Back to main menu
Back to main menu
Life in the Civil Service
Back to main menu

Find opportunities that work for you...

Share your feedback, help us improve this site

Blogs from
our Security Team

What’s it like working in cyber security?

Lamisah, Cyber Security Analyst

I’ve always had an interest in technology, but I knew I didn’t want to go
to university after sixth form. So I explored other options and that’s when
I discovered apprenticeships.
My friends all chose to do the traditional university route since there was a whole stigma around apprenticeships that you’re overworked and underpaid. I wasn’t sure if I’d even find an apprenticeship in tech.
After plenty of research I came across the Government Cyber Security apprenticeship. I’d heard of cyber security before but not knowing much about it, I was curious to find out more and I’ve not looked back since.
I’m responsible for protecting the HMRC estate from cyber-attacks through e-mail channels. Once I identify a threat, I quickly ensure it’s isolated, cleansed and blocked. Cyber is a team sport so I also share intelligence with other teams, to strengthen the department’s security collectively. I also help develop phishing simulation exercises to educate staff and raise their awareness of phishing campaigns that they may receive.
Every day is different. Each day I learn about cyber criminals and their numerous attack methods.
As an apprentice, I thought I might have been treated differently but I have always felt included within my team since I joined. My manager is great and is keen to help me develop and grow.
Don’t forget that you’re getting paid too whilst you’re doing your apprenticeship so yes, you’re getting paid to learn. I’m continuously building my knowledge and developing new skills. I have attended training courses, learnt about topics like networking, open-source intelligence and cryptography. I’ve also been able to pick up new skills from my colleagues.
In the future, I hope to continue my security career developing my skills and knowledge through different projects and training courses and maybe gaining more qualifications in the process.

Jordan, Cyber Security Analyst

A few years back I did an HMRC industrial placement as a cyber security analyst. Now having finished university, I work full-time with the team. I was studying Computer Science at Northumbria University and applied to join HMRC on an industrial placement due to my interest in security. Early on I was asked to lead a project to develop a phishing detection tool to find phishing pages before they were ever sent out to the public. The project allowed me to show off my knowledge and I was given time to learn new tooling that I could then implement.
Working as an industrial placement is great for knowledge sharing. The team wanted to learn from what I had learnt at university, while a lot about the working environment and applied skills fed back into my degree. I could reuse many of the skills I had learnt to help with my dissertation, as well as the security-focussed modules.
After finishing my degree, I went straight back to HMRC, as I had enjoyed it so much the first time.
Since re-joining, the training opportunities have been great, I have already been put on two industry-leading courses with one ending in a certification. These cover incident handling, ethical hacking and open source intelligence. Long term I’m looking to get into more training to develop my cyber security skills further and become more well-rounded in cyber security.
Overall, the experience has been very positive, both as an industrial placement and upon my return. I have learnt a lot and have been allowed to develop further with great training opportunities. I’d highly recommend anyone who’s considering an industrial placement to apply for one at HMRC.

3 colleagues sat round a table with a laptop

What’s it like working in incident response?

Helen, Security Incident and Analysis Manager

I have been a civil servant for over 30 years and spent the first 24 years of
those working in the Department for Work & Pensions (DWP) before moving to the Ministry of Justice (MOJ) to run criminal and civil courts. After that I started my role as part of the HMRC Security Incident Management Team. Whilst I was at MOJ, General Data Protection Regulation (GDPR) was introduced and I started working within my courts to look at GDPR, focusing on retention periods whilst touching on all aspects. This led me to do more complex GDPR work on how MOJ was responding to the challenge, and when I saw a role advertised for HMRC which dealt with incidents and GDPR, I applied.
The Security Incident Management Team responds to incidents that are reported within HMRC.
The team highlights any trends and works with other stakeholders to reduce the risk, improve education, and ultimately aims to reduce the impact of the issues. HMRC has a good reporting culture, and the team must decide on what action needs to be taken for each.

For example, notifying the Information Commissioners Office (ICO) or if the incident needs to be reported to the top of the department and recognised as high severity.
Additionally, HMRC is keen on training, and I have completed HMRC’s security and risk training courses and UKGDPR courses. There are also many opportunities to attend security and incident management workshops and to network with other incident teams across government.
I enjoy the fact that the work is not routine, no two days are the same as you never know what is going to be reported and how it needs to be tackled.

For Careers Site 2

What’s it like working in personnel security?

Ben, Vetting Officer

I originally joined the Government Security Profession working with the security team at the Department for Business, Energy and Industrial
Strategy (BEIS) before moving seamlessly to HMRC, where I still
enjoy working in the Security Profession.
In BEIS, I managed security vetting for new entrants joining the department. I was supported with very good courses giving an overview and introduction to the security profession.
I currently work within HMRC Security on the vetting team. Vetting is an important aspect of personnel security, involving background checks for officials likely to be exposed to sensitive information. My primary focus is managing the many transfers and share requests that come into the department, which is an important role as this helps ensure that new staff and contractors joining hold the correct level of clearance for their line of work.
On joining the security team, I went on the Introduction to Protective Security course run by MI5 which covered the principles of physical and personnel security. We learnt about the risk of insider threat to government and some elements of cyber security such as the dark web, and at the end, we ran a simulated attack on an organisation.
Personnel Security work is varied and has given me the opportunity to work in other areas, such as vetting approval decisions, enquires and initiating new vetting applications, which helps to keep the work fresh. I hope to continue working in this area to learn and further develop my personnel security skills and am keen to find out more about the other pillars of security, cyber and physical.
HMRC Security is a great place to work with team members who are inclusive and engaging. My team is very open to my accessibility needs and are always available and willing to help with my day-to-day needs.

Three colleagues sat round a table, one is pointing at something on a laptop

What’s it like working in physical security?

Munawwar, Security Manager

I got into security as a part-time job when I was studying at university
and ended up working in the sector for 14 years. During this time, I did all
sorts of physical security work (retail, corporate and event security) and I’m
currently a Security Manager for HMRC. I decided to take a break from security and worked as a self-employed contractor in transport, but this all changed in March 2020 when the pandemic started. I struggled to get work but managed to get into HMRC, working for the Surge and Rapid Response Team.
I also worked on a Foreign, Commonwealth and Development Office (FCDO) deployment dealing with applications for emergency travel documents. Six months later I noticed a job advert for Security Manager, and I decided to apply for the role.

I started as Security Manager in Bristol. My main role is to carry out assurance checks on our security contractor. I act as a conduit between HMRC and our contractors, supporting with incident management, access control and providing advice on security policies, procedures and industry best practices.
I enjoy the dynamic nature of my job. I take great pride in being part of the solution, engaging with people and working to keep our building and occupants safe.
My plan is to stay in the security profession to use the experience and skills I have acquired over the last few years. I am currently working to complete my Level 5 Diploma in Security Management to give me an industry-recognised qualification alongside working on the threat risk assessment pathway. This will teach me how to assess threats faced by businesses, which will benefit my future career in security.

Bird's eye view of hmrc colleagues working around a table

Start your HMRC journey today by looking at the vacancies we have available.

Discover more about what we do, our business areas and life at HMRC.

Ask our employees questions for an insight into what it’s like to work at HMRC.

Find out more about the Security Profession