About the job

Job summary

The newly created Department for Business and Trade brings together the business focused functions of the former Department for Business, Energy and Industrial Strategy (BEIS) and the Department for International Trade (DIT). Our joint expertise in trade and business provides us with a unique opportunity to unleash the power of UK businesses, reform regulation to reduce burdens and unlock post-Brexit freedoms.

Job description

Job Description   

Now is an exciting time to join the Department of Business and Trade’s (DBT’s) growing Security Operating Centre (SOC) team.   

Our team of SOC analysts carry out detection and response activities supported by the Senior Analyst team, working to protect DBT’s systems and data. You will be reporting to the Principal SOC Analyst, as part of a wider Cyber Security team who provide a friendly and knowledgeable environment.   

You will be working with Microsoft Sentinel as a Security Incident Event Management (SIEM) tool, using its capabilities along with multiple other security tools to identify and remediate Cyber Incidents.    

You will be encouraged to dive deeper into security events, to fully understand what tactics and techniques attackers are using against DBT. You will then document these findings and your lessons learnt so that the SOC capabilities can improve and grow.   

We will also support you to improve and grow, offering amazing learning and development opportunities, through internal training and shadowing, and external courses such as those provided by SANS.   

This role is suitable for someone who has some Cyber Security or SOC experience, and you want to develop further or are looking for a career change and you have transferrable skills.  

This role is available in seven UK locations and can only be worked from within the UK, not overseas. If your office location is London, you will be eligible to receive London weighting.

DBT employees will be working a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Changes to these working arrangements are available in certain circumstances but must be agreed with the vacancy manager and in line with the requirements of the role and can only be discussed with successful candidates.   

Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered. 

Find out about life at DBT, our benefits and meet the team by watching our recruitment video, visiting our website or reading our blog! 

Responsibilities     

 You will be an aspiring SOC Analyst who will develop skills to: 

• Analyse security event data arising from activity across the organisation with the goal of detecting malicious activity.  
• Investigate security alerts and incidents generated by security tooling within DBT, resolving or escalating as appropriate.  
• Formally document incidents, creating recommendations for improvements to SOC capabilities based on the findings.  
• Support the development of SOC documentation, playbooks, and dashboards. Adapting them to reflect the changing Cyber Security landscape.  
• Provide support and advice to stakeholders and colleagues.
• Test new features or alerts within the security tooling.   

Person specification

Essential Skills and Experience    

 You will need to have: 

• Experience working in an enterprise technology setting, preferably with a focus on Cyber Security, or a relevant degree.  
• Demonstrable experience using a query language to work with large sets of data, preferably Kusto Query Language.  
• Understanding of the principles of intrusion detection and analysis.  
• Understanding of cyber threats and the attack types that an organisation can face and how they might be mitigated.  
• Effective verbal and written communication skills, including the ability to collate and explain data clearly and accurately.   

Desirable Skills and Experience   

• Experience using a Security Incident Event Management (SIEM) and security tooling in a Security Operations Centre (SOC). 
• Relevant security-based certifications.  
• Experience working with Cloud platforms (AWS, Azure) 

Personal Attributes and Skills  

• Ability to manage workload and prioritise in a fast-paced environment.  
• Ability to communicate technical ideas to a non-technical audience.  
• A keen learner with a desire to expand their knowledge of cyber security.  
• Demonstrates high integrity and good ethics when handling sensitive and confidential information.   

Benefits

Alongside your salary of £31,443, Department for Business and Trade contributes £8,489 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

Interviews for this vacancy will be conducted virtually. We will, however, consider in-person interviews by exception.

Please ensure that you check your emails regularly as all updates from us will be sent to you this way.

This role is full time only. Applicants who wish to work an alternative pattern are welcome to apply however your preferred working pattern may not be available and you should discuss this with the vacancy holder before applying.

How to Apply   

Unless otherwise specified, all interviews are currently being held online. Please ensure that you check your emails regularly as all updates from us will be sent to you this way. 

Sift will take place week commencing: Monday 29th January 2024 

Interviews will take place week commencing: Monday 5th February 2024 

Please notes these dates are indicative and may be subject to change. 

As part of the application process you will be asked to upload a CV and complete a personal statement outlining your experience, skills and fit for the role. 

At the sift stage for this role, we will assess your CV and personal statement against the essential skills and experience listed above, so please ensure these documents evidence these criteria. There is no limit on the personal statement, but we recommend writing around 500 words.  You can use bullet points and subheadings if you prefer. As well as evidencing the criteria you should also touch upon why you're interested in DBT and in this role.   

If we receive a high volume of applications, we will conduct a ‘short sift’ and read one element of your application. For this campaign a short sift would be conducted based on your CV only, on the criteria: ‘Experience working in an enterprise technology setting, preferably with a focus on Cyber Security, or a relevant degree’. 

How We Interview  

At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. A role-specific list of these can be found below.  

There will be a technical element within the interview where you will be asked questions about your specific professional skills and knowledge relating directly to the job role. 

We will assess you against these Technical Skills during this process: 

• Intrusion Detection and Analysis  
• Incident Management, Investigation and Response  
• Threat Understanding 
• Forensics 
• Cyber Security Operations 

We will also assess you against the following Behaviours: 

• Delivering at Pace  
• Changing and Improving  
• Making Effective Decisions 

 Reserve List  

Appointments may be made to candidates in merit order based on location preferences. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. 

Security Clearance Details   

 All security clearances require you to provide evidence of your UK footprint where you have been physically present in the UK. 

The requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. 

Failure to meet the residency requirements will result in your security clearance application being rejected. 

If you require SC clearance you will need to provide evidence of the below requirements. 

Checks will be made against: 

• Departmental or company records (personnel files, staff reports, sick leave reports and security records). 
• UK criminal records covering both spent and unspent criminal records. 
• Your credit and financial history with a credit reference agency. 

• Security Services record. 
• Location Details  

Further Information  

If successful and transferring from another Government Department a criminal record check may be carried out.

The Department for Business and Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation.

Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you.

Please note – the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role.

Any move to the Department for Business and Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

New entrants are expected to join on the minimum of the pay

Reasonable adjustment

If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes.

If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs.

Our recruitment process is underpinned by appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commission's Recruitment Principles.

The Civil Service Code sets out the standards of behaviour expected of civil servants. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DBT by email: ddat.recruitment@trade.gov.uk.

If you are not satisfied with the response you receive, you can contact the Civil Service Commission, which regulates all Civil Service recruitment. Click here to download a PDF about the Civil Service Commission/Complaints.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

For further information and to apply please click the link to direct you to the advertisers website.

 

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.