2,962 Cybercrime jobs in the United Kingdom

Cybercrime Technical Investigator - Nottingham Regional Centre - Unity Square About the job

Job summary

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC.

Visit our YouTube channel to watch the full series and come and discover your potential.

Cybercrime Team Overview

The Cybercrime Team investigate the most significant online/digital fraud against HMRC to protect our services, customers and data from harm. We use our technical knowledge and capabilities combined with law enforcement powers to drive criminal justice outcomes and shape the security of HMRC's online services.

The team is comprised of three areas:

• Technical Investigators - Experts in digital forensics, log analysis, malware, and cybercriminal tactics. They support investigators from detection to court evidence.
• Operational Investigators - Use intelligence and legal powers to identify and investigate criminal actors targeting HMRC.
• Strategy & Business Managers - Set the team's vision and priorities, aligning with HMRC's wider strategy and Risk Treatment Plan and Tactical priorities.

Job description

We're looking for seven cybercrime, digital forensics, or cyber data analysts to join our Cybercrime Technical Investigators in our growing, fast-paced team. You'll need enthusiasm, curiosity, and a drive to innovate and learn.

You'll specialise in one of the following areas (but will be familiar with all):

• Digital forensic analysis
• Online service transaction log analysis
• Malware and phishing analysis / Cybercrime landscape

Person specification

Key Responsibilities

• Conduct forensic examinations of devices and malware, both on-site and in labs
• Analyse transaction logs to detect and evidence fraud
• Develop and validate new forensic methods
• Stay up to date with emerging cyber technologies
• Advise and consult operational policy and software teams on cybercrime threats and defences
• Analyse large, complex datasets using established and novel techniques
• Use internet tech knowledge to support fraud investigations against HMRC
• Maintain professional development and memberships
• Provide evidence and witness statements and attend court as needed
• Travel regularly to HMRC Regional Centres, especially Stratford or Nottingham

Essential Criteria:

Candidates must have:

• An industry-recognised qualification in Cybercrime, Cyber Security, or a related STEM/technical field (e.g. CompTIA, SANS GIAC, CISSP, OSCP, or a relevant degree).
• Experience in one or more of the following:
  • Cybercrime investigation
  • Cyber security or incident response
  • Digital forensics
  • Technical data analysis

• Ability to work under pressure and manage priorities in a fast-paced environment.
• Strong communication skills, able to explain complex technical concepts to varied audiences.

Desirable Criteria:

Desirable criteria may be used to differentiate candidates with equal interview scores.

• Understanding of tax systems and tax fraud investigations
• Experience in scripting, programming, or software development
• Familiarity with data analysis tools (e.g. Splunk, Maltego, i2, Elastic)
• Security Check (SC) clearance or willingness to apply for it
• A full UK manual driving licence

We recognise that some people cannot drive due to a disability or underlying health condition and may not be able to meet this requirement. Where this applies, you can apply but will need to declare that you require a reasonable adjustment at the point you receive a provisional offer. The vacancy holder will then discuss your specific requirements to consider if this can be reasonably accommodated in this role.

Additional Security Information :

The successful candidate will be required to apply for Developed Vetting (DV) clearance level once in post but must already hold or be willing to obtain Security Check (SC) clearance level before starting the role.

In addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. Once in post you will be required to apply for Developed Vetting ( DV ) clearance which has a requirement for 10 years UK residency. If you have any questions about this residency requirement, please speak to the vacancy holder for this post. This post is open to 'UK Nationals Only'.

Applicants who wish to work alternative working patterns are welcome to apply. The preferred working pattern may or may not be available, agreement will be subject to business need, and any request to work an alternative working pattern should be made prior to your acceptance of the provisional offer.

Depending on individual circumstances and the requirements of the role we may be able to make reasonable workplace adjustments such as flexible working, adjusting breaks and time to complete tasks, providing alternative office equipment, software etc. A successful applicant would be able to discuss this with their manager.

Candidates must live within reasonable daily travel of either Nottingham Regional Centre or Stratford Regional Centre.

Further Information

Training Requirements

Successful candidates will complete a 12-month Training and Assessment Programme (TAP), which includes:

• Core Skills in Data Recovery & Analysis (College of Policing)
• Either Firebrand Cybercrime Foundation courses or SANS401 & GIAC certification

Public and Personal Safety Training (PPST)

Applicants will be required to be cleared by an occupational health assessment to be able to attend a public and personal safety training (PPST) course. Successful completion of the PPST is required to undertake duties away from the office for this role. Failure to pass and maintain the PPST certificate may affect receipt of the flexibility payment.

Flexibility Payment:

This post attracts a Level 2 Flexibility Payment (FP) that is paid monthly with salary. This FP allows HMRC flexibility to change your work pattern, at short notice, to meet business needs. You will be expected to undertake periods of On Call. You will also be expected to work additional hours, at weekends and outside your normal working hours/days (including bank holidays).

In applying for a position and accepting the FP you agree that you can and will meet those attendance requirements.

FP levels are reviewed annually - on a business need and personal basis - and may be subject to change.

If you currently receive the Flexibility Payment, which may include Transition Protection and/or a Maintained Pension Value, moving to a new role may affect your payments

Qualifications

An industry-recognised qualification in Cybercrime, Cyber Security, or a related STEM/technical field (e.g. CompTIA, SANS GIAC, CISSP, OSCP, or a relevant degree).

Behaviours

We'll assess you against these behaviours during the selection process:

• Delivering at Pace
• Communicating and Influencing

Technical skills

We'll assess you against these technical skills during the selection process:

• Technical Skills will be assessed at interview by way of a presentation and technical questions.
• Details regarding the presentation will be provided prior to interview.

Benefits

Alongside your salary of £37,682, HM Revenue and Customs contributes £10,916 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments. We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible, considering our operational and customer service needs.

We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days.

• Pension - We make contributions to our colleagues' Alpha pension equal to at least 28.97% of their salary.
• Family friendly policies.
• Personal support.
• Coaching and development.

To find out more about HMRC benefits and find out what it's really like to work for HMRC hear from our insiders or visit Thinking of joining the Civil Service

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

How to Apply

As part of the application process, you will be asked to provide the following:

• A name-blind CV this must include MAX 250 words for career history and MAX 250 words for Skills and experience.
• A 750-word personal statement. Evidence how your skills and experience would be suitable for the role, referring to the essential criteria as well as the personal specification outlined in the advert.

Please complete a separate statement (Max 250 words) for the Desirable Criteria where applicable. This is not essential for the role but may be considered by the vacancy-holder where candidates have the same scores at sift or interview.

Further details around what this will entail are listed on the application form.

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Sift

A sift will be carried out on your CV and Personal Statement.

In the event of large number of applicants, an initial sift will be carried out on the CV.

Candidates who are successful at sift will be selected for interview and further tested against Experience, Technical skills and the Behaviours; Delivering at Pace and Communicating & Influencing.

Your desirable criteria statement will not be scored and will only be used in the event of a tie break.

We may also raise the score required at any stage of the process if we receive a high number of applications.

Interview

During the panel interview, your experience will be assessed, and you will be asked behaviour-based questions to explore in detail what you are capable of.

Your technical Skills will also be assessed at interview by way of a presentation and technical questions. Details regarding the presentation will be provided prior to interview.

Interviews will take place face to face. Sift and interview dates to be confirmed.

Eligibility

Please take extra care to tick the correct boxes in the eligibility sections of your application form. We understand mistakes sometimes happen but if you contact us later than two working days(Monday-Friday) before the vacancy closes, we will not be able to reopen your application for you. If you do make a mistake with your eligibility form, please contact us via: - Use the subject line to insert appropriate wording for example - 'Please re-open my application - (insert vacancy ref) & vacancy closing date (insert date)'.

To check that you are eligible to apply for this role, please review the eligibility information before submitting your application.

Reserve List

A reserve list may be held for up to 12 months from which further appointments may be made for the same or similar roles - if this applies to you, we'll let you know via your Civil Service Jobs account.

Merit List

After interview, a single merit list will be created, and you will only be considered for posts in locations you have expressed a preference for. Appointments will be made in strict merit order in line with the set number of roles in each location.

Criminal Record Check

Applications received from candidates with a criminal record are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.

Reasonable Adjustments

We want to make sure no one is put at a disadvantage during our recruitment process. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate.

If you need a change to be made so that you can make your application, you should:

• Contact the UBS Recruitment team via as soon as possible before the closing date to discuss your needs.

Complete the "Assistance required" section in the "Additional requirements" page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you're deaf, a Language Service Professional.

Additional Security Information

Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.

Important information for existing HMRC contractual homeworkers:

Please note that this role is unsuitable for contractual homeworkers due to the nature and/or requirements of the role.

Terms and Conditions

Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement, this will be tested as part of the selection process.

HMRC has a presence in every region of the UK. For more information on where you might be working, review this information on our locations.

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide in your application must relate to your own experiences.

Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant application(s) will be withdrawn from the process.

Recording of interviews is prohibited unless explicit agreement is sought in line with the UK General Data Protection Regulations.

Questions relating to an individual application must be emailed as detailed later in this advert.

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant's details held on the IFD will be refused employment.

A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

New entrants will join on the minimum of the pay band.

Please note that, if you are applying for roles on a part-time basis, the salary agreed will be pro-rata, reflective of the working hours agreed within your contract.

If you experience accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

For more Information for people applying for, or thinking of applying for, roles at HM Revenue and Customs, please see link: Working for HMRC: information for applicants - GOV.UK.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).