The Cabinet Office supports the Prime Minister and ensures the effective running of government. It is also the corporate headquarters for government, in partnership with HM Treasury, and takes the lead in certain critical policy areas.
We are the Cabinet Office’s cyber security team, and our mission is to secure the department against cyber threats. We protect our nationwide internal IT infrastructure, and high-profile citizen-facing digital services such as GOV.UK.
This role is within Cyber Defence, which delivers cyber threat intelligence, threat detection, incident response and vulnerability management capabilities for the Cabinet Office, and is responsible for defending both internal IT infrastructure and citizen-facing services.
As a data security analyst, you’ll focus on the investigation and response to data security incidents, and will:
* Continuously monitor security alerts and incidents;
* Creation and tuning of detection's for data loss prevention;
* Collaborate with the incident response team to mitigate threats;
* Report on security risks and trends to senior management;
* Ensure compliance with data protection regulations;
* Triage and investigate data security alerts (including from our email, productivity, network, and endpoint tools);
* Use a variety of techniques to analyse systems, network traffic and cloud environments and understand the nature and extent of possible data security incidents;
* Support the response to data security incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions;
* Support the response to data security incidents by engaging and collaborating with Data Protection, Security, and wider Corporate Services functions
* Support the coordination of data security incidents;
* Contribute to post-incident reviews to identify lessons and actions;
* Identify opportunities for, and support the delivery of, continual improvements to the data security capability;
* Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities;
* Contribute to internal plans, playbooks and knowledge base articles;
* Act as an escalation point for, and provide coaching and mentoring to, associate security analysts.
Incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join.
Core hours must be covered between 10am and 4pm with flexibility encouraged outside of this.
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident .