Threat and Vulnerability Analyst

The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways.    Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.   Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements.  Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.   The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated three times in a row for ‘Best Public Sector Employer’ at the Women in Tech awards!    About the role   You will be helping to protect DBT and the wider UK government from cyber threats in a fast paced and exciting role.  Reporting to the Principal Cyber Threat and Vulnerability Manager, the Threat and Vulnerability Analyst will work with other members of the SOC and technical teams to execute operational threat and vulnerability management activities and help shape the development of DBT’s TVM program and capabilities. A healthy curiosity mindset will be essential, to actively go out and discover items of potential interest to the team.  About you   You will be an analytical thinker with good understanding of cyber threats and mitigation strategies, an adaptable team-player with a curious mindset, and possess strong communication skills to effectively collaborate with various teams across the organisation. Main responsibilities   You will be:  

• Supporting scoping and delivery activities of penetration tests, vulnerability assessments, security audits to ensure compliance and mitigation of risks.   

• Structured Threat Hunting through proactively identifying and leveraging threat intelligence sources to inform threat and vulnerability mitigation measures.       

• Working with key stakeholders to create and drive prioritisation of tracked vulnerabilities and maintaining updated vulnerability trackers to meet common organisational objectives such as policy compliance.      

• Reviewing and analysing vulnerability data to identify trends and patterns, whilst improving organisation-wide knowledge and understanding of emerging threats.   

• Disseminate and apply DBT’s vulnerability ratings to externally rated vulnerabilities to help the department prioritize remediation.   

• Continuously research and investigate new and emerging vulnerabilities including Zero Day events, and participate in external security communities, sharing findings across the security functions.    

• Research and assess emerging security threats and vulnerabilities affecting DBT.  

Skills and experience     It is essential that you have:    

• Experience working in an enterprise technology setting, preferably with experience working with or in Cyber Security 

• Relevant degree or security qualification e.g. BSC. Cyber Security, CompTIA Security +, CEH, Pentest +, CCSP etc. 

• Understanding of Cyber threat landscape, threat actors’ techniques, tactics, and procedures. Understanding of Vulnerability management principles    

• Understanding of Threat hunting in a cloud-based environment including interpreting device and application logs from various sources in a cloud environment, and monitoring for emerging threat patterns and vulnerabilities.   

• Familiarity with industry frameworks and standards such as NIST, OWASP, MITRE ATTACK, CIS etc.)   

• Excellent written and verbal communication skills including the ability to relate technical information to a non-technical audience.   

  It is desirable that you have:     

• Experience in vulnerability scanning and penetration testing  

• Knowledge of a scripting language   

How to apply    As part of the application process you will be asked to upload a 500 word personal statement and a  two-page CV how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer.    Sift will be from week commencing 3rd February Interviews will be from week commencing 10th February  Please note these dates are indicative and may be subject to change.  If there is a high volume of applications, we will sift looking at your CV only. You may then be progressed to full sift or straight to interview.     How we interview  At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. These are role specific and in line with the Government Security Profession Career Framework.    Technical Skills  

• Penetration Testing  

• Threat and Vulnerability Understanding  

• Threat intelligence and assessment    

• Cyber Security Operations   

• Legal and regulatory   

Behaviours     

• Working Together  

• Communicating and Influencing  

• Delivering at Pace 

  You will also be asked to complete a technical assessment and will be informed on the topic on the day.    How we offer    Offers will be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for.    This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn.  Checks will also be made against:  

• departmental or company records (personnel files, staff reports, sick leave reports and security records)  

• UK criminal records covering both spent and unspent criminal records  

• your credit and financial history with a credit reference agency  

• security services record  

• location details  

  BenefitsIf you join us, you will get:     

• learning and development tailored to your role  

• a flexible, hybrid working environment with options like condensed hours   

• a culture encouraging inclusion and diversity   

• a Civil Service pension with an average employer contribution of 27%   

• annual leave starting at 25 days rising to 30 days with service   

• three paid volunteering days a year    

• an employee benefits programme including cycle to work  

  More about us  This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average.  Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.  You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure on our website. Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!