SOC Analyst

Incident and Vulnerability Manager - NewportAbout the jobJob summaryIncident and Vulnerability ManagerThis role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider, well established security function operating within a highly regulated environment.In this role, you will lead and continuously enhance the management of vulnerability assessments across our hybrid IT estate. You will prioritise remediation activities using a risk based, threat informed approach, collaborating with stakeholders to strengthen the security posture of our systems and services.You will also oversee our threat intelligence capability, identifying and maintaining relevant intelligence sources to inform tactical, operational, and strategic decision making. You will produce and share high quality threat intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities.Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPO's protection, detection, and response capabilities.if you have strong relevant expertise, excellent communication skills and a collaborative working style we would love to hear from you. Working Style This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office . The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working arrangements with the recruiting manager to agree a reasonable balance between working from home and the office. Job descriptionMain duties consist of but are not limited to:Vulnerability Management (Primary Focus)Lead and enhance the organisation's vulnerability management programme, including our Penetration Testing programme across a complex hybrid IT environment covering both infrastructure and applications. Scoping, prioritising work, engaging with stakeholders, and ensuring remediation activities happen in a timely fashion.Prioritise vulnerabilities using a risk-based, threat-informed approach to support organisational objectives, regulatory requirements, and audit needs.Oversee the full lifecycle of vulnerabilities, including triage, mitigation planning, remediation recommendations, and stakeholder coordination.Develop and maintain vulnerability management policies, procedures, standards, and best practice guidance.Threat IntelligenceProduce high quality tactical, operational, and strategic intelligence assessments and briefings using analysis and interpretation of current threat intelligence. Utilising and liaising with internal stakeholders, commercial sources, open-source intelligence and government partners to provide a rounded, comprehensive view of the current threat landscape.Lead initiatives to strengthen the organisation's intelligence capability and participate in information sharing communities.Incident Response SupportContribute and enhance our incident response processes, representing Cyber Security in operational incident calls, keeping stakeholders informed and liaising with government bodies to ensure timely and effective management of threat intelligence and threat hunting.Cyber Risk ManagementPlay an integral part in Cyber Security risk management, conducting risk and threat assessments aligned with regulations. Using your knowledge of standards and expertise to support our stakeholders by providing pragmatic and proportionate advice and best practice guidance.Metrics & ReportingDevelop and maintain actionable metrics that demonstrate the effectiveness of the organisation's, has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.Selection process detailsThis vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours, Experience and Technical skills.Additional details on security and vettingSuccessful candidates must pass a disclosure and barring security check and if successful you must also hold, or be willing to obtain, a higher Security Clearance.For meaningful checks to be carried out individuals will need to have lived in the UK for a sufficient period of time, depending on the level of clearance, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. For this role the successful individual will need to have consistently lived in the UK for a minimum 5 years in order to meet the relevant security clearance.Further information on the vetting process can be found at National security vetting: clearance levels - GOV.UK If you have questions regarding this or are unsure if you meet the eligibility criteria, please contact Recruitment@ipo.gov.uk The assessment process will comprise of the following:Stage 1 - SiftAn initial sift of applications will be carried out to create a shortlist. This will be based on the evidence provided for the following Success Profile elements:Experience Your CV will be used to assess your suitability for the role and Your 500 word Personal statement will demonstrate your Experience against the listed person specification/essential criteria Technical Provide a 250-word example that demonstrates your technical ability: Penetration testing (focussed on managing penetration testing programs rather than conducting the tests themselves): Level - Practitioner Penetration testing - UK Government Security - Beta Stage 2 - InterviewsIf invited to interview Behaviours, Experience and Technical based questioning will be used. Please note candidates that proceed to the interview stage will be required to deliver a presentation against the Technical Success Profile. Further details will be provided in the invite to interview information. Specific information regarding the Success Profile elements that will be assessed at interview will be contained within the interview invitation.Interviews for this role will be carried out in person at our Newport Office. This recruitment campaign will keep a reserve list for 12 months. If you meet the requirements for this role but aren't offered after passing the interview, you'll be placed on the reserve list. If a suitable position opens up during this time, we will reach out to individuals in merit order.The successful candidate would be expected to remain in the role for a minimum of 12 months before applying for another role.Applicants to note:CVs sent direct to the IPO will not be accepted.There may be important information contained within the job role profile candidates may also wish to refer to. We recommend candidates download and save a copy of the role profile for reference.This post is being advertised to Internal, across Government and external candidates at the same time.Incomplete and/or late submissions will not be accepted or considered. Feedback will only be provided if you attend an interview or assessment.We do not routinely reimburse travel expenses for candidates, however if participating in the selection process would cause you undue financial hardship or if it restricts your ability to participate, please contact the recruitment team for more information.In line with Government guidance, successfully appointed candidates will need to provide documents for our Right to Work checks. Information on this will be sent within the invite to interview text.If you require a reasonable adjustment at any stage of the recruitment process, then please let the recruitment team know via; recruitment@ipo.gov.uk For more information on the IPO's terms and conditions, please review the attached IPO Modernised Terms and Conditions document attached at the bottom of this advert.Feedback will only be provided if you attend an interview or assessment.SecuritySuccessful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) .People working with government assets must complete baseline personnel security standard (opens in new window) checks.Nationality requirementsThis job is broadly open to the following groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil ServiceThe Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) .The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.Diversity and InclusionThe Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window) . Similar jobs

Digital Delivery Senior Automation Tester - Newport

Intellectual Property Office

Digital Delivery Senior Automation Tester - NewportAbout the jobJob summaryDigital Delivery Senior Automation Tester The IPO is a modern organisation which depends on its IT services to operate and innovate effectively. In order to provide up to date services to our..., Microsoft Data Protection & Security Consultant (Purview, Sentinel, Defender) - Remote UK - Full time Permanent An opportunity has arisen for a Cyber Security Consultant specialising in Microsoft security technologies, with a strong focus on data protection, compliance,..., Iron Mountain is seeking a skilled and motivated DevOps Engineer to join our global information management team in UK (100% remote). In this role, you will be responsible for providing critical technical support for applications and hardware, managing our observability...

vulnerability management and threat intelligence capabilities.Person specificationEssential CriteriaStrong understanding and experience of vulnerability management, threat intelligence and security operationsExperience of managing penetration testing programsBroad technical knowledge, especially around cloud and hybrid technologies.Highly organised and self-motivated, able to manage and deliver on multiple concurrent tasks.Excellent communication and interpersonal skills. Ability to interact with stakeholders of all levels.A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.Sense of urgency and an ability to respond to tasks proactively and promptly.Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs. How to Apply Click the 'Apply now' button and complete the application form by providing the following: Your CVUpload

How would you like to get paid for five days, but only work four?* At Outcomes First Group, we believe in better work/life balance - and we're putting wellbeing first. That's why we're proud to be part of a 4-Day Working Week (4DWW) trial, where you can work one day less..., Job Description How would you like to get paid for five days, but only work four?* At Outcomes First Group, we believe in better work/life balance - and we're putting wellbeing first. That's why we're proud to be part of a 4-Day Working Week (4DWW) trial, where you can..., How would you like to get paid for five days, but only work four?*At Outcomes First Group, we believe in better work/life balance - and we're putting wellbeing first.That's why we're proud to be part of a 4-Day Working Week (4DWW) trial, where you can work one day less each...

Job Description Role OverviewA leading national law firm is seeking a personal injury solicitor (2-5 PQE) to join its specialist Military Personal Injury team. This is a rare opportunity to develop expertise in a highly regarded and niche area of claimant work, supporting..., hackajob is collaborating withKingfisherto connect them with exceptional tech professionals for this role.We're Kingfisher, a team made up of over 74,000 passionate people who bring Kingfisher - and all our other brands: B&Q, Screwfix, Brico Depot, Castorama and Koctas - to..., Pastoral Support Full-time, term time only At New Forest Care, we are looking to recruit a Pastoral Support worker to join one of our 4 wonderful schools based in Totton, Dibden, Fawley and Romsey. The role will support the Pastoral Support Lead in creating the right..., At Outcomes First Group, we believe in better work/life balance - and we're putting wellbeing first. That's why we're proud to be part of a 4-Day Working Week (4DWW) trial, where you can work one day less each week (or equivalent hours), while still receiving your full-time...