HMRC is the UKs tax, payments, and customs authority. Our vital purpose is to collect the money that pays for the UKs public services and help citizens with targeted financial support. As such, the need to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical.
Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting.
Job description
We are seeking an G7 Digital Defence Lead, who will report to the G6 Head of CTO. The successful candidate will manage four SO Digital Defence Managers and have indirect management of their teams.
As the Digital Defence Lead, on a day-to-day basis you will be supervising and directing the work of our four Digital Defence strands
* Brand Defence: protecting HMRCs wider online reputation in spaces such as domain registration and social media.
* Email Threat Defence: ensuring that HMRCs email controls and associated security awareness measures are functioning effectively to protect our staff.
* Malicious Communications Defence: supporting our customers who receive malicious communications spanning approaches from phishing to vishing; and,
* Technology: supporting CSD and Digital Defence capabilities by crafting and maintaining vital software and platforms
This is a truly unique position that is rarely advertised. You will need to be an experienced manager who is comfortable operating across the suite of these specialities, someone who is able to form strategy and support others in delivering it and can oversee and improve the efficiency of the tools we use to enact the above.
Person specification
In this role you will:
* Drive the production of data and intelligence to inform our understanding of the current and future threat landscape for HMRC, its people, and platforms.
* Lead and empowerpersonnel to deliver to the best of their capacity.
* Liaise closely with colleagues across other CTO functions to inform threat-focused outputs and joint-working efforts.
* Support efforts to drive towards increased automation and adoption of AI-enabled capabilities where appropriate.
* Forge collaborations with other teams in CSD, HMRC Security, and beyond, to foster the goals of CTO in protecting HMRC.
Essential Criteria
* Proven track record to run and lead teams operating in cyber-security, intelligence, investigations, or other associated fields;
* Demonstrated experience in forming and completing strategies aligned with organisational goals;
* Strong understanding of cyber-security and/or open-source threats to large and complex organisations, and associated investigative or mitigative technologies;
* Experience of forging and maintaining effective working relationships with internal and external stakeholders;
* Excellent communication skills (both written and verbal) across a range of outputs, from longform through to presentations;
* Ability to work effectively under pressure and run multiple tasks simultaneously.
Desirable Criteria
Familiarity with brand reputation/management tools and platforms
Familiarity with email security tools, execution of phishing simulations and/or other cyber-security related education, training and awareness initiatives
Familiarity with open source (clear, deep, and dark web) investigations and associated tooling