GDS looks to hire a GOV.UK Verify security expert

Government thinks it may need a spot of cyber security expertise to cover off any possible threats to the national federated Digital identity service

Posted 28 June 2018 by

Think you can spot the ways hackers could get into GOV.UK Verify? Then we have some good news: the Government Digital Service (GDS) wants to give you a job.

It’s just advertised for a six-month opportunity under the general heading, ‘Cyber security and identity risk advisor to conduct ongoing research into risks and threats to the UK identity ecosytem.’

With a pretty tight deadline – you have to submit your application by midnight on Tuesday, 3rd July, next week – the Service says it needs a researcher to come into its Whitechapel HQ to help work up analysis on threats to the Identity ecosystem that could be used by a fraudster trying to get through the identity verification process.

The work scope includes reviewing existing models for indicative costs for different sources of identity evidence and availability relating to specific countries, and you’ll also be expected to “monitor and assess trends in identity fraud on the dark web”, plus work with the Security Operations team to use this information to combat Identity fraud.

The context of your work: GDS’s Identity Standards and Fraud Prevention team is responsible for understanding the risks and threats of Identity crime and identity fraud from organised crime groups and other threat actors – work undertaken in partnership with the public, private and academic sector.

This research is the key component used for the the development and design of the UK government’s identity standards and assurance model, we are told in the job ad, which says any applicant must possess the Minimum Baseline Personnel Security Standard at least, while the essential skillset you must be able to offer must include:

  • Minimum 5 years experience analysing the risks and threats to identity ecosystems in the UK and globally
  • Minimum 5 years previous experience utilising the dark web and analysing the capabilities and behaviours of organised crime
  • Minimum 5 years academic research experience into cybersecurity and identity risks
  • Previous experience of working or collaborating with law enforcement, security and military organisations on cybersecurity and identity risks.

One last thing: you must be ready to on-board no later than Monday, 30th July.

We recommend suitable candidates apply for this fascinating and challenging position. Good luck!