Job Description

Join Police Digital Service as NMC Cyber Threat Specialist

About Police Digital Service

To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that will enable them to adapt to and deal with the complexity of modern criminality.

Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. Our team provides technical advice and delivers services to help policing and law enforcement organisations across the UK prioritise and focus on technology efforts.

Our vision is to support UK policing to keep people safe, get more from technology investments and make better use of public money, and we\'re always on the lookout for great talent to help us achieve this.

The National Management Centre (NMC) is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level.

Why Join us?

• Balance is important and we want you to take time off to recharge - we offer 28 days\' annual leave plus bank holidays, rising to 30 days after 5 years of service. Holiday Purchase also available
• We care about your well-being - we have an EAP that offers not just welfare benefits but also retail discounts
• Plan for the future - we offer an excellent pension scheme and life assurance cover
• Put your mind at rest regarding your health - offering remote GP, mental health and physiotherapy appointments via video consultation
• Family - Enhanced maternity and paternity pay along with a flexible return to work
• Community - one paid day off per year for volunteering

Role Summary

This role is part of the Cyber Intelligence and Threat Team within the NMC, providing threat hunting, malware analysis, vulnerability assessment and Cyber Threat Intelligence services to Policing. The Cyber Intelligence and Threat Team also supports the NMC with Cyber Security incidents, covering threat response, log analysis, investigations, and potential mitigations to manage threats across Policing.

Key Responsibilities

• Proactively identify, prevent, and respond to Cyber Security incidents allowing the NMC to reduce risk for Forces.
• Proactively assess threats that could impact policing including those which may not be detected via NMC tooling or services
• Ability to collate activities, findings, and trends efficiently for dissemination to internal and external stakeholders.
• Provide a centralised resource responsible for protecting Policing with regards to Cyber threats.
• Proactively translate threats and vulnerabilities into new methods of detection and prevention in support of Policing in a continuous evolving threat landscape.
• Deliver great customer experience by engaging with internal and external customers, seeking feedback to improve and transform.
• Be a lead driver in the engagement, training, and development of all colleagues through domain expertise.
• Facilitate regular workshops based on recent activities, new threats, and technologies.
• Proactively engage with other law enforcement agencies and government organisations.
• Define, review and continuously improve processes relating to the role.
• Proactively engage in the continuous improvement of processes relating to other NMC roles.

What you need to succeed in the role

Essential:

• Understanding of offensive and defensive security including attack methods and techniques
• Knowledge of SIEM (Security Incident and Event Management) tools and the analysis of their generated output, including log data
• Ability to analyse event data from various data sources; End Point, Cloud Based, Network
• Ability to apply knowledge of current and past malware methods, attack methodologies, and TTPs (Tactics, Techniques, Procedures) to discover anomalies and trends within data
• Knowledge of malware analysis and known malware attacks
• Understanding of the vulnerability scanning output, and ability to give recommendations
• Ability to generate clear and concise reports and presentations for a variety of stakeholders, from technical analysts to senior leadership teams
• Understanding of the Threat Hunting Maturity Model and Threat Hunt Process
• The ability to apply the MITRE Attack Framework during investigations
• An enquiring mind and willingness to learn
• The ability to multi-task in high-pressured environments and work to tight deadlines
• Experience working in an operational security environment

Desirable:

• Relevant Cyber Security qualifications or certifications relating to the role
• Malware certification
• Offensive Security qualification
• Vulnerability certification

Diversity, equity and inclusion

We are committed to equal opportunity for all and will not discriminate on any grounds. We encourage applications from people from the widest possible span of experience. We particularly welcome applications from Black, Asian and Minority Ethnic (BAME) candidates and people with disabilities.

Working Arrangements

At the NMC, you will benefit from hybrid working, getting the advantages of both face-to-face team engagement and home working. NMC employees have the opportunity to work in our modern office environment for in-person collaboration, however you will also get the opportunity to work from home 2 days a week.

Expiry date: 23:59, Sun, 24th Sep 2023

Police Digital Service