Lead Cyber Security Analyst - #1710224

Position: Lead Cyber Security Analyst

Band: 5

Salary: £57,954 - £65,400

Location: Liverpool/Newport/Norwich/Birmingham

Term: Permanent

CCS: What We Do

We are the largest public procurement organisation in the UK. We help thousands of public and third sector buyers in the UK with over £20 billion being spent through our agreements each year.

There has never been a better time to join CCS, as we aim to make public sector procurement as simple as possible through the digitisation of our workflows, we embrace the latest technology and invest in our people offering excellent career development opportunities.

If you can see yourself contributing to this journey, supporting the public and joining our diverse team of over 800 colleagues, the next chapter of your career may be with our #CCSFamily.

Job Description

Would you like to be a part of a digital transformation journey and be part of a growing team that is constantly evolving? Do you want to be involved in work that has a meaningful purpose? If yes, then this could be the role for you!

CCS is on an exciting digital transformation journey. We are reviewing our entire business and delivering new and improved digital technologies to enhance the services we provide, the ways we work, and how we interact with our customers, suppliers and other stakeholders. We’re implementing a new cyber security function as part of Agile digital delivery within our growing team, and the pace and scale of change within the Directorate is unprecedented.

Job Summary

In this critical role, establishing and leading our newly formed cyber security team, you will be responsible for understanding, detecting and responding to cyber threats and vulnerabilities affecting the Services we operate, as well as leading on regular IT Health Check’s, resolving any issues identified that need addressing, and working with Operations and Development teams to prevent these issues in the future.

This role reports to the Head of Service and Infrastructure, and is responsible for setting standards, developing policies and processes and operating and continually improving the team’s monitoring and response capabilities.

Directorate Overview

Digital and Data Services (DDS) supports our digital and technology design, implementation and service delivery. They maintain our digital systems and work with other teams to deliver the business plan with a digital mindset.

Team Summary

The post sits within the Digital Services (DDS) Service Management team, responsible for the ongoing development, delivery and support of digital services to internal and external users. Reporting to the Head of Service and Infrastructure, you will head up our new cyber security team, working alongside cross-functional product teams, leading in the design, development and enablement of automated monitoring processes, advising on the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity, while communicating directly with leadership on the progress and status of cyber threat monitoring and response.

Key Responsibilities

• Leading on the wider implementation of a monitoring strategy, ensuring roadmaps are achieved as expected, ensuring requirements, policies and standards to govern all activities and outputs are met
• Lead monitoring, triaging, and investigation of security alerts on Azure and AWS platforms to identify security incidents
• Review high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring
• Lead the cyber security team in the design, development and enablement of automated monitoring processes, advising on the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity, while communicating directly with leadership on the progress and status of monitoring
• coordinate the triage and remediation of identified threats using a risk-based approach, working closely with service teams and developers to ensure that appropriate mitigation measures are implemented
• work closely with other teams within the Directorate and Information Security to proactively reduce cyber security threats and vulnerabilities
• produce regular reporting which delivers insights on security monitoring activities and the impact on cyber security risk
• establish a detailed understanding of our data security and architectures enabling the delivery of consistent security advice
• define requirements for improving and expanding our security tooling
• develop and update internal plans, processes, and knowledge base articles
• support wider Cyber Defence activities
• line manage, act as an escalation point for, and provide coaching and mentoring to Security analysts

Essential Criteria (To be assessed at application):

• A track record in cyber security leadership, strategy development and planning in large and complex organisations, with demonstrable technical security knowledge of modern security concepts, principles and technologies for Azure, AWS, and SaaS.
• Expert knowledge of typical threats and attack vectors with appropriate monitoring and remediation strategies.
• experience using a variety of sources of information to identify, analyse and report on relevant threats and vulnerabilities.
• Developed problem solving skills including addressing complex technical security and process challenges that ensure delivery at pace to an appropriate risk appetite.
• Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders, influence stakeholders and create easy to consume articles such as blogs, policies and presentations.

Desirable

• Experience of day-to-day management of multi-disciplinary teams of cyber security professionals.
• Experience deploying, configuring and using vulnerability assessment (such as Tenable and the NCSC’s Active Cyber Defence Toolkit) and Attack Surface Management tools
• Experience using cloud provider monitoring tools such as AWS CloudWatch, CloudTrail and GuardDuty for threat monitoring, alerting and response

In the event of a strong pool of candidates, desirable will be used as a second sift

Success profiles (To be assessed at interview):

Behaviours:

• Delivering at Pace
• Managing a Quality Service
• Making Effective Decisions
• Changing and Improving
• Working Together

Technical:

• understanding of security event analysis and remediation specific to AWS Cloud environments and workloads.

Working flexibly, delivering outcomes

CCS is a flexible business with a smarter working model where our colleagues benefit from a mix of home and office working. Successful candidates are expected to work from one of the office locations listed. Our current office attendance approach requires a minimum of 26 days per quarter (approx 2 days per week, which may be subject to change) in CCS office locations or off site meetings with suppliers, customers, partners, networking / industry events. This is pro rata for those who work part time. Our smarter working principles mean that our people have the advantage of both office and offsite based collaboration and learning, as well as working from home. This way of working allows us to honour our commitment to being a responsible business, offer flexibility and better work life balance as well as ensuring we deliver our business with confidence and in accordance with our CCS values.

Benefits

In return for your skills we offer:

• Competitive salary
• Generous pension scheme
• A discretionary non-contractual performance related bonus
• Working remotely in addition to working in advertised office location
• Flexi time scheme (available for B1-B6)
• Minimum 25 days annual leave to a maximum service related 30 days excluding bank holidays

At CCS, we actively support, promote and celebrate our differences for the benefit of our employees, suppliers andcustomers. CCS is proud to be an equal opportunities employer. CCS believes that diversity and inclusion is critical to our success and we seek to recruit, develop and retain the most talented people.

We want to make our recruitment process accessible to everyone, so if there is any way that we can support you, please contact [email protected]