Vacancy -- Cyber Security Analyst
Purpose of Post:
The Welsh Government has made significant improvements to its IT technology over the last few years and is considered to be one of the leading UK public sector organisations in terms of Digital and IT capability. WG has recently completed a number of IT projects such as the move to Exchange 365, the transition away from the Government Secure Intranet (GSI) email, the rollout of new laptops to all WG staff (enabling flexible working) and the completion of a major application migration to Microsoft Azure. This has been captured in a GDS case study on best practice examples of Cloud migration (see https://www.gov.uk/government/case-studies/how-the-welsh-government-migrated-their-technology-to-the-cloud)
The Cyber Security Analyst is primarily responsible for the delivery of operational and where relevant technical, security services. This includes undertaking technical proactive monitoring, security change control, vulnerability scanning and similar functions as well as implementing proportionate risk management strategies to assess and document the threat to IT systems and networks.
As Cyber Security Analyst, you will:
- In Real Time, analyse alerts from intrusion detection and other security systems (SIEM, IDS, NIDS, AV, EPS, Firewalls etc.) and respond or escalate in a timely, appropriate and proportionate manner.
- Conduct analysis of logs from a wide range of infrastructure, and applications to monitor trends.
- Perform risk assessments and develop recommendations to optimise existing technology to improve the cyber defences.
- Investigate / escalate security incidents as appropriate ensuring clear communication is issued in a timely manner to the key stakeholders and the Incident Response Team.
- Remain up to date and informed with regards to IT threats and compromises, assess the threat, and develop a suitable counter measure or recommendation based on findings.
- Work on a rotational basis, partaking in daily checks which cover security alerts and checks of manufacturer’s websites for vulnerabilities in core infrastructure hardware, software and firmware.
- Use Media Intelligence to detect up and coming threats of interest, and respond to urgent emails from WG security and key stakeholders.
- Contribute and assist in the development of operational processes to support the vulnerability management capability.
- Assist in the management of security incidents as appropriate.
- Conduct cyber security investigations.
- Maintain policies and other security documentation.
- Chair / attend meetings and provide cyber security expertise.
- Undertake any other requirements as directed by the Senior Cyber Security Analyst.
The post offers significant opportunities to work with stakeholders and security experts within and outside of WG. The global cyber threat continues to evolve at a rapid pace so continuous learning and development will be key to ensuring that the cyber team continue to protect and defend WG IT systems effectively.
Welsh Government accepts the social definition of disability, in which it is recognised that barriers in society act to disable people who have impairments or health conditions or who use British Sign Language. We are committed to removing barriers so that all (or potential new staff) can perform at their best. The Equality Act 2010 uses the medical definition of disability (“a physical or mental impairment which has a substantial and long-term impact on a person’s ability to carry out normal day to day activities”).
We guarantee to interview anyone who is disabled whose application meets the minimum criteria for the post. By ‘minimum criteria’ we mean that you must provide us with evidence in your application which demonstrates that you generally meet the level of competence for the role and any qualifications, skills or experience defined as essential. We are committed to the employment and career development of disabled people.
If you have an impairment or health condition, or use British Sign Language and need to discuss reasonable adjustments for any part of this recruitment process, or wish to discuss how we will support you if you were to be successful, please email SharedServiceHelpdesk@gov.wales as soon as possible and a member of the team will contact you to discuss your requirements and any questions you may have.
A Great Place to Work for Veterans
Welsh Language Requirements
The Welsh Government is a bilingual organisation and Welsh language skills are considered an asset to the organisation. We encourage and support staff to learn, develop and use their Welsh language skills in the workplace.
The following list of language requirements represents an objective assessment by the line manager on behalf of the Welsh Government of the Welsh language skills required to undertake the duties of this particular post.
In Welsh Government, the relationship between the employer and trade unions is based on social partnership. We believe our goals can best be achieved by management and trade unions working together.
Our 3 recognised trade unions are:
This relationship is underpinned by a partnership agreement. This sets out how our unions work with Welsh Government on issues such as:
• terms and conditions
• policies and procedures
• organisational change.
Our Welsh Government trade union colleagues work together to give their members a real say in the workplace. They make sure that the interests of their members are promoted and protected. They also help reduce inequalities and improve terms and conditions.
The Welsh Government has an excellent track record of working in partnership with its trade unions. We encourage staff to get involved. We support you to join a recognised trade union, to ensure your voice is heard in the workplace. and to learn more about trade unions and partnership working.
Competencies / Job Specific Criteria
Keeping in mind the Grade Description above, you should present your Personal Statement in the context of the following 5 Behaviours:
Specific Security Technology and Understanding – You can understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities. (Relevant DDaT skill level: working)
Communication Skills (Security) - You can effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders. (Relevant DDaT skill level: working)
Leadership – You consider the impacts of own and team’s activities on stakeholders and end users.
Seeing the Big Picture – You remain alert to emerging issues and trends which might impact your work area.
Making Effective Decisions – You analyse and use a range of relevant, credible information from internal and external sources to support decisions.
The following job specifics skills are also ESSENTIAL for this role. Please ensure you attach a CV which demonstrates your ability in relation to these skills.
- Candidate holds or is working towards an industry recognised Cyber specific certification such as SSCP (Systems Security Certified Practitioner).
Throughout the entire assessment process, candidates will be assessed against Behaviours from the Civil Service Success Profile and the Digital Data and Technology (DDaT) framework.
Leadership, Seeing the Big Picture, Making Effective Decisions, Communicating & Influencing, Developing Self and Others, Specific Security Technology & Understanding and Communication Skills (Security).
Your Personal Statement will be assessed in two stages:
- An initial sift will be carried out against the two DDAT Skills included in the ‘Areas to Evidence’ section. This includes Specific Security Technology & Understanding and Communication Skills (Security).
- The Personal Statement of candidates who have passed the initial sift will then be further assessed against the three Success Profile Behaviours included in the ‘Areas to Evidence’ section. This includes Leadership, Seeing the Big Picture and Making Effective Decisions.
Your Personal Statement should not exceed 1500 words - any content that exceeds the 1500 word limit will be discounted.
Your CV will be used to help inform the panel of your career history, however it will not contribute to your overall sift score. CV's should be no longer than 2 sides of A4
Sift outcomes are expected to be issued at the beginning of July. If you are successful at sift, you will not be able to request your sift scores until the full assessment process has completed.
All candidates that are successful at sift, will be invited to participate in an assessment event. This will consist of two parts:
Part 1 – Technical Exercise (remote video session with Technical Panel)
Part 2 – Interview (remote video session with Interview Panel)
Further information about these stages will be provided following the sift stage.
Following the assessment events, outcomes are expected to be issued at the start of August.
Unsuccessful candidates who have achieved the minimum score across all required behaviours will have the opportunity to be held on a WG ‘reserve’ list for 12 months from the date of the outcomes being issued. If additional roles become available or existing roles become vacant during this time, WG may offer the role to the highest scoring candidate on the reserve list. If they decline, WG may offer the role to the next highest scoring candidate and so on.
- 31 days holiday (plus 10 public and privilege holidays)
- Permanent position
- Personal development budget
- Home working
- The latest ICT kit
- Death in service cover
- Flexible working hours
- Cycle to Work Scheme - a brand new bike up to £1000, saving at least 32%
- Childcare Vouchers Scheme, saving up to £933/year
- Contributory pension scheme
Our Commitment to Equality
Due to current under-representation in the organisation, candidates who declare that they are disabled or from a black or minority ethnic (BAME) background will automatically be put forward to the Assessment Gateway if their application meets the minimum criteria. We can only do this if candidates provide this information in their application. Information on BAME candidates will be taken from the equality monitoring form and it is important that you complete this as part of your application.
How to apply
All applications for this vacancy should be made online via the Welsh Government's online application system. If you have an impairment which would prevent you from applying on-line, please e-mail SharedServiceHelpdesk@gov.wales to request an application pack in an alternative format, or to request a reasonable adjustment related to an impairment in order to submit your application.
To apply, you'll need to have an account on our online application system. Click the 'Apply' button below, and you'll be asked to 'Log in' if you already have an account, or 'Register' if you don't yet have an account. Registration takes just a few minutes to complete. You'll need an e-mail address to be able to register. Once you've registered for an account and logged in, you'll be taken to the online application form, which you'll need to fully complete and submit before the deadline on the closing date.
If you’d like to apply for this vacancy in Welsh, please use the ‘Newid Iaith / Change Language’ link at the top of this page, to take you to the Welsh version of this advert, from which you can apply in Welsh.
For further information regarding the Welsh Government recruitment process, please see the Recruitment Guidance for External Candidates (link).
When evidencing your suitability for the post, it is recommended that you refer to the Civil Service Competency Framework (link)
This vacancy is closed to applications.