Cyber Operations Vulnerability Analyst/Disclosure Programme Coordinator
| Dyddiad hysbysebu: | 05 Tachwedd 2025 |
|---|---|
| Cyflog: | £40,974 i £45,259 bob blwyddyn |
| Gwybodaeth ychwanegol am y cyflog: | Our cyber posts attract a skills based DDAT allowance. This post is subject to a DDAT skills assessed non pensionable allowance. In certain circumstances exceptional candidates may be eligible for a higher starting salary. |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 21 Tachwedd 2025 |
| Lleoliad: | London |
| Cwmni: | Government Recruitment Service |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 435663/1 |
Crynodeb
This is an exciting opportunity to contribute to the UK Government's cyber resilience efforts by helping to ensure public sector systems are better protected against cyber threats. In this role, you will improve cyber security and digital resilience across the entire public sector, set priorities that will shape the future of governmental functions, and deliver the outcomes of the Government Cyber Security Strategy (GCSS) into wider departmental objectives.
In June 2025, the Government Cyber Unit moved from the Cabinet Office to the Department for Science, Innovation and Technology (DSIT) as part of a machinery of government (MoG) change. This role is in scope to transfer to DSIT when the change takes effect. We are currently consulting with Trade Unions on which policies, terms and conditions will apply on transfer. The statement of changes applied to all other Cabinet Office staff will also apply to you if you are successful.
We are recruiting for complementary roles within the Government Cyber Coordination Centre (GC3): a Vulnerability Disclosure Programme Coordinator and a Vulnerability Analyst, both at HEO grade. These roles sit at the heart of the UK Government’s efforts to identify, manage, and mitigate cyber vulnerabilities across public sector systems.
The Vulnerability Disclosure Programme Coordinator will support the delivery and continuous improvement of the cross-government Vulnerability Reporting Service (VRS), working closely with departments and the security research community to ensure known vulnerabilities are effectively reported, tracked, and resolved. This role requires the maintenance of the digital service and technology, close stakeholder engagement, and the strategic coordination of vulnerability disclosure activities across government.
The Vulnerability Analyst will focus on technical triage, prioritisation, and urgent communication of vulnerabilities, providing protective advice and supporting operational responses to critical cyber vulnerabilities, threats, and incidents. This role will work closely with internal teams and external partners to understand risk and improve cyber resilience across government systems.
Both roles offer the opportunity to work in a fast-paced, collaborative environment at the intersection of cyber operations, digital resilience, and stakeholder engagement, contributing to the UK’s national cyber security efforts.
Responsibilities
Vulnerability Analysis:
- Support the triage and prioritisation of reported vulnerabilities, assessing potential impact and urgency;
- Assist in the coordination and tracking of remediation activities across government systems;
- Provide clear, actionable guidance to departments on improving security controls and reducing cyber risk;
- Contribute to the drafting and dissemination of protective guidance and alerts on critical vulnerabilities;
- Collaborate with internal teams and external partners to support effective vulnerability triage and response;
- Use available data and intelligence to inform operational decisions and targeted interventions;
- Support the Senior Vulnerability Analyst in delivering GC3’s objectives;
- Contribute to the GC3 cyber incident response function when required, supporting operational response activities.
Disclosure Programme Coordinator:
- Support the day-to-day operation of the Vulnerability Reporting Service (VRS), including triage, tracking, and coordination of reported vulnerabilities;
- Assist in the development and maintenance of documentation, guidance, and communications related to vulnerability disclosure;
- Contribute to the analysis of vulnerability trends and producing regular reporting outputs;
- Build relationships with stakeholders across government departments, and the security research community to support coordinated responses to vulnerabilities;
- Provide administrative and logistical support for governance forums and stakeholder meetings;
- Collaborate with the wider GC3 team to support incident response activities where appropriate;
- Escalate complex or high-priority issues to the Senior Coordinator and contribute to continuous improvement of processes.
Aelod balch o'r cynllun cyflogwyr Hyderus o ran Anabledd