Nominet

Domain Abuse Operational Analyst

Nominet  •  Oxford, GB (Hybrid)  •  1 month ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Contract Type: Permanent

Location: Hybrid, with a minimum of 20% in the Oxford office per month

About Us:

We’re Nominet – a world-leading domain name registry operating at the heart of the UK internet. While we're best known for running .UK domains, our DNS expertise also underpins critical internet infrastructure that government services, including the NHS, rely on.

As a public benefit company, our work has a positive impact on society. We’ve donated millions to projects that use technology to improve people’s lives and have committed to delivering £60m worth of support over the next three years.

The Role:

The Domain Abuse Operational Analyst plays a vital role in Nominet’s mission to make .UK the safest country code top-level domain (ccTLD) in the world. This role is focused on the day-to-day operational management of domain abuse reports, supporting investigations, and helping to ensure timely and effective mitigation of malicious activity.

As a key member of the Domain Abuse team, you will be responsible for triaging abuse reports, conducting investigations, and supporting the continuous improvement of detection and response processes. Your work will directly contribute to the health and integrity of the .UK registry and help protect users from online harm.

This is an ideal opportunity for someone with a strong interest in cyber threat operations and a desire to build hands-on experience and develop their skills further.

What You'll Be Doing:

  • Investigating domain abuse reports using internal tools and open-source intelligence (OSINT), escalating complex cases when needed

  • Supporting operational workflows and identifying ways to improve our tools, processes and automation

  • Assisting in the development and refinement of detection rules and identifying patterns in malicious activity

  • Liaising with registrars and other external stakeholders to help resolve abuse cases

  • Collaborating with internal teams (Security, Policy, Legal etc.) to support a coordinated abuse strategy

  • Maintaining accurate records and contributing to reporting, knowledge sharing and continuous improvement

About You:

  • Working knowledge of common cyber threats (phishing, malware distribution, domain hijacking, and fraud)

  • Experience with ticketing and documentation systems to correctly record evidence, actions, and decisions.

  • Curious and analytical mindset with a strong interest in cyber threats and online safety

  • Understanding of using tools like WHOIS/RDAP and open-source intelligence platforms

  • Strong communicator with the ability to summarise investigations clearly and accurately

  • Comfortable following standard operating procedures and suggesting improvements

Nice to have:

  • Awareness of cyber threat intelligence (CTI) and its application in operational environments

  • Initial understanding and appreciation of regulatory considerations affecting domain abuse (for e.g., GDPR) and legal requirements around online safety

  • Understanding of DNS and domain infrastructure, and experience with relevant tools such as WHOIS/RDAP, passive DNS, amongst others.

  • Basic scripting or data analysis skills to support investigation or automation

  • Experience working with registrars, ISPs, or within DNS environments

What To Expect Next:

  • 1st stage: Introduction call with a member of the TA team (30 mins)
  • 2nd stage: Hiring manager interview (60 mins) (upfront preparation for a given scenario will be required)
  • 3rd stage: Values interview (30 mins)

What We Offer:


  • Hybrid & Flexible Working

  • Early Finish Friday – Working week of 34 hours with full-time pay. (Finish at midday on Friday) 

  • 30 days of annual leave plus bank holidays, with the ability to purchase an additional 5 days. 

  • Private Medical Insurance + Employee Assistance Programme 

  • Medicash

  • Pension Scheme (Matched to 7%)

  • Annual Bonus Scheme 

  • Family Leave (Enhanced)

  • Electric vehicle scheme with on-site charging points* 

  • Rewards platform with access to discounts at hundreds of shops, restaurants etc.*
    *Flexible Benefits

Diversity Statement:

We're passionate about creating a workplace where every individual is valued, respected, and empowered. Somewhere we can benefit from all forms of diversity and discover the true value in our differences. If there are any adjustments we could make to the recruitment and selection process to support you, please let us know

Security Statement

Nominet is committed to the safeguarding and welfare of the internet and expects all employees and volunteers to share this commitment by participating in the relevant security and screening processes. All roles working for Nominet will be subject to a Baseline Personnel Security Standard (BPSS) check. Some roles due to the nature of their work, will require additional security clearance.

Nominet

About Nominet

Nominet is the custodian of the UK’s national domain name registry.

Since 1996, we have underpinned critical national infrastructure, provided domain name services, and been a force for good in the UK’s digital economy and the global internet community.

Through our work and the projects we support, we aim to create positive societal impact; transforming lives by shaping a safer, more interconnected and inclusive world.

Industry
IT & Software
Company Size
201-500 employees
Headquarters
Oxford, GB
Year Founded
Unknown
Website
nominet.uk
Social Media