Triage Incident Co-ordination and Tasking (TICAT) Manager Cyber

Triage Incident Co-ordination and Tasking (TICAT) is the single point of entry into the NCCU for reporting new information and intelligence relating to serious cyber-crime.

Job description

The team has three core functions:

Triage: The team is responsible for the receipt, triage and assessment of referrals into the National Cyber Crime Unit, including crime reports from NIFB and actionable intelligence from various partners.

Incident Coordination: The team coordinates live time cyber incidents requiring an immediate Law Enforcement response. Providing liaison between the NCCU and key partners, principally the National Cyber Security Centre, Regional Organised Crime Units and key international partners.

Tasking: TICAT is the conduit for tasking operational work for both national and regional cyber teams, ensuring adherence to the framework provided by the National Cyber Tasking mechanism. TICAT works closely with NCCU Operational Support and Regional Organised Crime Units to manage pro-active and reactive tasking and operational capacity across Team Cyber UK.

Please Note:
All NCA officers must hold SC Enhanced upon entry as a minimum. Failure to achieve SC Enhanced will result in the job offer being withdrawn. Individuals will be required to undertake and pass a substance misuse test as part of pre-employment checks.
Some NCA roles require officers to obtain DV Enhanced within 12 months of entry. If DV Enhanced cannot be obtained the officer will be required to move to a non-DV role

NCA welcomes applications from individuals with a range of neurodivergent thinking styles and from those who may require reasonable adjustments


Key Responsibilities

• Managing a multi-functional team who are engaged in dynamic and high profile work.

• Performing a day time cyber Duty Officer function. Being responsible for the initial decision making and the actions performed by TICAT in response to cyber incidents.

• Undertaking a relationship manager role with key partners – NCSC incidents Team, ROCU Cyber investigations, NFIB cyber and FBI, USSS, and DoJ attachés.

• Investing personal and team time in debriefing and exercising. Ensuring a high quality of service is provided in response to Cyber criminality in the UK.

• Briefing NCCU senior management on new and emerging incidents relaying the wider threat picture, as seen by TICAT, to the NAC and threat leads.

To be successful in this role, you will be comfortable managing a team of experienced multi-disciplinary officers, providing them with regular operational guidance and working collaboratively with both internal and external stakeholders to achieve a common and shared operational objective.

Experience Criteria:

Prospective candidates should have an extensive experience of serious organised crime investigations, with particular knowledge of cybercrime investigations and intelligence landscape within law enforcement.

Essential Criteria:

• The post holder must hold a PIP2 Accreditation.

Desirable Criteria:

• Lead Officer or equivalent training
• CPIA / RIPA Training

***All NCA officers must hold SC Enhanced upon entry as a minimum. To meet the National Security Vetting requirements for this role you will need to have resided in the UK for a minimum of 3 out of the past 5 years. For more information please see the Candidate information Pack***


The following qualifications/skills are essential to the role and proof will be required at interview:

• The post holder must hold a PIP2 Accreditation.

Please ensure the dates of any accreditations you are relying on, are entered on to the CV.

Should you progress to the assessment stage of the process, you will be required to provide a copy of the original certificate.

Failure to provide evidence at interview may result in your application not progressing to the next stage.


We'll assess you against these behaviours during the selection process:

  • Delivering at Pace
  • Leadership

Technical skills

We'll assess you against these technical skills during the selection process:

  • A good understanding of relevant legislation (UK and international law) affecting Agency activity.
  • A good understanding of Cyber Crime investigations, incident management and intelligence.
  • Experience of managing a multi-disciplinary team within a dynamic environment.
  • Effective risk management and decision when managing competing demands.

Apply Today!