NCSC Cybersecurity Customer Incident Notification Lead Ref. 1530

The National Cyber Security Centre (NCSC) is the UK’s authority for cyber security advice and incident management. It is a fundamental part of how we aim to make the UK the safest place to live and work online. Part of GCHQ, the NCSC manages national cyber incidents, provides an authoritative voice and centre of expertise on cyber security, and delivers tailored support and advice to departments, regulators and industry. We are offering you an exciting opportunity to join our Active Cyber Defence team as a Customer Incident Notification Lead.

THE ROLE

This is a key role in the NCSC flagship Protective DNS (PDNS). PDNS is part of Active Cyber Defence (ACD) Programme, which mitigates significant volumes of cyber-attacks targeting the UK.

This is a fantastic opportunity for an experienced incident manager or someone with a strong cyber security background and customer engagement experience. The role will sit at the forefront of a new model of customer engagement and incident resolution designed to achieve impact at national scale. The successful candidate will direct a funded program of work to automate the delivery of analysis & actions and guidance to victims of cyber-attack at scale across UK Government and Public Sector. There is scope to become involved in the technical implementation, however primarily this role is to impart experience & NCSC wisdom into automated processes to scale messaging and value to vulnerable organisations in the UK.

The PDNS project blocks malicious DNS requests across thousands of government departments across the UK. As an extension of this service, we are exploring new ways to notify the customers of this of compromises and configuration errors. This work will form a prototype for NCSC capability and will represent significant precedent for NCSC operations into the future.

The successful candidate will have the following responsibilities:
•    Leading the development of an end user notification system (portal) as subject matter expert
•    Drawing on their own and others’ experience and expertise in victim engagement and communication around cyber security incidents
•    Work with contractor to develop novel solutions for messaging and influencing behaviour at scale
•    Liaise closely with NCSC Incident Management to cross over skills and identify opportunities between business areas
•    Ownership of Automated Incident Notification for the PDNS project
•    Prototype techniques for presentation of metrics and actions
•    Ensure robust processes are built by engaging and collaborating with key stakeholders

While the role is challenging, our flexible working policy ensures a healthy work-life balance. Wherever possible, we accommodate reduced hours or job share options, balanced against business needs.

REQUIREMENTS

There is scope for this to be a technical role, and it will rely on technical experience and understanding; however, stakeholder management and customer engagement are critical elements of the job. The right candidate will have some customer engagement, guidance or incident management experience and will have a strong technical background, preferably with a computer networking or cybersecurity focus.

Essential skills:
•    Practical experience with cybersecurity incidents/analysis
Or
•    Experience configuring enterprise computer networks (preferably DNS elements)

The following would also be advantageous, but may be developed in the role. The ability to understand the core concepts is more relevant:

•    Previous experience with Notification Systems (e.g. AbuseSA, or other alerting and notification systems)
•    Knowledge of DNS and its relevance to cybersecurity
•    Experience configuring DNS in enterprise networks
•    An understanding of the basis tenants of cybersecurity

Interpersonal and Business skills:
•    Customer engagement skills (desirable)
•    Strong communication & presentation skills

TRAINING AND DEVELOPMENT

At GCHQ we’re proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes. As an organisation that values and nurtures talent, we’re committed to helping you fulfil your potential. With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we’ll enable you to flourish in your role and perform to the very best of your abilities.

ABOUT US

As one of Britain’s intelligence agencies, we unlock the complex world of communications to keep our nation safe. We work closely with MI5 and MI6, our partners in the intelligence community, to safeguard Britain’s people, interests and businesses from various threats. Think cyber-attacks, espionage, terrorism, and organised crime. It’s challenging, varied and meaningful work that you simply won’t find anywhere else.

SALARY

Salary of £31,883 (on a pro rata basis should you work reduced hours).

LOCATION

Cheltenham or London

SELECTION PROCESS

To apply for this position, you must meet our nationality, residency and security requirements. You’ll find more details here: Recruitment Process

As users of the disability confident scheme, we also guarantee to interview all disabled candidates who meet the minimum criteria for our roles.

Once we’ve established that you meet our eligibility criteria, the next steps of this selection process are:

- Application Form
- Personal interview*
- Drug test

*Interviews will be held in Gloucester during the week commencing 8th October 2018 .
    
If you successfully complete these stages, you’ll receive a job offer, conditional upon you completing our developed vetting (DV) process which enables you to obtain the level of security clearance required to perform this vital role.

The closing date for applications is 17th September 2018.

Competency Levels
    
Change and Innovation        Intermediate         Desirable
Contribution to Delivery    Intermediate         Desirable
With and Leading Others        Intermediate         Desirable
Managing the Customer Relationship    Intermediate         Essential
Corporate Vision and Efficiency        Intermediate         Desirable
Communications and Knowledge-Sharing        Higher             Desirable
Analysis and Decision-Making Higher Desirable        Higher        Desirable