Department for Business and Trade
Export support for UK businesses – great.gov.uk The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways: firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly; secondly, we open international markets and ensure resilient supply chains through Free Trade Agreements, trade facilitation and multilateral agreements; finally, we work in partnership with businesses every day, providing advice, finance and deal-making support to those looking to start up, invest, export and grow. About the role You will be helping to protect DBT and the wider UK government from cyber threats in a fast-paced and exciting role. Reporting to the Principal Cyber Threat and Vulnerability Manager, the Threat and Vulnerability Analyst will work with other members of the SOC and technical teams to execute operational threat and vulnerability management activities and help shape the development of DBT’s TVM program and capabilities. A healthy curiosity mindset will be essential, to actively go out and discover items of potential interest to the team. About you You will be an analytical thinker with a good understanding of cyber threats and mitigation strategies, an adaptable team player with a curious mindset, and possess strong communication skills to effectively collaborate with various teams across the organisation. Main responsibilities Supporting scoping and delivery activities of penetration tests, vulnerability assessments, and security audits to ensure compliance and mitigation of risks. Structured Threat Hunting through proactively identifying and leveraging threat intelligence sources to inform threat and vulnerability mitigation measures. Working with key stakeholders to create and drive prioritisation of tracked vulnerabilities and maintaining updated vulnerability trackers to meet common organisational objectives such as policy compliance. Reviewing and analysing vulnerability data to identify trends and patterns, whilst improving organisation-wide knowledge and understanding of emerging threats. Disseminating and applying DBT’s vulnerability ratings to externally rated vulnerabilities to help the department prioritize remediation. Continuously researching and investigating new and emerging vulnerabilities including Zero Day events, and participating in external security communities, sharing findings across the security functions. Researching and assessing emerging security threats and vulnerabilities affecting DBT. Skills and experience It is essential that you have: Experience working in an enterprise technology setting, preferably with experience working with or in Cyber Security. Relevant degree or security qualification e.g., BSC. Cyber Security, CompTIA Security +, CEH, Pentest +, CCSP etc. Understanding of Cyber threat landscape, threat actors’ techniques, tactics, and procedures, and understanding of Vulnerability management principles. Understanding of Threat hunting in a cloud-based environment including interpreting device and application logs from various sources in a cloud environment, and monitoring for emerging threat patterns and vulnerabilities. Familiarity with industry frameworks and standards such as NIST, OWASP, MITRE ATTACK, CIS etc. Excellent written and verbal communication skills including the ability to relate technical information to a non-technical audience. It is desirable that you have: Experience in vulnerability scanning and penetration testing. Knowledge of a scripting language. How to apply As part of the application process you will be asked to upload a 500-word personal statement and a two-page CV detailing how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer. Sift will be from week commencing 3rd February. Interviews will be from week commencing 10th February. Please note these dates are indicative and may be subject to change. If there is a high volume of applications, we will sift looking at your CV only. You may then be progressed to full sift or straight to interview. How we interview At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. These are role-specific and in line with the Government Security Profession Career Framework. Technical Skills Penetration Testing Threat and Vulnerability Understanding Threat intelligence and assessment Cyber Security Operations Legal and regulatory Behaviours Working Together Communicating and Influencing Delivering at Pace You will also be asked to complete a technical assessment and will be informed on the topic on the day. How we offer Offers will be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for. This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn. Checks will also be made against: departmental or company records (personnel files, staff reports, sick leave reports and security records) UK criminal records covering both spent and unspent criminal records your credit and financial history with a credit reference agency security services record location details Benefits If you join us, you will get: Learning and development tailored to your role. A flexible, hybrid working environment with options like condensed hours. A culture encouraging inclusion and diversity. A Civil Service pension with an average employer contribution of 27%. Annual leave starting at 25 days rising to 30 days with service. Three paid volunteering days a year. An employee benefits programme including cycle to work. More about us This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered. You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure on our website. Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!
#J-18808-Ljbffr
Export support for UK businesses – great.gov.uk The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways: firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly; secondly, we open international markets and ensure resilient supply chains through Free Trade Agreements, trade facilitation and multilateral agreements; finally, we work in partnership with businesses every day, providing advice, finance and deal-making support to those looking to start up, invest, export and grow. About the role You will be helping to protect DBT and the wider UK government from cyber threats in a fast-paced and exciting role. Reporting to the Principal Cyber Threat and Vulnerability Manager, the Threat and Vulnerability Analyst will work with other members of the SOC and technical teams to execute operational threat and vulnerability management activities and help shape the development of DBT’s TVM program and capabilities. A healthy curiosity mindset will be essential, to actively go out and discover items of potential interest to the team. About you You will be an analytical thinker with a good understanding of cyber threats and mitigation strategies, an adaptable team player with a curious mindset, and possess strong communication skills to effectively collaborate with various teams across the organisation. Main responsibilities Supporting scoping and delivery activities of penetration tests, vulnerability assessments, and security audits to ensure compliance and mitigation of risks. Structured Threat Hunting through proactively identifying and leveraging threat intelligence sources to inform threat and vulnerability mitigation measures. Working with key stakeholders to create and drive prioritisation of tracked vulnerabilities and maintaining updated vulnerability trackers to meet common organisational objectives such as policy compliance. Reviewing and analysing vulnerability data to identify trends and patterns, whilst improving organisation-wide knowledge and understanding of emerging threats. Disseminating and applying DBT’s vulnerability ratings to externally rated vulnerabilities to help the department prioritize remediation. Continuously researching and investigating new and emerging vulnerabilities including Zero Day events, and participating in external security communities, sharing findings across the security functions. Researching and assessing emerging security threats and vulnerabilities affecting DBT. Skills and experience It is essential that you have: Experience working in an enterprise technology setting, preferably with experience working with or in Cyber Security. Relevant degree or security qualification e.g., BSC. Cyber Security, CompTIA Security +, CEH, Pentest +, CCSP etc. Understanding of Cyber threat landscape, threat actors’ techniques, tactics, and procedures, and understanding of Vulnerability management principles. Understanding of Threat hunting in a cloud-based environment including interpreting device and application logs from various sources in a cloud environment, and monitoring for emerging threat patterns and vulnerabilities. Familiarity with industry frameworks and standards such as NIST, OWASP, MITRE ATTACK, CIS etc. Excellent written and verbal communication skills including the ability to relate technical information to a non-technical audience. It is desirable that you have: Experience in vulnerability scanning and penetration testing. Knowledge of a scripting language. How to apply As part of the application process you will be asked to upload a 500-word personal statement and a two-page CV detailing how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer. Sift will be from week commencing 3rd February. Interviews will be from week commencing 10th February. Please note these dates are indicative and may be subject to change. If there is a high volume of applications, we will sift looking at your CV only. You may then be progressed to full sift or straight to interview. How we interview At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. These are role-specific and in line with the Government Security Profession Career Framework. Technical Skills Penetration Testing Threat and Vulnerability Understanding Threat intelligence and assessment Cyber Security Operations Legal and regulatory Behaviours Working Together Communicating and Influencing Delivering at Pace You will also be asked to complete a technical assessment and will be informed on the topic on the day. How we offer Offers will be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for. This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn. Checks will also be made against: departmental or company records (personnel files, staff reports, sick leave reports and security records) UK criminal records covering both spent and unspent criminal records your credit and financial history with a credit reference agency security services record location details Benefits If you join us, you will get: Learning and development tailored to your role. A flexible, hybrid working environment with options like condensed hours. A culture encouraging inclusion and diversity. A Civil Service pension with an average employer contribution of 27%. Annual leave starting at 25 days rising to 30 days with service. Three paid volunteering days a year. An employee benefits programme including cycle to work. More about us This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered. You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure on our website. Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!
#J-18808-Ljbffr
