Cyber Security Operations Centre

Birmingham

Job Summary
This is an exciting opportunity to join the NCA's Cyber Security team. We are currently looking to recruit a SOC Analyst within our Integrated Protective Security command.

The Cyber Security Team leads the strategic response to cyber risks, cybersecurity function, oversees audit, building internal and external alliances with diverse stakeholders to deliver the NCA's strategic objectives.

Job Description
If successful you will become part of the newly established Security Operations Centre (SOC), supporting the Lead Analyst and Senior Analyst to manage and support all SOC services. You will be responsible for monitoring, preventing, detecting and responding to security incidents playing a crucial role in safeguarding the NCA's digital infrastructure from security threats.

You will report to the Senior Analyst, working from the Agency's Birmingham office, on a
24/7 shift pattern
. This will include working nights, weekends and bank holidays. The team currently work an 8 hour sift pattern, with the proposal of moving over to 12 hour shifts. This would typically be working 4 days, followed by 4 days off.

• Please note due to the nature and requirements of this role, it is not available on a hybrid basis. The role will be based in our Birmingham office only**

There will be potential for the successful candidate to develop their NCA Cybersecurity career and technical knowledge with the availability of the below courses offered.

GIAC Foundational Cybersecurity Technologies (GFACT) Cyber Foundations: Computers, Technology & Security

GIAC Security Essentials (GSEC) Security Essentials - Network , Endpoint and Cloud

GIAC Security Operations Certified (GSOC) Blue Team Fundamentals: Security Operations and Analysis

GIAC Certified Incident Handler (GCIH) HackerTools, Techniques and Incident Handling

• To be considered, you will need to successfully complete DV STRAP clearance before commencing the role ***

If successful you will become part of the newly established Security Operations Centre (SOC), supporting the Lead Analyst and Senior Analyst to manage and support all SOC services. You will be responsible for monitoring, preventing, detecting and responding to security incidents playing a crucial role in safeguarding the NCA's digital infrastructure from security threats.

You will report to the Senior Analyst, working from the Agency's Birmingham office, on a
24/7 shift pattern
. This will include working nights, weekends and bank holidays. The team currently work an 8 hour sift pattern, with the proposal of moving over to 12 hour shifts. This would typically be working 4 days, followed by 4 days off.

• Please note due to the nature and requirements of this role, it is not available on a hybrid basis. The role will be based in our Birmingham office only**

There will be potential for the successful candidate to develop their NCA Cybersecurity career and technical knowledge with the availability of the below courses offered.

GIAC Foundational Cybersecurity Technologies (GFACT) Cyber Foundations: Computers, Technology & Security

GIAC Security Essentials (GSEC) Security Essentials - Network , Endpoint and Cloud

GIAC Security Operations Certified (GSOC) Blue Team Fundamentals: Security Operations and Analysis

GIAC Certified Incident Handler (GCIH) HackerTools, Techniques and Incident Handling

• To be considered, you will need to successfully complete DV STRAP clearance before commencing the role ***

Person specification

Duties And Responsibilities
Monitoring eventsMonitoring for events across multiple security technologies, including intruder detection systems (IDS), Intruder

prevention systems (IPS), Firewalls, End Point Security Solutions and vulnerability management solutions.Building effective working relationshipsLiaison with trusted partners to provide accurate threat identification.Content developmentAssisting in content development and analytics. Taking threat intelligence and tuning the SOC services to best

protect the Agency's vulnerabilities.Assisting EngineersAssisting in engineering tasks in support of the continuous availability of SOC services.Complete scheduling and reportingComplete SOC scheduled tasks and ensure reported events and incidents are appropriately progressed.Risk and complianceAssisting as with Security, Risk, Compliance and Service reportingAssessing and escalating EventsWork alongside colleagues from personnel and physical security to assess events and categorise them

appropriately.Making Assessment on EventsAssess events and bring them to the attention of the shift lead for escalation to the Cyber Defence Team.AdministrationMaintenance of SOC documentation, processes, and procedures.Responding to security eventsReceiving and acting on calls, emails, alerts, etc. relating to security events and possible security incidents.Building working relationshipsCollaboration with other Security Teams (Cyber Defence, IA, Operational, Physical and Personnel) and adjacent

commands to support the overall aim of lowing risk to data loss.Supporting Senior Management Support of senior management in the delivery of an effective and efficient departmental service.Collaborating with OthersDeveloping and building internal and external partnerships working collaboratively to foster good relations, including

working with other government departments to further the SOC capabilities.

Person Specification
IT Skills

Ability to confidently work with multiple security technologies.

Data Analysis

Ability to extract and interpret data/information.

Organised

Able to plan carefully, keep things tidy and work effectively.

Time Management

Effectively manages time and workload and escalates issues - ensuring tasks are completed to agreed standards and timelines.

Team Work

Works effectively with others to focus on and achieve joint outcomes, rather than individual goals.

Relationship Management

Develops and maintains positive relationships with internal and/or external stakeholders in order to achieve stakeholder needs and business objectives.

Qualifications
Recognised degree in an IT related area such as Cyber Security, Computer Science, Information Technology etc

OR

Certifications, from a recognised body, in digital security eg. GIAC, ISC2, BCS, ISACA, CompTIA etc.

Behaviours

We'll assess you against these behaviours during the selection process:

• Developing Self and Others
• Making Effective Decisions

Technical skills

We'll assess you against these technical skills during the selection process:

• A demonstrable enthusiasm for Cyber Security
• High Standard of accuracy and attention to detail.
• Desire to work as part of a team and contribute to the team objectives.

Alongside your salary of £36,057, National Crime Agency contributes £10,445 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

New entrants to the NCA receive 26 days annual leave, rising to 31 on completion of 5 years continuous service, plus 8 bank holidays.

If qualifying criteria is met new joiners from UK Police Forces or the UK Intelligence Community (UKIC) will have service with those employers taken into account for continuous service purposes for annual leave entitlement only, this will be up to a maximum of 31 days leave (including 1 privilege day).

Other Benefits Include

• Flexible working, including flexi-time, compressed hours and job sharing (in line with business requirements)
• Family friendly policies, notably above the statutory minimum
• Learning and Development opportunities
• Interest free loans and advances, including season tickets, childcare and rental deposits
• Housing schemes - Key Worker status
• Discounts and Savings with a wide variety of services including Cycle to Work, Smart Tech schemes, dental insurance, gym discounts and savings on everyday spending, available through the Reward Gateway , Edenred and Blue Light Card schemes.
• Staff support groups/networks
• Sports and social activities, including membership to the Civil Service Sports Council (CSSC)

Further information is available on the NCA Website.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

This vacancy is using the Success Profiles framework and will assess using the following criteria: Behaviours, Experience

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action.

Please see our candidate guidance for more information on appropriate and inappropriate use.

How We Will Assess You
Your application will be assessed against the following:

Experience - This Will Be Assessed
Experience Criteria
- will be assessed by 250 word examples on:

• A demonstrable enthusiasm for Cyber Security
• High Standard of accuracy and attention to detail.
• Desire to work as part of a team and contribute to the team objectives.

A panel will assess how well your application demonstrates the requirements outlined above.

Longlist
In the event of a high number of applications, we may operate a longlist. Applicants will need to meet the minimum pass mark for the lead criteria.

• A demonstrable enthusiasm for Cyber Security .

Candidates who do not meet the minimum pass mark for the lead criteria will not progress to having their other criteria assessed. Applications must meet the minimum criteria to be progressed to the assessment stage.

You will receive an acknowledgement once your application is submitted.

We aim to have sift completed and scores released within 10 working days of the closing date of the advert. For high volume campaigns this timeframe may be extended.

Scores will be provided but further feedback will not be available at this stage.

For Guidance On The Application Process, Visit
NCA Applying and Onboarding

Assessment 1
The format of this assessment will be Interview which will be tested on the criteria listed in the
Success Profiles at Assessment
section.

Success Profiles at Assessment
Behaviours

• Developing Self and Others
• Making Effective Decisions

Experience

• A demonstrable enthusiasm for Cyber Security
• High Standard of accuracy and attention to detail.
• Desire to work as part of a team and contribute to the team objectives.

Assessment Outcome
Outcomes will be communicated via the NCA recruitment portal.

If successful but no role is immediately available, you may be placed on a reserve list for 12 months.

Role
In the event of a tie at the assessment stage, available roles will be offered in merit order using the following order:

• Lead criteria (behaviours/technical/experience)
• If still tied, desirable criteria will be assessed (if advertised)
• If still tied, application sift scores will be used

Feedback is provided only to those who attend an assessment.

You will be subject to vetting and pre-employment checks before appointment.

Once the vacancy closes, the advert will no longer be accessible. Please save a copy for your records.

We encourage all candidates to visit the NCA Careers Page for more information.

Full advert details for this vacancy can found on the advert on the NCA Recruitment Portal. Please follow the link to apply at advertisers' site.
Feedback will only be provided if you attend an interview or assessment.

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

Security

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window).See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is developed vetting (opens in a new window).See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job Contact

• Name : The Recruitment Team
• Email :

Recruitment team

• Email :

Further information

The Civil Service Code sets out the standards of behaviour expected of civil servants.

We recruit on merit through fair and open competition, in line with the Civil Service Commission's Recruitment Principles.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

If you believe your application has not been treated fairly, email: (quoting the vacancy reference).

If unresolved, you may escalate your complaint to the Civil Service Commission.