Cybercrime Technical Investigator

Discover a career in your hands at HMRC. The Cybercrime Team investigates the most significant online/digital fraud against HMRC to protect our services, customers and data from harm. We use our technical knowledge and capabilities combined with law enforcement powers to drive criminal justice outcomes and shape the security of HMRC's online services. The team is comprised of Technical Investigators, Operational Investigators, and Strategy & Business Managers.

We're looking for seven cybercrime, digital forensics, or cyber data analysts to join our Cybercrime Technical Investigators in our growing, fast-paced team. You'll need enthusiasm, curiosity, and a drive to innovate and learn. You'll specialise in one of the following areas (but will be familiar with all): digital forensic analysis; online service transaction log analysis; malware and phishing analysis / cybercrime landscape; conduct forensic examinations of devices and malware (on-site and in labs); analyse transaction logs to detect and evidence fraud; develop and validate new forensic methods; stay up to date with emerging cyber technologies; advise and consult operational policy and software teams on cybercrime threats and defences; analyse large, complex datasets using established and novel techniques; use internet tech knowledge to support fraud investigations against HMRC; maintain professional development and memberships; provide evidence and witness statements and attend court as needed; travel regularly to HMRC Regional Centres, especially Stratford or Nottingham. Applicants who wish to work alternative working patterns are welcome to apply; the preferred pattern may or may not be available, agreement will be subject to business need, and any request should be made prior to acceptance of the provisional offer.

• Join the Cybercrime Technical Investigators in the team and specialise in one or more areas while being familiar with all listed: digital forensic analysis; online service transaction log analysis; malware and phishing analysis; conduct forensic examinations of devices and malware (on-site and in labs); analyse transaction logs to detect and evidence fraud; develop and validate new forensic methods; stay up to date with emerging cyber technologies; advise policy and software teams on cybercrime threats and defences; analyse large, complex datasets; use internet tech knowledge to support fraud investigations; provide evidence and witness statements and attend court as needed; travel to Nottingham or Stratford regional centres.
• Discuss and arrange reasonable workplace adjustments where needed (flexible working, adjusted breaks, equipment, etc.).

• An industry-recognised qualification in Cybercrime, Cyber Security, or a related STEM/technical field (e.g. CompTIA, SANS GIAC, CISSP, OSCP, or a relevant degree).
• Experience in one or more of: cybercrime investigation; cyber security or incident response; digital forensics; technical data analysis.
• Ability to work under pressure and manage priorities in a fast-paced environment; strong communication skills to explain complex technical concepts.
• Desirable: understanding of tax systems and tax fraud investigations; scripting/programming or software development; familiarity with data analysis tools (e.g. Splunk, Maltego, i2, Elastic); Security Check (SC) clearance or willingness to apply; full UK manual driving licence.

Successful candidates will complete a 12-month Training and Assessment Programme (TAP), including Core Skills in Data Recovery & Analysis (College of Policing); either Firebrand Cybercrime Foundation courses or SANS401 & GIAC certification; Public and Personal Safety Training (PPST). Applicants must be cleared by an occupational health assessment to attend PPST; completion of PPST may affect eligibility for certain duties. National Security Vetting at SC level is required; UK residency requirements apply. See the advert for details.

Other information: flexible/hybrid working policies; attendance requirements for the Flexibility Payment; travel requirements; eligibility checks; DBS and IFD checks; plagiarism policy; and handling of applications in accordance with Civil Service Recruitment Principles.

• Salary: £37,682 with contributions to the Civil Service Pension scheme (£10,916 estimate).
• Flexible and Hybrid Working policies; generous leave (25 days rising to 30).
• Pension, family-friendly policies, personal support, coaching and development.

To learn more about HMRC benefits and what it's like to work for HMRC, see the official information for applicants and the Thinking of joining the Civil Service resource.