The Customer Experience & Bridge Operations Centre (CE&BO) comprises a number of teams focused on monitoring the customer experience for the HMRC IT network, services, applications, batch processing, security, and incident management.
The Security Analyst will work a rotational 12-hour shift pattern, providing 24/7/365 Security monitoring and support capability for the CE&BO.
Responsibilities
1. Continual real-time monitoring of the HMRC’s Security Platforms.
2. Maintain CE&BO’s Cyber Security Team (CST) monitoring screens and adapt as necessary.
3. Progressive maintenance and improvement of CST dashboards in line with CE&BO’s requirements to tailor dashboards that meet wider view requirements.
4. Real-time monitoring of CST’s mailbox for potential alerts and other important information.
5. Taking ownership of CST’s cases and following CST tickets to full resolution state in line with CST procedures, as well as flagging relevant information to meet CE&BO’s needs.
6. React and respond to CE&BO’s trending analysis raised by CE&BO colleagues to identify and eliminate any security issues, assisting with findings where possible.
7. Listen to CE&BO’s bridge phone conversations and report to overall CST when incidents develop within the CE&BO, regardless of the issue.
8. Where new issues are identified in the CE&BO, collaborate and assist using cyber security skills where possible.
9. In the event of HPI that involves Cyber Security, take ownership and be the first point of contact, creating a knowledge bridge between CE&BO and CST as a whole, sharing information in real time to resolve incidents efficiently.
10. Monitor daily CE&BO communications in CST mailbox to maintain constant awareness.
11. In the event of a Major Incident (HPI), CE&BO will have prepared an HPI environment involving various concerned stakeholders and service owners. If this concerns issues associated with CST, you are responsible for:
12. Providing initial assessment of the situation and collaborating with CE&BO’s team as well as CST in relation to the incident and creation of a CST ticket.
13. Attending live calls and providing assistance and collaboration.
14. Providing background material if available and ensuring (where sensitive information is identified) to seek approval from CST management before disclosure.
15. Capturing a timeline throughout the incident lifespan.
16. Providing real-time updates and applying skillset without delay is essential.
17. For out of hours, if unable to resolve the incident, use the on-call if the incident is classified as severe and a high risk of breach is identified to critical infrastructure environments.
#J-18808-Ljbffr