Cyber Fraud Analyst - HMRC - HEO

Location

Bristol, Cardiff, Leeds, Manchester, Stratford, Telford

About the job

Job summary

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it’s really like to work at HMRC.

Visit our YouTube channel to watch the full series and come and discover your potential.

The Fraud Prevention Centre (FPC) is a strategic capability within HMRC Security, designed to safeguard customers and the organisation against identity-related fraud and emerging threats. Its mission is built on three interconnected pillars: Protection, Detection, and Response, all underpinned by advanced threat intelligence and customer support. The Centre operates across multiple functional areas, including Proactive Protection, Customer Support & Response, and Strategy & Advisory, to deliver a holistic approach to fraud prevention.

Our team is rapidly growing as we invest in new technologies and capabilities, and we are in search of enthusiastic individuals who can help us in achieving our mission. We are continually improving the service we give to our customers and, in line with this, we are creating a new response and management team within the HMRC Fraud Prevention Centre.

Job description

We're looking for a proactive and analytical professional to support HMRC’s fight against identity fraud. You’ll help lead data-driven investigations into suspicious activity related to identity verification and authentication services, while working with the team and partners, acting as a key contributor in a team that supports customers and provides insight into identity fraud activity and proactive searching for threats. This is an exciting opportunity to make a real difference, working in a dynamic and evolving environment.

Person specification

• Manipulate and analyse large data sets and investigate suspicious activity.
• Learn, develop, and apply methods using data analytics techniques such as data mining, data matching, clustering analysis and outlier detection.
• Use basic scripting languages to develop visualisations and automate effective searches to build a growing analytical suite of capabilities that you can operate efficiently.
• Have strong communication skills and be able to demonstrate working across business and technical domains. You will have excellent interpersonal skills.
• Apply your knowledge of security and fraud risks to digital services.
• Support and deputise for the senior analysts, producing clear, insightful reports and presentations for senior stakeholders.
• You will be confident working in an environment that may flex its focus in response to emerging issues and have a delivery focus.
• You will be eager to learn and widen your experience in different areas of identity work.
• You will use your experience of scripting, for example SPL, Python, SQL, KQL to proactively search and discover anomalies.
• Be flexible and enthusiastic whilst working with some ambiguity as the team forms, grows and matures.
• Support senior managers in the reporting of metrics and support the wider aims of the HMRC Security Identity Team.
• Identify process improvement areas.

Essential Criteria

• Knowledge of fraud detection techniques, including behavioural analysis and anomaly detection and investigation and OSINT (Open Source Intelligence) methods.
• Data analysis skills and experience with large data sets, with proficiency scripting complex queries in analysis environments.
• Solid technical understanding of web and API services (e.g. cookies, IP addresses, authentication processes) and threats to those services from cybercrime actors and tools.
• Experience using Security Information and Event Management (SIEM) platforms, preferably in a security operations setting.  
• A sound understanding of Identity, Verification and Authentication principles   

Desirable Criteria

• A degree in Data Analysis, Data Science, Information Security, Cyber Security, or other Cyber qualifications eg SANS, or at least previous experience in a relevant cyber role.  
• Proven experience in fraud detection, cyber security, or threat intelligence within a large organisation.  
• Active use of at least one of the following: Python, SQL, KQL, SPL.