Cyber Vulnerability Lead Analyst Department for Work & Pensions

Reference 1617945
Location Leeds, London or Newcastle upon Tyne
Salary Up to £ 62,146 (London) and up to £57,275 (National)
Work hours 37
Employment type Permanent
Job benefits

In addition to salary there is a very competitive pension, a generous annual leave allowance, great work/life balance include flexible working, family friendly policies and much more.

Closing date 21 February 2019

Job description

Do you want to be part of something really big? If you’re creative and curious to learn, want to be empowered to make decisions and challenge the norm, and want to bring BIG ideas to a MASSIVE digital challenge then you’ll love it here. And we’d love to hear from you.

DWP are looking for a Cyber Vulnerability Lead Analyst to work with us on in a once-in-a-generation digital transformation. Our people work on projects that are revolutionising products and services that are used by millions of people every day.

We know that better digital services in government will mean better public services. Using fresh ideas and leading edge technologies – and putting the user at the centre of everything we do – we create innovative digital solutions that make a difference to the lives of our 22 million users.

You’ll be keen to take on the challenge of working for the UK’s largest government department in a role with a remit to protect over £170 billion worth of payments including payments to some of the most vulnerable members of society.

Working for the Department for Work & Pensions (DWP), Technical Vulnerability Assessment Team, part of the Cyber Resilience Centre (CRC), you will be part of a dynamic, innovative and service-oriented team that delivers vulnerability-led cyber security to defend the DWP.

You will be working with government and private sector partners to build and mature this capability, detect malicious behaviour, and respond to cyber threats.

You and your role
The Cyber Vulnerability Lead Analyst will Provision and conduct vulnerability assessments of large IT assets across the DWP estate, a core element of the role will be to commission appropriate vulnerability assessments on DWP assets and identify technical vulnerabilities. The Cyber Vulnerability Lead Analyst will use tools to include IT Health Checks and intelligence-led penetration tests.

The Cyber Vulnerability Lead Analyst will also review and validating findings from vulnerability assessments and advise technical and non-technical audiences on the implications of identified vulnerabilities, assisting in the prioritisation of those vulnerabilities, they will also work with stakeholders to scope and provision vulnerability assessments of large IT assets, to identify vulnerabilities that could be exploited in order to compromise the DWP’s IT network.

Other duties include:
• Configuring and deploying vulnerability scanning and network security assessment tools, notably the continuous vulnerability management tool, Nessus.
• Providing customised reports, data and information on technical vulnerabilities to stakeholders in the first and second line.
• Assisting stakeholders in understanding the technical vulnerability information provided.
• Collaborating with stakeholders to create tactical and strategic plans relating to manage technical vulnerabilities.
• Tracking remediation activities affecting on-premise and Cloud-hosted environments.
• Acting as a subject matter expert for vulnerability assessments, leading the development, critique and continuous improvement of guidance provided to the security risk management team.
• Understanding the DWP, its infrastructure and applications, the vulnerabilities on its systems and how these might be exploited by a hostile third party.

What are we looking for?
• Significant experience of vulnerability management, including prioritising vulnerabilities, taking into account network architecture, threats and potential business impacts.
• Experience of analysing multiple sources of vulnerability information / findings to understand the vulnerability landscape of the Department, assisting stakeholders in understanding the associated risk, prioritising remediation action and influencing security strategy and roadmaps.
• Experience of working with internal stakeholders and commercial third parties to identify, scope, and specify business and technical vulnerability management requirements.
• Experience of security monitoring, intrusion detection, prevention and control systems including firewalls, anti-virus, web proxies and security software.
• Experience of network operations, for example network monitoring, maintenance, incident management and change management.

Desirable Qualifications:

• Recognised information security qualifications, such as GSEC, CISSP, CISM, MSc in Information Security;

Where You’ll Work
You’ll join us in our easy-to-reach digital hub in Leeds, London or Newcastle upon Tyne

Each of our hubs is a modern, vibrant workplace that was designed for and by members of our community. Our central hubs have the best of the city on the doorstep, and we have a range of facilities across the sites from cafes, coffee shops and restaurants, to ping pong, a swimming pool, gym facilities and loads more.

Here we provide the latest tech and tooling and foster a collaborative culture to help our agile, multidisciplinary teams think big and try new things. You will work alongside people who care passionately about public service, making a difference and delivering for our customers.
You will be part of a team who provides support 24 hours a day, 7 days a week, and as a result you may be required to work as part of an on call rota, which will also attract occasional out of hours working (i.e. after 8pm until 8am), and may include travel to different sites.
We’re the UK’s biggest government department with over 80,000 diverse and brilliant people on our team. We are an equal opportunity employer and we welcome applications regardless of age, gender, race or sexuality.

Our Offer
In return for your skills we offer competitive salary Up to £62,146 (London) and up to £57,275 (National), a brilliant civil service pension, and a generous leave package.
We also have a broad benefits package built around your work-life balance which includes:
• Flexible working
• Family friendly policies
• Volunteering and charitable giving
• Discounts and savings on shopping, fun days out and more
• Interest-free loans to buy a bike or a season ticket, so it’s even easier for you to get to work and start making a difference
• Sports and social activities
• And lots more

Building Our Future
We believe the work we do really matters, so we’re serious about investing in your ability.
You’ll have access to a huge suite of training and learning opportunities to complement the new skills and experience you’ll acquire on the job. You’ll share ideas with colleagues from across the tech community, and grow your skills via our coaching and mentoring programmes.
CLICK APPLY for more information and to start your application. If you want to talk about this opportunity before you apply contact me via dean.simon@dwp.gsi.gov.uk

Apply now