Internal Abuse Monitoring Analyst (Data Users)

Posting date:	01 April 2026
Salary:	£38,772 to £39,621 per year
Additional salary information:	National £38,772 to £39,621.
Hours:	Full time
Closing date:	14 April 2026
Location:	Manchester
Company:	Government Recruitment Service
Job type:	Permanent
Job reference:	454849/2

Summary

The Internal Abuse Monitoring Team plays a vital role in securing DWP systems and services including Universal Credit and other DWP Benefits and data systems, and ensuring the Department fulfils its responsibilities for the secure, appropriate and proportionate use of citizen data as dictated by legislation.

You will work as part of an innovative and service-orientated team of analysts, focused on the detection and investigation of inappropriate or malicious activity across a range of departmental data systems, providing comprehensive analysis of assurance alerts as well as proactive analysis of activity captured in system logs to quickly determine if behaviour/activity detected warrants closer investigation and whether data may have been accessed or used inappropriately. 

The Internal Abuse Monitoring Analyst (Data Users) collaborates with stakeholders across the Cyber Resilience Centre and wider security community to ensure an effective response to alerts and risks as they are identified, responding to developing fraud threats and security breaches against the Departments IT systems, triaging and progressing potential cases of malicious activity, using analytical tools and root-cause analysis techniques to do so.

The Internal Abuse Monitoring Analyst (Data Users) reports to the Senior Internal Abuse Monitoring Analyst (Data Users). The Internal Abuse Monitoring Team operates within DWPs Cyber Resilience Centre (CRC) and forms part of the Personnel Security and Insider Threat Monitoring Group (PSITMG).

Responsibilities

As an Internal Abuse Monitoring Analyst (Data Users) you will:

• Protect Departmental systems by Identifying vulnerabilities in back-end data system environments, and safeguard citizens’ data from internal threats, highlighting potential malicious activity by users.
• Use a range of data and system access to triage and respond to alerts that identify anomalies indicating internal abuse across the DWP estate, by staff with access to systems, data, and in some cases highly skilled staff with access to analytical tools as well as large data and intelligence sets.
• Interrogate activity captured in system logs to determine if data has been compromised.
• Develop positive working relationships with a range of key security stakeholders to ensure the timely and appropriate escalation of any potential abuse.
• Work collaboratively with project teams and developers regarding monitoring requirements as new data system capabilities are developed and introduced.
• Demonstrate adaptability, creativity, and professionalism at all times, and feed into the continuous improvement of the Team’s work.
• Have an understanding of personal data protection, the Department’s responsibility to protect the citizen data it holds, and ensure data held by CRC is stored and used appropriately and legally.

Due to the geographically dispersed nature of this team, this role will require occasional travel and overnight stays.

Proud member of the Disability Confident employer scheme

About Disability Confident

A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.