Job summary
Are you ready to take on work of national importance, facing the challenge of complex threats you won't find in any other organisation?
The Lead Cyber Incident Manager manages the response to, and investigation of, security events or incidents. You will be responsible for resourcing, commanding, and leading investigations into cyber security incidents; working across multiple stakeholder teams to contain and resolve incidents efficiently. Where possible, you will also identify process improvements, mitigations, and development opportunities through post-incident review and learning.
If you're interested in finding out more, we are holding a Home Office Cyber Security candidate information event on 17th September. You will find out about working for the organisation, hear from staff on their experiences working in Home Office Cyber Security Roles and learn more about our recruitment process. Please register here�
Job description
As the Lead Cyber Incident Manager, your responsibilities will include:
1. Leading, managing and co-ordinating cyber security incidents with a coordinated and structured approach across stakeholders.
2. Identify opportunities for improvement in technical controls, tooling, and processes to more effectively resolve future cyber security incidents.
3. Managing incident defensive and offensive exercises through their scoping, design, and governance.
4. Managing the organisation�s response policies and processes in line with appropriate standards, whilst monitoring and reporting upon performance.
5. Co-ordinating and managing relationships with stakeholders to ensure clear and effective lines of communication across the organisation, its suppliers, partner agencies, and regulators.
6. Ensuring all necessary evidential steps are taken to document response actions, observations, intelligence, and any potential evidence. Producing detailed, accurate and clearly written reports.
The successful candidate will be located in the Soapworks, Manchester regional office. Under Home Office hybrid working practices there is an expectation that you will attend the office for a minimum of 60% of your working hours.�
Due to the nature of the role, this post is available on a full-time basis only.
Person specification
Essential Skills
We are looking for an experience Cyber Security specialist, looking for a new and interesting challenge with the following skills and proven experience in:
7. Threat and risk analysis for complex, high-risk and/or mission critical systems, preferably involving central government, NCSC or Security Operations Centres (SOCs)
8. Operating across tactical, operational and strategic levels with regards to threat and risk analysis, preferably while leading, running and coaching a diverse, distributed team of cyber professionals
The successful candidate must hold or be prepared to undergo NPPV3 clearance.�
Technical Skills
Delivery and Operation
9. Service Management � Level 4 � Level 4
10. Security Services � Level 3
People and Skills
11. People Management � Level 3 � Level 4
Relationships and Engagement
12. Stakeholder Management � Level 4
SFIA capability framework
Skills for the information age (SFIA) is the technical framework that sets the standard capability and development of all DDaT skills in the Home Office. This is a link to the capability framework:��. We use set SFIA technical skills to form our interview questions and we will assess you against these technical skills during the selection process.
Behaviours
We'll assess you against these behaviours during the selection process:
13. Making Effective Decisions
14. Delivering at Pace
15. Changing and Improving
Technical skills
We'll assess you against these technical skills during the selection process:
16. Incident Management (USUP) - Level 4
17. Problem Management (PBMG) - Level 4
18. Security Operations (SCAD) - Level 3
19. Performance management (PEMT) - Level 3
20. Resourcing (RESC) - Level 4
21. Stakeholder relationship management (RLMT) - Level 4
Benefits
Alongside your salary of �57,000, Home Office contributes �16,512 towards you being a member of the Civil Service Defined Benefit Pension scheme.
Recruitment and Retention Allowance (RRA)
This post is eligible for a DDaT Recruitment Retention Allowance. Successful candidate with exceptional skills and experience may apply fora Recruitment and Retention Allowance up to a maximum of �11,300. Eligibility for RRA will be assessed at interview.� This allowance is subject to an initial review within six months of taking up the post and thereafter an annual review inline with the departmental priorities and could be reduced or withdrawn at any time.
You�ll also have access to the same benefits available to all civil servants in the Home Office:�
22. An in-year performance bonus scheme, behaviours recognition and reward scheme.
23. A Civil Service pension with employer contribution rates of between and, depending upon salary.
24. 25 days annual leave on appointment, plus 8 days public holidays and 1 day for the King�s Birthday, rising further with service up to 30 days.
25. A culture encouraging inclusion and diversity.
26. Season ticket loans and rental deposit loans.
27. Cycle to work and payroll giving.
28. Employee discounts - including a huge number of retailers, Microsoft Home Use programme and gym membership.
29. Health and wellbeing initiatives including monthly mindfulness sessions.
30. Staff support networks.
31. Maternity, adoption or shared parental leave of up to 26 weeks full pay followed by 13 weeks of statutory pay and a further 13 weeks unpaid.
32. Maternity and adoption support leave (paternity leave) of 2 weeks full pay.
33. Up to five days paid leave for volunteering.
34. Study leave and support for studying for a qualification or other accredited development relevant to your role.
You can find more information at�.