Fraud Proactive Protection Lead - Bristol

About the job

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC. The Fraud Prevention Centre (FPC) in HMRC Security is a growing area, focusing on countering fraud across HMRC services and providing secure Identity and Access Management services for customers. Our mission is to protect our customers and their online accounts from malicious actors, providing a high-quality customer service and support.

Our team is rapidly growing as we invest in new technologies and capabilities, and we are in search of enthusiastic individuals who can help us in achieving our mission. We are continually improving the service we give to our customers and in line with this we are creating a new response and management team within the HMRC Fraud Prevention Centre.

Job description

Join HMRC's Fraud Prevention Centre and lead the fight against online fraud. We're looking for a Fraud Proactive Protection Lead (Grade 7) to spearhead fraud detection and response across HMRC's digital services. This is a high-impact leadership role where you'll drive proactive strategies to identify, disrupt, and prevent fraudulent activity at scale. You'll oversee digital profiling of user interactions, manage complex risk rules to automate interventions, and lead investigations into anomalies and suspicious behaviours.

Working at the heart of HMRC's transformation, you'll be ensuring the effective exploitation of our growing range of technical capabilities, including advanced analytics, fraud detection and behavioural analytics, and threat intelligence with big data and SIEM platforms like Splunk, enabling real-time interventions and data-driven decisions. You'll also collaborate with FPC Customer Operations, compliance teams in Risk, Intelligence and Fraud Investigation, and cyber security specialists to deliver joined-up fraud prevention and incident response. Your work will directly protect millions of taxpayers, safeguard public funds, and strengthen HMRC's digital resilience against evolving threats to identity and access services.

Essential Criteria:

• Proven experience in fraud detection, cyber security, or threat intelligence within a large organisation.
• Experience using data analysis and Security Information and Event Management (SIEM) platforms, such as Splunk or ELK, preferably in a security operations setting.
• Good technical understanding of web and API services and interaction with client applications, including identity proofing authentication processes.
• Knowledge of applying kill chain methodology and MITRE ATT&CK, including the use of threat intelligence feeds to classify and detect threat actor activity.
• Knowledge of fraud detection techniques, including behavioural analysis and anomaly detection and investigation and OSINT (Open Source Intelligence) methods.
• Strong understanding of cyber security principles, including threat intelligence and incident response.
• Skilled in reporting, presenting, and visualising complex data in creative, digestible formats for different audiences, from senior leaders to development teams.
• Software development and scripting skills in a security or counter-fraud context.
• Experience of leading in a technical field, developing others and sharing knowledge.

Desirable Criteria:

• Experience of applying machine learning and advanced analytics techniques in fraud detection.
• Certifications such as CISM or relevant GIAC qualifications in network defence, threat intelligence and incident handling.
• Academic qualifications in science, technology, engineering or maths subjects.

Security clearance: This role requires SC clearance to take up duty but, candidates must be willing and able to obtain DV clearance once in post. Please note: DV clearance requires continuous UK residency for the past 10 years.

Benefits

• Alongside your salary of 58,541, HM Revenue and Customs contributes 16,959 towards you being a member of the Civil Service Defined Benefit Pension scheme.
• HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments.
• We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days.
• Pension - We make contributions to our colleagues' Alpha pension equal to at least 28.97% of their salary.
• Family friendly policies. Personal support. Coaching and development.

Hybrid working at HMRC

HMRC is an office-based organisation, and colleagues are expected to spend 60% of their working time in the office. Our offices provide opportunity for interaction, collaboration which aids learning and development and a sense of community. Where the role allows it, and where the home environment is suitable, colleagues can work from home for up to 2 days a week, averaged over a calendar month.