NCSC Cybersecurity Customer Incident Notification Lead Ref. 1530
The National Cyber Security Centre (NCSC) is the UK’s authority for cyber security advice and incident management. It is a fundamental part of how we aim to make the UK the safest place to live and work online. Part of GCHQ, the NCSC manages national cyber incidents, provides an authoritative voice and centre of expertise on cyber security, and delivers tailored support and advice to departments, regulators and industry. We are offering you an exciting opportunity to join our Active Cyber Defence team as a Customer Incident Notification Lead.
THE ROLE
This is a key role in the NCSC flagship Protective DNS (PDNS). PDNS is part of Active Cyber Defence (ACD) Programme, which mitigates significant volumes of cyber-attacks targeting the UK.
This is a fantastic opportunity for an experienced incident manager or someone with a strong cyber security background and customer engagement experience. The role will sit at the forefront of a new model of customer engagement and incident resolution designed to achieve impact at national scale. The successful candidate will direct a funded program of work to automate the delivery of analysis & actions and guidance to victims of cyber-attack at scale across UK Government and Public Sector. There is scope to become involved in the technical implementation, however primarily this role is to impart experience & NCSC wisdom into automated processes to scale messaging and value to vulnerable organisations in the UK.
The PDNS project blocks malicious DNS requests across thousands of government departments across the UK. As an extension of this service, we are exploring new ways to notify the customers of this of compromises and configuration errors. This work will form a prototype for NCSC capability and will represent significant precedent for NCSC operations into the future.
The successful candidate will have the following responsibilities:
• Leading the development of an end user notification system (portal) as subject matter expert
• Drawing on their own and others’ experience and expertise in victim engagement and communication around cyber security incidents
• Work with contractor to develop novel solutions for messaging and influencing behaviour at scale
• Liaise closely with NCSC Incident Management to cross over skills and identify opportunities between business areas
• Ownership of Automated Incident Notification for the PDNS project
• Prototype techniques for presentation of metrics and actions
• Ensure robust processes are built by engaging and collaborating with key stakeholders
While the role is challenging, our flexible working policy ensures a healthy work-life balance. Wherever possible, we accommodate reduced hours or job share options, balanced against business needs.
REQUIREMENTS
There is scope for this to be a technical role, and it will rely on technical experience and understanding; however, stakeholder management and customer engagement are critical elements of the job. The right candidate will have some customer engagement, guidance or incident management experience and will have a strong technical background, preferably with a computer networking or cybersecurity focus.
Essential skills:
• Practical experience with cybersecurity incidents/analysis
Or
• Experience configuring enterprise computer networks (preferably DNS elements)
The following would also be advantageous, but may be developed in the role. The ability to understand the core concepts is more relevant:
• Previous experience with Notification Systems (e.g. AbuseSA, or other alerting and notification systems)
• Knowledge of DNS and its relevance to cybersecurity
• Experience configuring DNS in enterprise networks
• An understanding of the basis tenants of cybersecurity
Interpersonal and Business skills:
• Customer engagement skills (desirable)
• Strong communication & presentation skills
TRAINING AND DEVELOPMENT
At GCHQ we’re proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes. As an organisation that values and nurtures talent, we’re committed to helping you fulfil your potential. With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we’ll enable you to flourish in your role and perform to the very best of your abilities.
ABOUT US
As one of Britain’s intelligence agencies, we unlock the complex world of communications to keep our nation safe. We work closely with MI5 and MI6, our partners in the intelligence community, to safeguard Britain’s people, interests and businesses from various threats. Think cyber-attacks, espionage, terrorism, and organised crime. It’s challenging, varied and meaningful work that you simply won’t find anywhere else.
SALARY
Salary of £31,883 (on a pro rata basis should you work reduced hours).
LOCATION
Cheltenham or London
SELECTION PROCESS
To apply for this position, you must meet our nationality, residency and security requirements. You’ll find more details here: Recruitment Process
As users of the disability confident scheme, we also guarantee to interview all disabled candidates who meet the minimum criteria for our roles.
Once we’ve established that you meet our eligibility criteria, the next steps of this selection process are:
- Application Form
- Personal interview*
- Drug test
*Interviews will be held in Gloucester during the week commencing 8th October 2018 .
If you successfully complete these stages, you’ll receive a job offer, conditional upon you completing our developed vetting (DV) process which enables you to obtain the level of security clearance required to perform this vital role.
The closing date for applications is 17th September 2018.
Competency Levels
Change and Innovation Intermediate Desirable
Contribution to Delivery Intermediate Desirable
With and Leading Others Intermediate Desirable
Managing the Customer Relationship Intermediate Essential
Corporate Vision and Efficiency Intermediate Desirable
Communications and Knowledge-Sharing Higher Desirable
Analysis and Decision-Making Higher Desirable Higher Desirable
This Program / Vacancy is closed to applications.