Vacancy -- Senior Cyber Security Analyst

Working for the Civil Service

The Welsh Government's recruitment processes are underpinned by the principle of selection for appointment on merit on the basis of fair and open competition as outlined in the Civil Service Commission’s Recruitment Principles.

The Civil Service Code sets out the standards of behaviour expected of civil servants.

Vacancy Details

Permanent Secretary's Group
DDaT - IT Services
SEO - £41,700 - £49,370
Up to £43,760
Full time (applications are welcome from people who work part time, as part of a job share or who work full time)
Permanent
Pan Wales
'Pan Wales' means that the location in which the vacancy can be based is flexible, subject to the needs of the business. Please note it may not always be possible to accommodate a preference for a specific office location, but requests will be taken into consideration.
w/c 25th October

Purpose of Post:

The Welsh Government has made significant improvements to its IT technology over the last few years and is considered to be one of the leading UK public sector organisations in terms of Digital and IT capability.  WG has recently completed a number of ICT projects such as the move to Exchange 365, the transition away from the Government Secure Intranet (GSI) email, the rollout of new laptops to all WG staff (enabling flexible working) and the completion of a major application migration to Microsoft Azure.  This has been captured in a GDS case study on best practice examples of Cloud migration (see https://www.gov.uk/government/case-studies/how-the-welsh-government-migrated-their-technology-to-the-cloud)

Cyber Security is an exciting, evolving profession within IT and is growing four times faster than any other sector.  Cyber Security professionals are vital to help develop new ways to combat cyber threats and are the main line of defense against spamming, phishing, malware, viruses and other information security threats.  As cyber-attacks have increased, so has the demand for professionals who are trained to stop such attacks.

The IT Services Division is therefore delighted to be growing the Cyber Security presence within Welsh Government and as such is looking for a Senior Cyber Security Analyst to take overall leadership of the expanding team.  This is an exciting opportunity for a highly organised, motivated individual to take overall responsibility for the protection, detection and response and recovery of Welsh Government IT systems against cyber security threats and attacks.

Key tasks:

As the Senior Cyber Security Analyst, you will:

·         Have overall responsibility for the delivery of operational security services including technical protective monitoring, security change control, vulnerability scanning and similar functions.

·         Own the risk management strategy for cyber security, from technical controls to policy.

·         Ensure security tools and technology are maintained and developed as required to deal with the latest cyber security threats.

·         Continuously monitor internal and external cyber security policy compliance.

·         Maintain an effective approach for the reporting and management of security incidents.

·         Lead in the horizon scanning to ensure that policy, direction, and advice keeps abreast of new technology, opportunities and new and evolving security threats.

·         Implement new technology as required including the evaluation and implementation of any controls that might mitigate the risk of its operation.

·         Conduct continuous assessments of cyber security policies, practices and systems ensuring they are fit for purpose and identifying areas for improvement.

·         Ensure cyber security stays on the organisational radar by making the benefits clearly visibly and championing all efforts moving forward.

·         Lead the creation and implementation of the cyber security incident response plan for WG.

 

Development opportunities:

The Senior Cyber Security Analyst role is part of the Digital Data and Technology (DDaT) Profession in Welsh Government (WG).  This is a growing profession within Welsh Government and you will have the opportunity to be part of the community and to develop the role of that community within WG. 

The post offers significant opportunities to work with stakeholders and security experts within and outside of WG.  The global cyber threat continues to evolve at a rapid pace so continuous learning and development will be key to ensuring that the cyber team continue to protect and defend WG IT systems effectively.

Closing Date:

01/10/2021, 23:55

Eligibility

Posts recruited to as part of this recruitment campaign are broadly open to UK nationals, those with right to remain and work in the UK and those that meet the Civil Service Nationality Rules only. Check your eligibility here:

Prior to appointment, all successful applicants will be required to produce original, acceptable documents as part of the pre-employment checks. If it becomes apparent at a later stage in the process that you aren’t eligible to apply, your application will be withdrawn, or offer retracted.

Equality and Diversity

The Welsh Government is committed to providing services which embrace diversity and which promote equality of opportunity. This is underpinned by the Equality Act 2010 and will be adhered to at each stage of the recruitment process. Our goal is to ensure that these commitments are also embedded in our day-to-day working practices with all our customers, colleagues and partners.

We are committed to being an anti-racist organisation and increasing diversity in the Welsh Government by removing barriers and supporting all our staff to reach their potential. We are committed to recruiting Black, Asian and Minority Ethnic people and disabled people who are currently under-represented in Welsh Government.

We welcome applications from everyone regardless of age, marriage and civil partnership (both same sex and opposite sex), impairment or health condition, sex, sexual orientation, pregnancy and maternity, race, religion or belief, gender identity or gender expression.

We are a Stonewall Diversity Champion and a Disability Confident Level 3 (Leader) organisation. Key to supporting this work and providing peer support are five Board sponsored Staff Networks (Disability Awareness and Support (DAAS); Minority Ethnic Support Network (MESN); Mind Matters (Mental health and well-being); PRISM (Lesbian, Gay, Bisexual, Transgender, Intersex +) and Women Together.

Disability Confident

A Great Place to Work for Veterans

This vacancy is part of the Great Place to Work for Veterans initiative.

Welsh Language Requirements

The Welsh Government is a bilingual organisation and Welsh language skills are considered an asset to the organisation. We encourage and support staff to learn, develop and use their Welsh language skills in the workplace. 

The following list of language requirements represents an objective assessment by the line manager on behalf of the Welsh Government of the Welsh language skills required to undertake the duties of this particular post.

Not necessary to undertake the duties of this post

Social Partnership

In Welsh Government, the relationship between the employer and trade unions is based on social partnership. We believe our goals can best be achieved by management and trade unions working together.

Our 3 recognised trade unions are:
•         PCS
•         Prospect
•         FDA

This relationship is underpinned by a partnership agreement. This sets out how our unions work with Welsh Government on issues such as:
•         pay
•         terms and conditions
•         policies and procedures
•         organisational change.

Our Welsh Government trade union colleagues work together to give their members a real say in the workplace. They make sure that the interests of their members are promoted and protected. They also help reduce inequalities and improve terms and conditions.

The Welsh Government has an excellent track record of working in partnership with its trade unions. We encourage staff to get involved. We support you to join a recognised trade union, to ensure your voice is heard in the workplace. and to learn more about trade unions and partnership working.

Competencies / Job Specific Criteria

The following job specifics skills are also ESSENTIAL for this role.  Please ensure you attach a CV which demonstrates your ability in relation to these skills.

  • In order for applicants to be considered for this role, they must hold an industry recognised Cyber specific certification such as SSCP (Systems Security Certified Practitioner) and be degree qualified in a relevant area of technology such as Computer Science, Software Engineering or have equivalent experience. Please ensure your CV evidences your certification and degree/equivalent experience.
  • Experience of managing security mechanisms and/or a background in system administration.
  • Knowledge and understanding of security concepts and controls, standards and best practice.
  • Knowledge and understanding of Microsoft operating systems and hardening approaches and good working knowledge of Microsoft office tools and applications.

    Assessment Process

    Throughout the entire assessment process, candidates will be assessed against Behaviours from the Civil Service Success Profile and the Digital Data and Technology (DDaT) capability framework. Please ignore any references you might see relating to competencies within our application system. You can find out more about Success Profiles and the DDaT Capability Framework here: Success Profiles, DDaT Capability Framework.

    Leadership, Seeing the Big Picture, Communicating & Influencing, Developing Self and Others, Analysis and Specific Security Technology & Understanding.

    Your application will be assessed in three stages:

    1) Sift Stage

    As part of your application you will be asked to upload a copy of your CV. This should be no more than 2 sides of A4. Anything above 2 sides of A4 will be discounted and will not be considered as part of the sift. Please remove from your CV your name and address to support us in undertaking a “name free” sift.

    • An initial sift will be carried out against your CV and the first essential job specific skill – evidence of Cyber certification and degree/equivalent experience in a relevant area of technology.
    • The remaining three job specific skills will be evaluated against CVs that have passed the initial sift.

     2) Technical Exercise Stage

    Candidates who have passed the sift stage will be invited to participate in a Technical Exercise (remote video session with Technical Panel).

    3) Interview Stage

    Candidates who have passed the Technical Exercise will be invited to participate in an Interview (remote video session with Interview Panel).

    Further information about stages 2 and 3 will be provided following the sift stage.

    Other Information

    • Unless stated otherwise in ‘actual starting salary’, all candidates will start at the minimum of the pay scale being appointed to (this includes existing civil servants).This is not negotiable.
    • Unless stated otherwise in ‘type of opportunity’, this recruitment advert is not open on a Loan or Secondment basis.
    • For more information on the eligibility criteria and terms and conditions for Loan and Secondment positions in Welsh Government, please see external recruitment candidate guidance.
    • Unless stated otherwise in ‘Location of Post’ the role/s recruited to via this campaign can only be worked in the UK, not overseas.
    Philip Anderton - 03000 625643

    How to apply

    All applications for this vacancy should be made online via the Welsh Government's online application system.  If you have an impairment which would prevent you from applying on-line, please e-mail SharedServiceHelpdesk@gov.wales to request an application pack in an alternative format, or to request a reasonable adjustment related to an impairment in order to submit your application.

    To apply, you'll need to have an account on our online application system.  Click the 'Apply' button below, and you'll be asked to 'Log in' if you already have an account, or 'Register' if you don't yet have an account.  Registration takes just a few minutes to complete.  You'll need an e-mail address to be able to register.  Once you've registered for an account and logged in, you'll be taken to the online application form, which you'll need to fully complete and submit before the deadline on the closing date.  

    If you’d like to apply for this vacancy in Welsh, please use the ‘Newid Iaith / Change Language’ link at the top of this page, to take you to the Welsh version of this advert, from which you can apply in Welsh.

    For further information regarding the Welsh Government recruitment process, please see the Recruitment Guidance for External Candidates (link).

    When evidencing your suitability for the post, it is recommended that you refer to the Civil Service Competency Framework (link)

    Grievance and Complaints

    Anyone who believes they have been treated unfairly, or has a grievance or complaint, about how the process was conducted should either write to the Head of Resourcing, Welsh Government, Cathays Park 2, Cardiff CF10 3NQ or email SharedServiceHelpdesk@gov.wales.  If you are unhappy with the outcome of the complaint raised with the Welsh Government and feel that the principles of appointment on merit through fair and open competition have not been met you have the right to pursue your grievance with the Civil Service Commission.

    This vacancy is closed to applications.