Technical Security Operations Analyst – Investigations Manager Department for Work & Pensions


Reference 1620384
Location London
Salary Up to £62,146
Work hours 36
Employment type Permanent
Job benefits

A brilliant Civil Service pension with employer contributions circa 20%, generous annual leave, flexible working, great work life balance and lots more.

Closing date 27 March 2019

Job description

Do you want to be part of something really big? If you’re creative and curious to learn, want to be empowered to make decisions and challenge the norm, and want to bring BIG ideas to a MASSIVE digital challenge then you’ll love it here. And we’d love to hear from you.

DWP are looking for a Technical Security Operations Analyst – Investigations Manager to work with us on in a once-in-a-generation digital transformation. Our people work on projects that are revolutionising products and services that are used by millions of people every day.

We know that better digital services in government will mean better public services. Using fresh ideas and leading edge technologies – and putting the user at the centre of everything we do – we create innovative digital solutions that make a difference to the lives of our 22 million users.

You’ll be keen to take on the challenge of working for the UK’s largest government department in a role with a remit to protect over £170 billion worth of payments including payments to some of the most vulnerable members of society.

You will work in the Department’s Cyber Resilience Centre (CRC) as the Technical & Security Operations Investigations Manager. CRC has a vital role in securing the DWP IT Estate; ensuring that DWP service delivery is not affected as a result of potential malicious activity from either internal or external threat actors. You will work to ensure the integrity and the smooth running of the CRC function.

The Investigations manager will be responsible for supporting Intelligence Analysts and the Security Incident Response Team (SIRT) by providing detailed technical input to on-going investigations, building on detailed log data, digital forensic outputs and threat intelligence in relation to the mitigation, detection and response to potential cyber-attacks.

You and your role

The Investigations Manager will be responsible for Ensuring that all team activities comply with legal and internal requirements and that all evidence produced from investigations is suitable for use in disciplinary or legal action as well as providing cyber security specific input to investigations through the application of expert technical knowledge and exploitation of cyber intelligence.

Other duties include:

• You will perform complex analysis in a high pressure environment, demonstrating professionalism at all times, contributing towards, and upholding the team’s credibility across DWP and in the wider security and intelligence community.

• You will receive, analyse and draft reports from technical, threat and vulnerability information from all sources of intelligence and DWP reporting systems. This includes, in particular, technical intelligence and outputs from OGD partners, open source, and DWP systems.

What are we looking for?

• Proven track record in cyber security, with experience using a variety of cyber security and digital forensic tools, ideally with experience of analysing large data-sets. This should include supporting qualifications (GCIH, GCIA, GCFA, GSNA, (CISA) exam from ISACA equivalent), or applicable experience.

• Experience of working within the confines of relevant legislation and how it applies to cyber security and digital forensics activities.

• Proven experience of incident management and assessing risk.

• Experience of identifying essential details within a complex situation.

• Demonstrable experience of delivering at pace and prioritising conflicting tasks within finite resources.

• Extensive knowledge and experience of the cyber environment, including knowledge and experience of the breadth of threat actors and depth of threat vectors available.

• People management experience

You will be required to show evidence of having successfully achieved the following compulsory training or industry equivalent:

• SANS FOR578 – Cyber Threat Intelligence

• SANS FOR508 – Advanced Digital Forensics, Incident Response

• SANS FOR503 – Intrusion Detection

• SANS FOR610 – Malware Analysis

• CoP CSDRA – Core Skills in Data Recovery and Analysis

• SIEM Searching & Reporting, Visualisation

You will be part of a team who provides support 24 hours a day, 7 days a week and as a result you may be expected to work as part of an on call rota. This may also attract occasional out of hours working, and will include travel to different DWP sites and Government agencies and occasional overnight stays.

Where You’ll Work

You’ll join us in our easy-to-reach digital hub in London, a modern, vibrant workplace that was designed for and by members of our community. Our central London hub has the best of the city on the doorstep, and we have a range of facilities across the sites including cafes, coffee shops and restaurants. We also have lots of clubs and activities, like table tennis tournaments, yoga, choirs, quiz events, bake-offs and more.

We provide the latest tech and tooling and foster a collaborative culture to help our agile, multidisciplinary teams think big and try new things. You will work alongside people who care passionately about public service, making a difference and delivering for our customers.

We’re the UK’s biggest government department with over 80,000 diverse and brilliant people on our team. We are an equal opportunity employer and we welcome applications regardless of age, gender, race or sexuality.

Our Offer

In return for your skills we offer competitive salary Up to £62,146 (London) a brilliant civil service pension, and a generous leave package.

We also have a broad benefits package built around your work-life balance which includes:

• Flexible working
• Family friendly policies
• Volunteering and charitable giving
• Discounts and savings on shopping, fun days out and more
• Interest-free loans to buy a bike or a season ticket, so it’s even easier for you to get to work and start making a difference
• Sports and social activities
• And lots more…

Building Our Future

We believe the work we do really matters, so we’re serious about investing in your ability.

You’ll have access to a huge suite of training and learning opportunities to complement the new skills and experience you’ll acquire on the job. You’ll share ideas with colleagues from across the tech community, and grow your skills via our coaching and mentoring programmes.

CLICK APPLY for more information and to start your application. If you want to talk about this opportunity before you apply contact me via

Apply now