impairment. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate. 

If you need a reasonable adjustment or a change to be made so that you can make your application, review this information on reasonable adjustments, and contact hmrcrecruitment.grs@cabinetoffice.gov.uk as soon as possible.

Diversity and Inclusion

At HMRC we are committed to creating a great place to work for all our colleagues and creating an inclusive and respectful environment that reflects the diversity of the society we serve.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role. We’re committed to creating a great place to work for all our colleagues here at HMRC. We want everyone to feel valued and supported to achieve their potential at HMRC.

For more information on how we make this happen, review this information on our culture and values

Applications received from candidates with a criminal record are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.

We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible after considering operational and customer service needs. We can’t guarantee that we can meet all requests to work flexibly, as agreement will be subject to business ability to accommodate, and any request to work a more flexible arrangement should be made prior to your acceptance of the provisional offer.

Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement, this will be tested as part of the selection process. 

The Civil Service runs a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. 

Locations 

HMRC has a presence in every region of the UK. For more information on where you might be working, review this information on our locations.

Security Update

For more information on the level of security checks we will carry out, review this information on security checks.

Additional Security Information

Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Developed Vetting (DV) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for DV is 10 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.

For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting.

Further Information

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide in your application must relate to your own experiences.

Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant application/s will be withdrawn from the process. 

Duplicate applications for the same vacancy will also be withdrawn.

Transferring into HMRC from Civil Service If you are currently working for an ‘Other Government Department’ (OGD) and would like to consider the impact on your pay when joining HMRC, please see the attached document "Combined T&C and OGD Pay English”, found at the bottom of this advert. Further information on staff transfers can be found on gov.uk

Problems during the application process 

If you experience accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section. 

If you think you’ve made a mistake on a short application form (e.g. you’ve ticked the incorrect eligibility box), please contact hmrcrecruitment.grs@cabinetoffice.gov.uk at least two working days before the vacancy closes. After this, we won’t be able to reopen your application.   

Please use the subject line to insert appropriate wording e.g. Please re-open my application - 346113 & vacancy closing date 05/04/2024. Please note that we cannot amend or re-open your application if you have submitted your full application in the interests of fair and open recruitment.

For reasonable adjustments queries or requests, please see details within reasonable adjustments section above.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.