Cloud Network Security Analyst

Job Title: Cloud Network Security Analyst

Location: Hybrid
Duration: 6 Months
Start Date: ASAP
Rate: Competitive (Inside IR35)

We want to maximise the potential of everyone who chooses to work for us. We offer a great work life balance. You have the opportunity to work at any of our brand-new Regional Centres and to also work remotely. Contracts vary in length dependent upon the project with the possibility to extend.

Your time spent with us short or long term will be invaluable - your skills and expertise are needed to deliver the largest projects in Government. There really couldn’t be a better time to join HMRC for your new contract opportunity!

Role Purpose

HMRC Security is responsible for protecting the confidentiality, integrity and availability of HMRC systems and data across onpremises and cloud environments. The Cloud Network Security Analyst will provide specialist expertise in securing HMRC's cloud networking, ensuring services hosted on AWS and Azure meet departmental policies, technical standards and NCSC best practice.

This role supports HMRC’s move to securebydesign cloud platforms and underpins critical services run by Enterprise Cloud Services (ECS), Cyber Security Technical Services (CSTS) and wider delivery teams.

Key Responsibilities

Cloud Network Security

• Implement and assure network security controls for cloud platforms (AWS & Azure) in line with the HMRC Cloud Security Standards and Controls.
• Support enforcement of shared responsibility boundaries across IaaS/PaaS/SaaS, working with ECS and CSTS as described in the HMRC cloud assurance model (Layers 13).
• Validate secure configuration of virtual networks, subnets, routing, security groups, NSGs, private link, WAF rules and ingress/egress controls.

Network Security Policy & Configuration Assurance

• Ensure that network controls adhere to the HMRC IT Network Security Policy requirements for protecting information traversing HMRC networks (onpremise or cloud).
• Review firewall policies in line with the Firewall Security Standard (rule management, change control, logging/monitoring).
• Support secure DNS, WiFi, access control and perimeter design aligned to HMRC’s network security service definitions.

Vulnerability & Security Testing

• Work with CSTS to prepare cloud environments for security/vulnerability testing of applications and infrastructure, ensuring correct access and configuration.
• Support vulnerability scanning and configuration assessment against cloud benchmarks (e.g., CIS, MSSB) in accordance with the HMRC Vulnerability Management Security Standard.
• Track cloudrelated vulnerabilities through remediation with platform, network, and product teams.

Monitoring & Incident Response

• Use cloudnative monitoring (e.g., Defender for Cloud, AWS Security Hub) to identify misconfigurations, highrisk findings and anomalous network traffic, in line with HMRC’s posture management processes.
• Provide specialist cloud network input into cyber incident investigations led by CSTS/Cyber Ops.

Architectural & Delivery Support

• Provide expert advice to delivery teams to ensure securebydesign approaches following HMRC Security Principles and cloud patterns.
• Assess proposed designs submitted via the Security Front Door and recommend improvements to reduce attack surface.
• Contribute to threat modelling, architectural reviews and change governance.

Essential Skills & Experience

• Handson experience designing, securing or managing network configurations in AWS and/or Azure.
• Strong understanding of cloud networking: VPCs/VNets, subnets, routing, peering, private endpoints, microsegmentation.
• Knowledge of firewall rule management, intrusion prevention and network access controls, aligned to HMRC standards.
• Experience supporting vulnerability management programmes, cloud posture assessment, or security testing.
• Ability to interpret and apply security policies, standards and NCSC Cloud Security Principles.
• Ability to communicate technical risks clearly to nontechnical colleagues.

Desirable Skills

• Experience with HMRC cloud platforms (ECS AWS/Azure) or government cloud security frameworks.
• Knowledge of Zero Trust networking concepts.
• Certifications such as AZ500, AWS Security Specialty, CCSP, or networking/security qualifications.

Our Values

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact your designated recruiter to request accommodation.