Cyber Security Monitoring and Investigations

3 months ago


Newcastle upon Tyne, United Kingdom Department for Work and Pensions Full time

Job summary

You will work as part of the Department�s Cyber Resilience Centre (CRC) as a Threat Detection Analyst in the Cyber Security Monitoring & Investigations team.� You will play a vital role in securing the DWP IT Estate; ensuring that service delivery is not affected as a result of potential malicious activity from either internal or external threat.�

Job description

Working as a Threat Detection Analyst in the Cyber Security Monitoring and Investigations team, you will be part of an innovative and service-orientated team of analysts, focused on the detection and investigation of potential indicators of compromise or malicious activity on DWP systems and devices. Your main responsibilities will be to:

�Provide a second-tier escalation function for the resolution of security events that have been triaged by others, providing direction and guidance, and ensuring an effective response to alerts and risks as they are identified.�Undertake comprehensive investigation of security alerts as well as proactive analysis of activity captured in system logs and security tools, to quickly determine if systems have been compromised.Support Intelligence Analysts and the Security Incident Response Team, by providing detailed technical input to on-going investigations, building on detailed log data, digital outputs, and threat intelligence in relation to the mitigation, detection and response to potential cyber-attacks.Effectively use the latest analytical SIEM tools including open-source intelligence to identify security compromises within large amounts of complex data.Use digital forensic and malware analysis tools (commercial and/or open source) to support analysis and decision making.Demonstrate strong knowledge of the latest security threats and indicators of compromise to ensure a robust response to new threats and attack vectors.Provide timely intervention to protect the DWP IT Estate through recommending and operating containment processes to isolate and prevent the spread of malware.�Drive forward the development of monitoring systems and supporting processes and playbooks, ensuring systems are in place to review and continually improve existing capabilities.�Ensure intelligence is effectively used to maintain the integrity of alerts and to ensure alerts continue to remain relevant and focused on the latest threats.�Develop influential relationships with key stakeholders across the Department to support improvement activity thereby mitigating the risks from malicious activity.�Demonstrate strong knowledge and understanding of the concepts of information security, and of current and emerging IT security, data protection and information risk principles and technologies.�Support the transformation of the Department�s response to digital delivery and the security threats this presents; including operating new analytical tools to generate innovative security alerts.�Support remedial activity as a result of identified weaknesses within the estate.Manage multiple priorities and respond flexibly to competing demands.

The Cyber Security Monitoring & Investigations team operates 24 hours a day, 7 days a week and as a result, post holders may be required to work outside of usual office hours as investigations dictate. Travel to different sites with occasional overnight stays may also be required.

Person specification

A strong candidate will be able to demonstrate the following ESSENTIAL CRITERIA:

Experience of performing in-depth analysis of cyber security alerts to quickly determine if systems have been compromised.Skilled in using a variety of the latest SIEM/network analysis tools and of proactively interrogating large data sets of structured and unstructured data, to identify malicious activity or anomalous behaviour.Comprehensive knowledge of tactics or techniques an adversary could use to bypass or evade security controls, and an understanding of how to mitigate such activities so that they could be detected.�Experience of providing technical input into security investigations and of analysing and extracting relevant information in relation to the detection and response to potential cyber-attacks.

Behaviours

We'll assess you against these behaviours during the selection process:

Making Effective DecisionsWorking TogetherCommunicating and InfluencingChanging and Improving

Technical skills

We'll assess you against these technical skills during the selection process:

Intrusion detection and analysisIncident management, incident investigation and response

Benefits

Learning and development tailored to your roleAn environment with flexible working optionsA culture encouraging inclusion and diversityA with an average employer contribution of

At DWP we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.

We want to maximise the potential of everyone who chooses to work for us, and we offer a range of flexible working patterns and support to make a fulfilling career at DWP accessible to you.

Diverse perspectives and experiences are critical to our success, and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.

As one of the largest government departments, almost every individual in the UK is a direct customer of DWP at some point in their lives. DWP�s mission is to improve people�s quality of life, both now and in the future. We do that by focussing on delivering excellent services that make a difference to millions of people. We trust and empower our people to deliver these services to customers every day, including the most vulnerable in society.

We seek to be an exemplar of the modern Civil Service, and to build on our achievements for the benefit of those we serve. When we are at our best, we care, we deliver, we adapt, we work together and we value everyone, and we seek to ensure that these values guide the way we serve our country, our communities, and our fellow citizens.

DWP is looking to fill 2 roles in Financedirectorate. These are key roles, and we are looking for people who will help us deliver Cyber Security Monitoring & Investigations.

We welcome applications from candidates who can demonstrate the essential criteria listed in the �Person Specification� part of this form.�

Hybrid working

This job role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home.

This is a voluntary, non-contractual arrangement and your office will be your contractual place of work. The number of days that anyone will be able to work at home will be determined primarily by business need, but personal circumstances and other relevant circumstances will also be taken into account.

If you are successful, any opportunities for hybrid working, including whether a hybrid working arrangement is suitable for you, will be discussed with you prior to you taking up your post.



  • Newcastle upon Tyne, Newcastle upon Tyne, United Kingdom Department for Work and Pensions Full time

    About UsThe Department for Work and Pensions (DWP) is a leading government department dedicated to improving people's quality of life.Job DescriptionWe are seeking a skilled Cyber Security Threat Intelligence Specialist to join our Cyber Resilience Centre (CRC) as a Threat Detection Analyst in the Cyber Security Monitoring & Investigations...

  • Cyber Security Officer

    7 months ago


    Newcastle upon Tyne, United Kingdom Nigel Wright Group Full time

    The Opportunity Nigel Wright are excited to be exclusively working alongside a regional public sector organisation, who are looking for to recruit an experienced Cyber Security Officer, joining at an exciting time as they continue to expand their Cyber Security capability. A fully flexible hybrid working policy exists, with the team onsite on average 2...


  • Newcastle upon Tyne, Newcastle upon Tyne, United Kingdom CyberNorth Full time

    CyberNorth: Cyber Security Analyst PositionDue to significant investment, CyberNorth is looking for a highly skilled Cyber Security Analyst to join their team as the business undergoes technical transformation. This company is at the forefront of innovative security solutions and integrity verification technologies internationally.This team is passionate...


  • Newcastle upon Tyne, Newcastle upon Tyne, United Kingdom CV-Library Full time

    Are you a skilled IT professional looking for a challenging role? We have an exciting opportunity for a Cyber Security Analyst to join our team at CV-Library. As a Cyber Security Analyst, you will be responsible for monitoring and maintaining the security of our IT systems.">About the RoleThis is a unique opportunity to work with a leading job board in the...


  • Newcastle upon Tyne, United Kingdom Newcastle University Full time

    We are a world-class, research-intensive university. We deliver teaching and learning of the highest quality. We play a leading role in economic, social and cultural development of the North East of England. Attracting and retaining high-calibre people is fundamental to our continued success. **Salary**: the region of £72,000 per annum. The Role We have...


  • Newcastle upon Tyne, Newcastle upon Tyne, United Kingdom CyberNorth Full time

    At CyberNorth, we are seeking a Cyber Security Professional to oversee our ISO27001, Cyber Essentials, and GDPR compliance programmes. As a key member of the Risk and Compliance team, you will play a crucial role in ensuring the security and integrity of client, employee, and corporate information.Responsibilities:Develop and implement a risk-based approach...


  • Newcastle upon Tyne, United Kingdom NHS Business Services Authority Full time

    In this role, you are accountable forSecurity Operations 1. To ensure appropriate access control and monitoring on NHS BSA IT systems is maintained. 2. Actively monitor and undertake activities that mitigate threats to the integrity of the NHS BSAs Information Assets. Assesses the effectiveness of firewalls, Gateways, IDS (Intrusion Detection Systems) and...


  • Newcastle upon Tyne, United Kingdom NHS Counter Fraud Authority Full time

    Work with the Information & Cyber Security Manager and team to actively manage, review, and develop systems and processes to ensure the security of the NHSCFA ICT infrastructure and information systems. Develop and support a range of cyber security products and services and proactively assess, investigate, and mitigate risks and vulnerabilities in ICT...


  • Newcastle upon Tyne, United Kingdom Nigel Wright Group Full time

    The Opportunity An exciting opportunity exists for an experienced Cyber Security Manager to join and establish a new team, in providing an internal proactive consultancy service across this organisation. Flexible working, exceptional holidays and joining a defined benefit pension scheme are on offer. As part of £multi million investment in cyber security,...


  • Newcastle upon Tyne, United Kingdom Circle Recruitment Full time

    Role: Cyber Security EngineerSalary: Up to £45000 per annum depending on experience Location: Hybrid Newcastle 2-3 days on site We have a permanent position available for a Cyber Security Engineer in a Security Operations Centre. This is a full-time position, based 2-3 days on site in Newcastle Upon Tyne and the remainder working from home, paying up to...


  • Newcastle upon Tyne, Newcastle upon Tyne, United Kingdom Leap29 Full time

    Job Title: Principle Engineer - Cyber Security Operations LeadType: Full-Time, PermanentWe are seeking a seasoned Cyber Security Operations Leader to join our team at Leap29. As a key member of our Cyber Security team, you will be instrumental in managing and improving our technical cyber security defences. Your primary responsibility will be to lead efforts...


  • Newcastle upon Tyne, Newcastle upon Tyne, United Kingdom Spectrum IT Recruitment Full time £60,000

    Job Title: IT Security Support Specialist - RemoteWe are seeking a highly skilled Cyber Security Support Specialist to join our team at Spectrum IT Recruitment. This role is critical in ensuring the security and integrity of our operational IT environments.Key Responsibilities:Maintaining security across operational IT environments, identifying potential...


  • Newcastle upon Tyne, United Kingdom Stealth iT Consulting Full time

    Security cleared Cyber Security ConsultantCyber Security agencyUp to £65k + BenefitsRemote working with some travel to client sites*Please only apply if you hold live security clearance (SC) we are unable to consider candidate without this or lapsed clearance*An established Cyber Security agency that supports a number of U.K based Military organisations are...


  • Newcastle upon Tyne, United Kingdom The Leadership Collective Full time

    Cyber Security Consultant – Newcastle, UK £60K - £70K base + excellent benefits Office based in the centre of Newcastle - please note - this is not a hybrid or remote role. Why This Opportunity? Are you ready to make a significant impact in the world of cybersecurity? Join the company, a leader in security operations with a unicorn valuation...


  • Newcastle Upon Tyne, United Kingdom The Leadership Collective Full time

    Cyber Security Consultant – Newcastle, UK£60K - £70K base + excellent benefitsOffice based in the centre of Newcastle - please note - this is not a hybrid or remote role.Why This Opportunity?Are you ready to make a significant impact in the world of cybersecurity? Join the company, a leader in security operations with a unicorn valuation in the dynamic...


  • Newcastle Upon Tyne, United Kingdom The Leadership Collective Full time

    Cyber Security Consultant – Newcastle, UK£60K - £70K base + excellent benefitsOffice based in the centre of Newcastle - please note - this is not a hybrid or remote role.Why This Opportunity?Are you ready to make a significant impact in the world of cybersecurity? Join the company, a leader in security operations with a unicorn valuation in the dynamic...


  • Newcastle upon Tyne, United Kingdom The Leadership Collective Full time

    Cyber Security Consultant – Newcastle, UK£60K - £70K base + excellent benefitsOffice based in the centre of Newcastle - please note - this is not a hybrid or remote role.Why This Opportunity?Are you ready to make a significant impact in the world of cybersecurity? Join the company, a leader in security operations with a unicorn valuation in the dynamic...


  • Newcastle upon Tyne, United Kingdom Arctic Wolf Full time

    Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations andfr remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We’re looking for a...


  • Newcastle upon Tyne, United Kingdom CyberNorth Full time

    The Senior Cyber Analyst performs an important responsibility to lead efforts in identifying, analysing, and mitigating cybersecurity threats. You will be expected to assess vulnerabilities, monitor networks for suspicious activity, and develop strategies to protect Group Information assets. Providing guidance on security best practices, overseeing incident...


  • Newcastle upon Tyne, United Kingdom CyberNorth Full time

    The Senior Cyber Analyst performs an important responsibility to lead efforts in identifying, analysing, and mitigating cybersecurity threats. You will be expected to assess vulnerabilities, monitor networks for suspicious activity, and develop strategies to protect Group Information assets. Providing guidance on security best practices, overseeing incident...