![Department for Energy Security & Net Zero](https://patchworkhub.org/uploads/0000/770/2024/05/02/screenshot-2024-05-02-113635.png)
Lead Security Analyst
- 23/05/2024
- £40,950.00 - £49,795.00 /yearly
- Part Time & Permanent
Job Type
Salary
Date Posted:
Expiration date:
Job ID
The Integrated Corporate Services (ICS) is a new shared corporate service, launched in July 2023. It will provide corporate services (HR, Finance, Digital, Commercial, Security and Estates) across the Department for Energy Security & Net Zero (DESNZ) and the Department for Science, Innovation & Technology (DSIT).
Our team of just over 300 professionals will be leading the way in how these functions will be delivered in the future. Our ambition is to be the leading provider of integrated corporate services for government and set the standard for quality, efficiency, and innovation in our field.
Our Inclusive Environment
We are building an inclusive culture to make the Department a brilliant place to work where our people feel valued, have a voice and can be their authentic selves. We value difference and diversity, not only because we believe it is the right thing to do, but because it will help us be more innovative and make better decisions.
We offer first-class flexible working benefits, excellent employee well-being support and a great pension. We are fortunate to have a range of excellent staff networks and are proud to be a Disability Confident Leader employer. We will support talented people from all backgrounds to build a career and thrive.
We actively welcome applications from anyone who shares our commitment to inclusion. We will fully support candidates with a disability or long-term condition who require adjustments in our recruitment process.
Find Out More
We regularly run events where you can find out more about the department and tips for the application process. You can sign up for upcoming events here: https://www.tickettailor.com/events/departmentforenergysecurityandnetzero?
You can also follow our LinkedIn Careers Page: https://www.linkedin.com/showcase/desnz-careers/
Key responsibilities
● Incident Response and Management - lead and participate in complex incident investigations, utilising advanced techniques to identify the root cause, scope, and impact of security incidents.
● Analyse and interpret security data from multiple sources, including logs, network traffic, and endpoint data, to identify emerging threats and attack patterns.
● Threat Hunting and Analysis - proactively hunt for advanced threats and vulnerabilities within the environment using various threat intelligence sources and security tools.
● Azure Sentinel Expertise: You will configure, manage, and fine-tune Microsoft Azure Sentinel. Additionally, youll design and implement custom log queries and alerts within Azure Sentinel to enhance threat detection and incident response capabilities.
● Collaboration and Communication - communicate effectively with external vendors, technical and non-technical stakeholders, translating complex technical concepts into understandable terms.
● Participate in the development and enhancement of SOC processes, workflows, and procedures to improve incident response efficiency and effectiveness.
Skills and experience
Essential criteria
● Leadership experience within a SOC Team and a track record of coaching/mentoring and developing junior members of staff.
● Effective verbal and written communication skills, including the ability to lead on meetings with external vendors, technical and non-technical stakeholders, translating complex technical concepts into understandable terms.
● Experience using a Security Incident Event Management (SIEM) and security tooling in a Security Operations Centre (SOC) demonstrating improvements in processes, workflows, and incident response leading to greater efficiency and effectiveness.
● Experience working in an enterprise technology setting, with a focus on Cyber Security.
● Demonstrable experience using a query language to work with large sets of data, preferably Kusto Query Language
Desirable Criteria
● Experience working with Cloud platforms (AWS, Azure)
● Relevant security-based certifications
● Documentation of incident, investigation, findings adhering to incident response procedures.
It is unusual that all candidates will meet all the desirable criteria. If your skills and experience look slightly different from what we have identified and you think you can bring value to the role and the team, we strongly encourage you to apply. We'd love to hear from you!
The link to the technical/professional competency framework that candidates will be assessed against, is: https://ddat-capability-framework.service.gov.uk/skills#analysis-and-synthesis-data-analyst
We'll assess you against these behaviours during the selection process:
We'll assess you against these technical skills during the selection process:
The Department for Energy Security and Net Zero offers a competitive mix of benefits including:
Office attendance
The Department operates a discretionary hybrid working policy, which provides for a combination of working hours from your place of work and from your home in the UK. The current expectation for staff is to attend the office or non-home-based location for 40-60% of the time over the accounting period.
As part of the application process you will be asked to complete a CV and personal statement.
Further details around what this will entail are listed on the application form.
Please use your personal statement (in no more than 750 words) to outline how your experience aligns with the Essential criteria mentioned in the job advertisement, and what you can bring to the role.
Applications will be sifted on CV and personal statement
In the event of a large number of applicants, applications will be sifted on the personal statement.
Candidates who pass the initial sift may be progressed to a full sift, or progressed straight to assessment/interview.
The interview will consist of behaviour and technical questions.
Interviewees will be asked to deliver a presentation; further details will be provided nearer the time.
Sift and interview dates
Expected Timeline subject to change
Sift dates: w/c 10/06/2024
Interview dates: w/c 17/06/2024
Interview Location: MS Teams.
Candidates are asked to note the above timetable, exercising flexibility through the recruitment and selection process.
Further Information
This vacancy is being offered on the DDaT Pay Framework and can include an allowance of up to £10,000 depending on skills, qualifications, and experience.
Further details on the framework can be found on https://ddat-capability-framework.service.gov.uk/role/security-architect#lead-security-architect
For further information on National Security Vetting please visit the following page https://www.gov.uk/government/publications/demystifying-vetting
Reasonable Adjustment
We are proud to be a disability confident leader and we welcome applications from disabled candidates and candidates with long-term conditions.
We fully support adjustments throughout our recruitment process and we encourage candidates to discuss their adjustment needs by emailing the job contact which can be found under the contact point for applicants section.
We do not have an exhaustive list of adjustments that we support but just some examples include additional time to complete your application form, behaviour questions up to 72 hours prior to interview and having extra time at interview.
If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.
If successful and transferring from another Government Department a criminal record check may be carried out.
New entrants are expected to join on the minimum of the pay band.
A location-based reserve list of successful candidates will be kept for 12 months. Should another role become available within that period you may be offered this position.
Please note terms and conditions are attached. Please take time to read the document to determine how these may affect you.
Any move to the Department for Energy, Security and Net Zero from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility https://www.childcarechoices.gov.uk
DESNZ does not normally offer full home working (i.e. working at home); but we do offer a variety of flexible working options (including occasionally working from home).
DESNZ cannot offer Visa sponsorship to candidates through this campaign.
DESNZ holds a Visa sponsorship licence but this can only be used for certain roles and this campaign does not qualify.
In order to process applications without delay, we will be sending a Criminal Record Check to Disclosure and Barring Service /Disclosure Scotland on your behalf.
However, we recognise in exceptional circumstances some candidates will want to send their completed forms direct. If you will be doing this, please advise Government Recruitment Service of your intention by emailing [email protected] stating the job reference number in the subject heading.
For further information on the Disclosure Scotland confidential checking service telephone: the Disclosure Scotland Helpline on 0870 609 6006 and ask to speak to the operations manager in confidence, or email [email protected]
Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicants details held on the IFD will be refused employment.
A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5-year period following a dismissal for carrying out internal fraud against government.
Feedback
This job is broadly open to the following groups:
DESNZ TCs v1.2 Opens in new window (doc, 174kB) |
We use necessary cookies to help our site function. We’d also like to use analytics cookies that help us make improvements by measuring how you use our website.
For more detailed information about the cookies we use, see our Cookies page.
Necessary cookies
Necessary cookies enable core website functionality such as network management, security and accessibility. You may disable these by changing your browser settings, but this may impact how the website functions.
Analytics cookies
We’d like to collect website analytics cookies information using Google Analytics to help us improve our website. We collect this data by running Google Analytics JavaScript on your device, which collects data about how you interact with our site. The data is collected in a way that does not directly identify anyone. For more information please see our Cookies page.