Connecting Talent to opportunity

Connecting Talent to opportunity

Cybercrime Analyst Higher Officer


Job Description:

Summary At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.

We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.

HMRC is the UK’s tax, payments and customs authority and we have a vital purpose: we collect the money that pays for the UK’s public services and help families and individuals with targeted financial support.

Digital Support and Innovation (DSI) sits within HMRC’s wider Fraud Investigation Service (FIS) responsible for the department’s civil and criminal investigation work. FIS ensures that HMRC has an effective approach to taking on the most serious tax evasion and fraud.

Working across Law Enforcement and government, DSI provides investigative tools and covert techniques to front-line investigations and works with key partners to develop and provide access to new technology and systems to enable investigators to respond to serious and complex tax evasion and crime. Job description The Cybercrime Team tackles the ever-changing cybercrime threats to our online services, creating a fluid work environment where the working days are rarely the same. You will be able to continually learn as the crime techniques evolve, be constantly challenged, and enjoy the thrill of the digital pursuit of sophisticated adversaries.

Responsibilities The Cybercrime team gather intelligence and investigate online fraud and its enablers, which provides evidence-backed risk insight and advice to shape the security of HMRC services.

The successful candidate will work collaboratively as part of the team, assisting in the technical analysis of seized devices and investigating the impact of cyber-crime on HMRC systems and services.

We are looking for a cybercrime and digital forensics analyst to join our growing team. You must possess real enthusiasm for the topic and drive, constantly looking for new methods to enhance our visibility, awareness and capabilities.

You will be building on skills by assisting senior colleagues with forensic analysis of digital media and services to support investigations and our understanding of criminal threats. Your analysis will provide operational learning from attacks to shape the design our digital services at national scale.

- Assist senior colleagues with the cybercrime aspects of HMRC criminal investigations by collating analysing and explaining a variety of internal and external data sources to support criminal justice outcomes.

- Provide expert witness statements and attending court in support of Criminal investigations as required.

- Assist in the forensic examination of relevant devices, including malware and intrusion analysis. This may include both on site examinations and laboratory-based acquisitions as well.

- Help test new forensic methodologies as required, carry out experiments to validate forensics findings and results.

- Keeping abreast of emerging technologies and methodologies that impact the work of the cybercrime team.

- Assist colleagues acting as a technical consultant assisting operational, policy and software development teams with advice on defensive and detective methods to counter cyber-crime threats.

- Assist in the analysis and manipulation of large complex data sets, devising new methods as required.

- Maintaining knowledge on cybercrime and cyber security through personal development and research.

Essential Criteria

- Demonstratable experience working in the Cyber Security/incident response/Digital forensics field.
- Possess an ability to examine digital devices in a methodical and precise way and have an aptitude for problem solving .
- Experience with commercial and open source digital forensic tools for example:
- X-Ways
- Cellebrite
- Volatility
- Able to adapt to a fast moving, changeable environment.
- This role requires National Security Vetting at Developed Vetting (DV) level clearance and you must hold DV vetting or be willing to apply for DV vetting.

Desirable criteria

- Scripting and programming, e.g. Python.
- Malware analysis tools, Disassemblers & Debuggers.
- Industry recognised certifications and qualifications within Information Security/Cyber Security/Digital forensics & attack methodologies (particularly to web services).
Examples include:
- Digital Forensics vendor specific qualifications.
- SANS GIAC certifications.
- CompTIA Certifications.
- Membership of professional bodies, like the CIISec, would be welcome.
- Knowledge of relevant UK law enforcement legislation would be helpful (CPIA, PACE, IPA, RIPA, CMA).