Junior Software Engineer (Technical Exploitation) - Stratford

About the job

Discover what it's like to work in a compliance role that makes an impact. Could you help us shape a stronger, fairer future? Your next career move starts here. HMRC is the UK's tax, payments and customs authority and we have a vital purpose: we collect the money that pays for the UK's public services and help families and individuals with targeted financial support.

HMRC's Fraud Investigation Service (FIS) is responsible for the department's civil and criminal investigations. FIS provides HMRC with an effective investigation arm to enforce the Department's compliance policies. This enables the Department to deliver against the strategic responsibilities across all the taxes and duties it administers. This includes complex offshore evasion, international smuggling of illicit excise goods, exports of controlled weapons and technology, labour market abuses, VAT and Self-Assessment repayment frauds and a host of other fraud attacks targeted at the tax system.

FIS is home to a wide range of people with a variety of skills and professional backgrounds - including accountants, cybercrime specialists, criminal justice professionals, tax professionals and operational delivery support teams to name but a few. We use a range of powers and approaches to protect funding for UK public services, investigating the most harmful tax cheats and ensuring nobody is beyond our reach.

Covert Operations, Digital Exploitation (CODE) sits within FIS. Working across Law Enforcement and government, CODE provides investigative tools and covert techniques to front-line investigations and works with key partners to develop and provide access to new technology and systems to enable investigators to respond to serious and complex tax evasion and crime.

The Technical Exploitation Development (TXD) team plays an integral role in His Majesty's Government's fight against serious and organised crime, supporting investigations totalling hundreds of millions of pounds each year. The team manages a diverse and rapidly increasing product portfolio, ranging from development of covert tools for mobile device data acquisition, computer and network exploitation, building custom radio frequency hardware, to the implementation of cutting-edge data visualisation platforms. Collaboration and capability sharing are critical to our mission so working alongside other Government and Law Enforcement agencies will ensure that no two projects nor two days are ever the same in this role.

The team is recognised across the LE and UKIC community as deep matter experts in a range of complex technical specialisms including software engineering, hardware electronics, radio frequency, computer and network exploitation, and reverse engineering.

To enable the rapid prototyping and production of bespoke capabilities, the team is split into two distinct functions:

• Engineering is responsible for managing the full stack development and testing of all bespoke solutions. This could include; developing tools to normalise, interrogate and visualise large datasets, command and control systems, to producing plugins and modules to extend functionality of commercial and in-house built tools.
• Exploit Development is responsible for conducting security research before producing specialist tools that assist in the exploitation of digital devices, encrypted communications and networks. All staff across both functions are expected to code and test to produce capabilities as part of the software development lifecycle.

Our tech stacks vary between products (some examples can be found under the essential criteria), so the team is encouraged to adopt new technologies and develop specialisms through guided support and training.

Person specification

You will be expected to:

• Carry out research and development of new equipment, tools and techniques to counter the threat, risk and harm posed by serious organised criminals.
• Participate in design, secure coding and testing of single components or modules of larger systems.
• Work as part of a skilled team sharing ideas, but also take the initiative to work independently when required.
• Participate in code reviews and pair programming with senior and lead engineers and exploiters.
• Break a problem down into its component parts to identify and diagnose root causes as well as troubleshoot and identify problems across different technology capabilities.
• Manage multiple priorities in a fast-paced environment.
• Adhere to and follow best practice guidelines and standards.
• Provide guidance, technical operational support and training in the installation and use of developed tools and techniques for deployment by investigation officers.
• Ensure all work is carried out within the requirements of the legal framework to be compliant in the law enforcement and legislative.

Essential Criteria:

• Experience of working in an agile software development or exploitation role focussing on user-centred design.
• Experience to demonstrate identifying user requirements, ability to design software, write secure code and implement testing methods.
• Experience of Continuous Integration (unit testing, TDD, Jenkins, Git).
• Experience with version control systems.
• Experience of working with tools for API, performance, accessibility and security testing.
• Demonstrate an awareness of information security and the types of security controls that can be used to mitigate security threats within solutions and services.
• Experience in one or more of the following languages: Python, Java, Go, Rust, C, Objective-C HTML, JavaScript, React, TypeScript, Vue.js, Node.js.
• And experience in at least one of the following technologies: Database: MongoDB, MySQL, PostgreSQL, SQLite Mobile app development: Android, iOS Logging and Visualisation: Elastic, Kafka, Spark, Graylog, Splunk Common exploitation/pen testing open source tools Digital Forensics and Cyber Security tools.

Desirable Criteria:

• Knowledge, understanding and practical application of the following pieces of legislation: Investigatory Powers Act (IPA 2016), Regulation of Investigatory Powers Act (RIPA 2000) and the associated Codes of Practices.

Other Information

In addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. Once in post you will be required to apply for Developed Vetting (DV) clearance which has a requirement for 10 years UK residency.

This post is open to 'UK Nationals Only'. CODE have a support network that can offer assistance to colleagues throughout the DV process. CODE understands the experience of obtaining DV clearance affects individuals differently with the process being in depth and intrusive. The network consists of CODE DV cleared volunteers who will be able to guide you through the process and systems and look to alleviate any concerns.

Flexibility Payment

This post attracts a Level 2 Flexibility Payment (FP) that is paid monthly with salary. This FP allows HMRC flexibility to change your work pattern, at short notice, to meet business needs. You will be expected to undertake periods of On Call. You will also be expected to work additional hours, at weekends and outside your normal working hours/days (including bank holidays). In applying for a position and accepting the FP you agree that you can and will meet those attendance requirements.

Note: Payment of FP is dependent on successful completion of role specific training and you will move to Level 2 FP eligibility in stages (see the attached document for details). FP levels are reviewed annually - on a business need and personal basis - and may be subject to change. Details of the Flexibility Payment can be found in the attached document.

Benefits

Alongside your salary of £42,631, HM Revenue and Customs contributes £12,350 towards you being a member of the Civil Service Defined Benefit Pension scheme. HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments. We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible, considering our operational and customer service needs. We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days. Pension - We make contributions to our colleagues' Alpha pension equal to at least 28.97% of their salary. Family friendly policies. Personal support. Coaching and development.

To find out more about HMRC benefits and find out what it's really like to work for HMRC hear from our insiders or visit Thinking of joining the Civil Service.

Things you need to know

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles, and will assess your Strengths and Experience.

How to Apply

As part of the application process, you will be asked to provide the following:

• A name-blind CV including your job history and previous experiences.
• A 750-word Personal Statement. Your Personal Statement should be used to describe how your skills and experience would be suitable for the advertised role, making reference to the Essential Criteria and Person Specification outlined in the advert.
• Please complete a separate statement (Max 250 words) for the Desirable Criteria where applicable. This is not essential for the role but may be considered by the vacancy-holder where candidates have the same scores at interview.

Further details around what this will entail are listed on the application form.

Sift

In the event of a large number of applications being received, an initial sift may be held on your CV. At full sift your CV, and your Personal Statement, will be assessed, with the successful candidates being invited to interview. We may also raise the score required at any stage of the process if we receive a high number of applications.

Interview

During the panel interview, your experience will be assessed, you will have a 15 minute presentation with follow up questions. The presentation handout will be provided to applicants invited to interview. You will also be asked strength-based questions to also explore what you enjoy and your motivations relevant to the job role. This is an example of a strengths-based question: "It is often said that the customer's needs should come first. To what extent do you agree or disagree with this statement?" There is no expectation or requirement for you to prepare for the strengths-based questions in advance of the interview, though you may find it helpful to spend some time reflecting on what you enjoy doing and what you do well. Interviews will take place via video link. Sift and interview dates to be confirmed.

Eligibility

Please take extra care to tick the correct boxes in the eligibility sections of your application form. Mistakes sometimes happen but if you contact us later than two working days (Monday-Friday) before the vacancy closes, we may not be able to reopen your application for you. If you do make a mistake with your eligibility form, please contact us via email.