About the job

Job summary

As a Senior Threat and Vulnerability Analyst you will be helping to protect DBT and the wider UK government from cyber threats in a fast paced and exciting role.  Reporting and acting as the main support to the Cyber Threat and Vulnerability Manager, the Senior Threat and Vulnerability Analyst will work with other members of the SOC and technical teams to execute operational threat and vulnerability management activities and help shape the development of DBT’s TVM program and capabilities. A healthy curiosity will be essential, to actively go out and discover items of potential interest to the team, ensuring that there is collaboration between the architects, SOC engineers and analysts, and risk managers to deliver a documented risk-based response to the present and future of anything that may be found. 

This role is available in seven UK locations and can only be worked from within the UK, not overseas. Most DBT employees will be working a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Changes to these working arrangements are available in certain circumstances but must be agreed with the vacancy manager and in line with the requirements of the role and can only be discussed with successful candidates. Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.

Find out about life at DBT, our benefits and meet the team by watching our recruitment video, visiting our website or reading our blog!

Job description

You will be an experienced Senior Threat and Vulnerability Analyst who can:

• Perform Structured Threat Hunting through proactively identifying and leveraging threat intelligence sources to inform strategic threat and vulnerability mitigation measures.  
• Conduct deep-dive analysis on potential threats and attacks against DBT and sharing actionable data with other SOC members and technical teams. 
• Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.   
• Continuously research and investigate new and emerging vulnerabilities including Zero Day events, and participate in external security communities, sharing findings across the security functions.
• Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.  
• Demonstrate developed knowledge and understanding of approaches and tooling for performing vulnerability assessment against large and complex infrastructure.   
• Develop vulnerability assessment templates and test scripts to meet common organisational objectives such as regulatory compliance and internal audit functions.   
• Scoping and delivery of penetration tests, red team exercises, vulnerability assessments of IT assets, and other tests to assess the robustness of a system, product, or technology.  
• Disseminate and apply DBT’s vulnerability ratings to externally rated vulnerabilities to help the department prioritize remediation.
• Develop and maintain a solid understanding of DBT’s Information Security Framework and industry best practice.
• Mentor and support junior colleagues as and when required. 

Person specification

You will need to have demonstrable skills and experience of:

• Industry experience in a Threat and Vulnerability Management role with relevant Security based Qualification(s) (e.g., from SANS, CompTIA, EC-Council, Degree etc.)
• Demonstrable experience in assessing the Cyber threat landscape, threat actors’ techniques, tactics, and procedures.
• Demonstrable experience in defining and Management of vulnerability management tooling, assessments, and pen testing in multi cloud environments.
• Working knowledge of Offensive and Defence security practices and methods.
• Demonstrable skills in Threat hunting in a cloud-based environment including interpreting device and application logs from various sources in a cloud environment, and monitoring for emerging threat patterns and vulnerabilities.
•  Ability to articulate the risk presented to services from existing or emerging vulnerabilities and threats.

 Desirable Skills and Experience

These are not necessary but would be ideal if you:

• Hands on experience in penetration testing.
• Threat Generation Reporting.
• Knowledge of a scripting language is a plus.
• Knowledge of Microsoft security tooling including KQL queries etc.
• Familiarity with industry frameworks and standards such as OWASP, CVSS, NIST, ISO 27001 etc.
• Excellent written and verbal communication skills including the ability to relate technical information to a non-technical audience.
• Working with a larger team to deliver a risk-based response with a forward-thinking approach. 

Benefits

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

Things you need to know

Selection process details

Interviews for this vacancy will be conducted virtually. We will, however, consider in-person interviews by exception.

Please ensure that you check your emails regularly as all updates from us will be sent to you this way.

Sift will take place week commencing: Monday 8th January.

Interviews will take place week commencing: Monday 22nd 

Please notes these dates are indicative and may be subject to change.

As part of the application process you will be asked to upload a CV and complete a personal statement outlining your experience, skills and fit for the role.

At the sift stage for this role, we will assess your CV and personal statement against the essential skills and experience listed above, so please ensure these documents evidence these criteria. Your personal statement must be a maximum of 500 words. You can use bullet points and subheadings if you prefer. As well as evidencing the criteria you should also touch upon why you're interested in DBT and in this role. 

If we receive a high volume of applications, we will conduct a ‘short sift’ and read one element of your application. For this campaign a short sift would be conducted based on: CV only.

How We Interview

At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. A role-specific list of these can be found below.

There will be a technical element within the interview where you will be asked questions about your specific professional skills and knowledge relating directly to the job role.

We will assess you against these Technical Skills during this process:

• Penetration testing
• Vulnerability Management and Information risk assessment. 
• Threat intelligence and assessment  
• Cyber Security Operations 
• Legal and regulatory compliance 

Detailed explanations of each Technical Skill can be found on the DDaT Framework.

We will also assess you against the following Behaviours:

• Working Together  
• Changing and Improving  
• Communicating and Influencing 

Further Information

If successful and transferring from another Government Department a criminal record check may be carried out.

The Department for Business and Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation.

Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you.

Please note – the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role.

Any move to the Department for Business and Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

New entrants are expected to join on the minimum of the pay band.

Reasonable adjustment

If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.

If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs.

Our recruitment process is underpinned by appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commission's Recruitment Principles.

The Civil Service Code sets out the standards of behaviour expected of civil servants. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DBT by email: ddat.recruitment@trade.gov.uk.

If you are not satisfied with the response you receive, you can contact the Civil Service Commission, which regulates all Civil Service recruitment. Click here to download a PDF about the Civil Service Commission/Complaints.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

For further information and to apply please click the link to direct you to the advertisers website.

Add to all vacancies depending on the level of security clearance required for the roles

Vetting Requirements

SC

All security clearances require you to provide evidence of your UK footprint where you have been physically present in the UK.

The requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years.

Failure to meet the residency requirements will result in your security clearance application being rejected.

If you require SC clearance you will need to provide evidence of the below requirements.

Checks will be made against:

• departmental or company records (personnel files, staff reports, sick leave reports and security records)
• UK criminal records covering both spent and unspent criminal records
• your credit and financial history with a credit reference agency
• Security Services records

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.