Salary: Circa £45,000 per annum negotiable depending on experience + fantastic benefits!
Jisc Grade: TCY3 (internal use only)
Hours: 35 hours per week
Contract: Permanent
Reports into: Lead incident investigator (DFIR)
Location: Hybrid - A blend of working from home and your nominated hub office, we have hubs in London, Bristol, Manchester and Oxford. Specific patterns for working in the office are not mandated, and the frequency of time worked in the office is agreed with your manager. Meeting in person is something we value so you may need to travel on occasion to any of our hub offices.
About Jisc:
Jisc is the UK digital, data and technology agency focused on tertiary education, research, and innovation. We are a not-for-profit organisation with a big ambition to improve lives through education and research by providing hardware, software, and networking solutions. Our talented people bring their own unique skills and experience to empower our members and customers with the technology they need to succeed. Take your next career step with us and you can make a real difference to the education and research sectors.
About the team:
Jisc's Security Operations Team safeguards both the Janet Network and Internal security whilst also sharing intelligence and advising our members to keep their own networks safe. We draw on a range of market leading solutions, combined with in-house tools, benefiting from the team's expertise to develop a service best suited to our members.
Jisc's Security Operations Centre (SOC) comprises of Cyber Security Incident Response (CSIRT), Network Defensive Services and SIEM teams. A core function of the SOC is to support customers and Jisc's internal security team to Protect, Detect, Response and Recover from cyber incidents. Supporting the SOC in these functions are the Cyber Threat Intelligence (CTI) and Digital Forensic Incident Response (DFIR) teams.
About the role:
To support the SOC Digital Forensics Incident Response (DFIR) function this role will include the operation of Jisc's Digital Forensics Service, participating in triage, collection, and analysis of digital forensics data from various sources and using security-related tools to process and analyse artifacts, mitigate attacks and provide an incident response capability on behalf of our members and customers.
You will provide an escalation point for DFIR Security Analysts, support the DFIR Lead with Incident investigation and management, and with the ongoing development of security systems, helping to generate new mitigations and enhancing the internal security of Jisc to defend against future attacks more effectively. You will also support the DFIR Lead to further develop Incident Response and forensics processes and technologies and deputise in any absence.
Day to day activities will include the supporting Jisc's Security Operations Centre Service, including alert and support ticket triage, recognition of the need to escalate, participation in incident handling duties, threat detection and analysis, using a range of Jisc-developed and commercial network and security-related tools to gather intelligence, mitigate attacks and provide a SOC and incident response capability.
Responsibilities will include:
• Perform forensics investigations using defined processes and tools, to support cyber incident response engagements and post-incident analysis.
• To support the continuous monitoring of SOC customer IT infrastructure, networks, and systems for signs of suspicious or malicious activity. This includes the use of Security Information and Event Management (SIEM) and Endpoint Detect and Response (EDR) Network and DDoS tools.
• To continuously improve current internal services technologies to improve threat analytics and incident management
• To support members with onsite or remote recovery of a cyber incident.
Key Skills and Experience:
• Understanding of common digital forensics artifacts across Windows and at least one other operating system.
• An understanding of IT environments and common infrastructure including Microsoft Stack (Azure, Active Directory), Virtualisation Platforms, Backup Systems & Cloud Platforms.
• Familiarity with a range of security tools and systems such as SIEMs, EDR's SOAR, IDS, WAF, DLP and DDoS mitigation systems
• Previous experience of working within a digital forensics and incident response environment would be beneficial.
• Understanding of identification and analysis of Indicators of Compromise (IOC's).
• Sound working knowledge of TCP/IP and other related Internet protocols.
• Ability to communicate effectively with a range of security professionals and to simplify complex technical issues.
Don't meet every single requirement?
We know that sometimes people can be put off applying for a job if they think they can't tick every box, so we encourage you to apply even if you do not meet 100% of the requirements, but you feel this role is perfect for you. You may be just the right candidate for this or other roles!
Why work for us?
At Jisc, everyone plays a key role and gets the chance to feel part of it, that to us is the definition of a meaningful career. We want to create a culture of lifelong learning. You can look forward to a rewarding job with opportunities to develop and make a real difference to the education and research sectors.
We believe a balance between your personal and professional life is essential to your happiness and fulfilment. We work flexibly at Jisc and focus on outputs rather than presenteeism and are open to a whole range of ways of working.
It isn't about how many hours you spend at home or at work; it's about the flow you establish that brings energy to both parts of your life. Our hybrid working policy is flexible, and the frequency of time spent in your nominated office will vary across teams and job roles.
Take a look at our fantastic benefits! We offer:
• Flexible work pattern, which can adapt to suit your schedules and personal commitments
• 31 days annual leave (plus bank holidays) that includes an additional three closure days over Christmas plus the opportunity to buy up to an additional 5 days
• Generous flexible pension schemes
• Protection benefit - life cover
• Annual Jisc performance award
• A range of wellbeing lifestyle benefits including company paid health care cash plan, employee assistance programme, mental health first aiders and support
• A generous budget to support you with external learning and continuous professional development
• Allocated allowance of up to £250 to equip your home office
• Financial well-being support including access to preferential loan and savings plans, mortgage advice, will writing tools and support and resources to help you make the most of your money
• The opportunity to donate to charity tax-free with our Payroll Giving benefit
• Electric Car Lease Scheme and option to purchase SmartTech - spreading the cost of your everyday white goods and technology
• A wide range of discounts from retailers and big-name high-street stores and CSSC membership
• Family friendly policies including enhanced parental, maternity and paternity leave and opportunity for career breaks
• Support your volunteering with up to 3 days volunteer leave
• Cycle to work scheme and eye care scheme including free eye test vouchers and £70 towards new glasses for VDU use
• Free flu vaccinations
• Employee recognition awards and travel loans
• A company culture which supports and promotes personal learning and development, including access to thousands of courses on LinkedIn Learning
Equity, diversity and inclusion:
At Jisc, we don't look for 'sameness', but to truly include people who can add unique perspectives and experiences to our culture, and we are working hard to achieve progressive change. 'Always inclusive' is one of our six guiding principles which actively encourages us to bring our whole authentic selves to work. We believe that our commitment to equity, diversity and inclusion is fundamental to our success.
Jisc believes our people make all the difference in cultivating an inclusive culture that welcomes ideas, encourages innovation, and values belonging. We work with passionate colleagues to strengthen knowledge and awareness, provide learning and development opportunities, and foster multiple employee networks which create a sense of community and influence our policies and practice.
We work hard to create an equitable experience for our candidates and workforce which embraces all aspects of their identity including race and ethnicity, religion and belief, sex, gender identity, sexual orientation, trans identities, age, class, disability, neurodivergence, or veteran status.
Application process:
We want you to showcase your talent throughout the recruitment process. Please let us know how we can best support you to do that; for example, if there are any reasonable adjustments we may be able to put in place. We will be happy to help you.
Just so you know, we review CVs as soon as we can and aim to provide an update on your application within 4 weeks of receiving it. However, you may hear from us a lot sooner, so please keep an eye out for our emails or calls!
If you are currently a Jisc employee, please apply through your Dayforce Employee profile.
Jisc has an active sponsor licence to recruit on a Skilled worker visa basis. Candidates wishing to apply who require sponsorship should determine the likelihood of obtaining a Certificate of Sponsorship for the role by assessing their circumstances against the relevant Home Office criteria. click apply for full job details