About the job

Job summary

You will be helping to protect DBT and the wider UK government from cyber threats in a fast paced and exciting role.  Reporting and acting as the main support to the Senior Cyber Threat and Vulnerability Analyst and Principle Cyber Threat and Vulnerability Manager. The Threat and Vulnerability Analyst will work with other members of the SOC and technical teams to execute operational threat and vulnerability management activities and help shape the development of DBT’s TVM program and capabilities. A healthy curiosity will be essential, to actively go out and discover items of potential interest to the team

Job description

Main responsibilities 

You will be:

• Supporting scoping and delivery activities of penetration tests, vulnerability assessments of IT assets, and other tests to assess the robustness of a system, product, or technology
• Structured Threat Hunting through proactively identifying and leveraging threat intelligence sources to inform threat and vulnerability mitigation measures.    
• Conducting deep-dive analysis on potential threats and attacks against DBT and sharing actionable threat intelligence data with other SOC members and technical teams. 
• Working with key stakeholders to create and drive prioritisation of tracked vulnerabilities to meet common organisational objectives such as policy compliance.   
• Disseminate and apply DBT’s vulnerability ratings to externally rated vulnerabilities to help the department prioritize remediation.
• Continuously research and investigate new and emerging vulnerabilities including Zero Day events, and participate in external security communities, sharing findings across the security functions. 
• Develop and maintain a good understanding of DBT’s Information Security Framework and industry best practice.

Person specification

It is essential that you have: 

• Experience working in an enterprise technology setting, preferably with experience working with or in Cyber Security.
• Understanding of Cyber threat landscape, threat actors’ techniques, tactics, and procedures.   
• Understanding of Vulnerability management principles 
• Understanding of Threat hunting in a cloud-based environment including interpreting device and application logs from various sources in a cloud environment, and monitoring for emerging threat patterns and vulnerabilities.
• Familiarity with industry frameworks and standards such as NCSC pen test guidance, OWASP, CVSS, NIST, ISO 27001 etc.
• Excellent written and verbal communication skills including the ability to relate technical information to a non-technical audience

 It is desirable that you have: 

• Experience working with Microsoft security tooling/AWS
• Knowledge of a scripting language

Benefits

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 27%

Things you need to know

Selection process details

As part of the application process you will be asked to upload a two page CV and complete a 600 word personal statement outlining how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer. 

Sift will be from week commencing 10/06/2024 

Interviews will be from week commencing 24/06/2024

Please note these dates are indicative and may be subject to change. If there is a high volume of applications, we will sift looking at your personal statement only. You may then be progressed to full sift or straight to interview. 

How we interview At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. These are role specific and in line with the DDaT Capability Framework. 

Technical Skills

• Penetration Testing
• Threat Understanding
• Threat intelligence and assessment  
• Cyber Security Operations 
• Legal and regulatory 

 Behaviours

• Working Together  
• Delivering At Pace

How we offer 

Offers may be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for. This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn. Checks will also be made against: 

• departmental or company records (personnel files, staff reports, sick leave reports and security records) 
• UK criminal records covering both spent and unspent criminal records 
• your credit and financial history with a credit reference agency 
• security services record 
• location details 

More about us 

This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average.  Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure on our website. Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!   

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.