Job Description

The newly created Department for Business and Trade brings together the business focused functions of the former Department for Business, Energy and Industrial Strategy (BEIS) and the Department for International Trade (DIT). Our joint expertise in trade and business provides us with a unique opportunity to unleash the power of UK businesses, reform regulation to reduce burdens and unlock post-Brexit freedoms.



Let us tell you a little bit about the role

This Cyber Security Engineer role sits within the Department for Business and Trade\'s SOC (Security Operations Centre), reporting to the Principle Cyber Security Engineer. The SOC is responsible for identification and mitigation of threats, both internal and external to the security of DBT. This role is to support these actions by creating new capabilities, supporting existing capabilities and provide expertise to analysts when required.

Focussing on supporting the delivery of the monitoring and development aspects of DBT\'s TOM (Target Operating Model), this role will involve development of security tools, providing cyber security advice to the development community in DBT to ensure best practice is being followed.

This role will be suitable for an individual with a passion for DevSecOps (Development and Security Operations) and a willingness to learn.

This role is available in seven UK locations and can only be worked from within the UK, not overseas. Most DBT employees will be working a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Changes to these working arrangements are available in certain circumstances but must be agreed with the vacancy manager and in line with the requirements of the role and can only be discussed with successful candidates. Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.

Find out about life at DBT, our benefits and meet the team by watching our recruitment video, visiting our website or reading our blog!

Responsibilities

• You will be an experienced Cyber Security Engineer who can:
• Supporting the Principle Cyber Security Engineer and SOC Manager in the implementation of the monitoring and improvement roadmap
• Implementing plans for improving the SOC capabilities
• Implementing low to medium changes within a Cloud Environment, supporting high/ complex changes alongside the senior and principal engineers
• Updating and maintaining existing tools and infrastructure.
• Assisting with the collection, maintenance and enrichment of new logs sources.
• Providing assistance in active investigations utilising knowledge of the logs which are available in the SIEM (Security incident and event management).
• Creating applets and pipelines for establishing new capabilities
• Creating and maintaining documentation new and existing capabilities

Essential Skills and Experience

You will need to have demonstrable skills and experience of:

• Foundation knowledge of Security Operations
• Foundation knowledge of Cloud based products and networks at an enterprise scale
• A demonstratable passion for the field and job
• Foundation knowledge of python or similar scripting language
• Effective verbal and written communication skills.
• Understanding threats to an organisation and how they can be mitigated using tools.

Desirable Skills and Experience

These are not necessary but would be ideal if you:

• Degree in related subject.
• Experience in the industry
• Experience working with Django framework
• Knowledge of security standards and best practices (e.g. ISO, NIST, etc.)
• Knowledge of Azure and configuring Microsoft Security products
• Knowledge of AWS and configuring Security elements of AWS (Guard Duty, CloudTrail, CloudWatch)
• Security based Qualifications (CISSP, SANS, CompTIA)
• Good working knowledge of Query Languages (SQL, KQL (Kusto), etc.)
• Knowledge of Cloud Security Best Practices
• Experience in Microsoft Sentinel

Personal Attributes and Skills

• Be a good, open communicator through written, verbal and virtual mediums.
• Ability to communicate technical ideas to a non-technical audience.
• A keen learner with a desire to expand their knowledge of cyber security

How to Apply

Apply by clicking APPLY NOW.

Unless otherwise specified, all interviews are currently being held online. Please ensure that you check your emails regularly as all updates from us will be sent to you this way.

Sift will take place week commencing: 28 th August 2023

Interviews will take place week commencing: 11 th September 2023

Please notes these dates are indicative and may be subject to change.

As part of the application process you will be asked to upload a CV and complete a personal statement outlining your experience, skills and fit for the role.

At the sift stage for this role, we will assess your CV and personal statement against the essential skills and experience listed above, so please ensure these documents evidence these criteria. Your personal statement must be a maximum of 750 words. You can use bullet points and subheadings if you prefer. As well as evidencing the criteria you should also touch upon why you\'re interested in DBT and in this role.

If we receive a high volume of applications, we will conduct a \'short sift\' and read one element of your application. For this campaign a short sift would be conducted based on your Personal Statement against the first two Essential Skills and Experience ie Foundation knowledge of Security Operations and Foundation knowledge of Cloud based products and networks at an enterprise scale

How We Interview

At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. A role-specific list of these can be found below.

There will be a technical element within the interview where you will be asked questions about your specific professional skills and knowledge relating directly to the job role.

We will assess you against these Technical Skills during this process:

• Cloud based development
• Security Operations
• Threat Understandings
• Development background (Programming, tech stack etc.)

Detailed explanations of each Technical Skill can be found on the DDaT Framework.

We will also assess you against the following Behaviours:

• Working Together
• Delivering at Pace
• Making Effective Decisions
• Select a Behaviour

Reserve List

Appointments may be made to candidates in merit order based on location preferences. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised.

Security Clearance Details

All security clearances require you to provide evidence of your UK footprint where you have been physically present in the UK.

The requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years.

Failure to meet the residency requirements will result in your security clearance application being rejected.

If you require SC clearance you will need to provide evidence of the below requirements.

Checks will be made against:

• Departmental or company records (personnel files, staff reports, sick leave reports and security records).
• UK criminal records covering both spent and unspent criminal records.
• Your credit and financial history with a credit reference agency.
• Security Services record.
• Location Details

Further Information

The Department for Business and Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Click through to apply and find out more.

Our recruitment process is underpinned by appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commission\'s Recruitment Principles. The Civil Service Code sets out the standards of behaviour expected of civil servants. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DBT by email. If you are not satisfied with the response you receive, you can contact the Civil Service Commission, which regulates all Civil Service recruitment.

Closing Date for Applications: 29th August 2023 at 12pm (noon)

Department for International Trade