Cybercrime specialist investigator

Information about the role of a cybercrime specialist investigator, including the role purpose, key responsibilities and the skills required.

About the role

A cybercrime specialist investigator is a digital and cybercrime position within the investigation sector of policing. It's a service deliverer role in the policing professional profiles.

Role purpose

The cybercrime specialist investigator undertakes reactive and proactive investigations and operations regarding offences relating to the Computer Misuse Act 1990(CMA). They also undertake reactive and proactive investigations and operations regarding linked offending and criminals identified within their own area of operations or where appropriately tasked.

They utilise the 4P (prepare, prevent, pursue, protect) approach in support of the national cyber security strategy and the serious and organised crime strategy.

They also offer cyber security advice to victims of CMA offending to reduce the risk of repeat victimisation and collaborate with other forces, regional organised crime units (ROCU) and national cybercrime teams as part of the national cybercrime network.

Key responsibilities

Key responsibility statements show the accountabilities for someone in this role. They focus on what is done, not how it is done.

Conducting investigations into offences falling within the remit of the specialist cybercrime unit to protect the public, mitigate the risk of offenders’ ability to commit crime and bring offenders to justice.
Offering cyber security advice to victims of CMA offending to reduce the risk of repeat victimisation.
Undertaking proactive cybercrime investigations and operations to protect the public, mitigate the risk of offenders’ ability to commit crime and bring offenders to justice.
Gathering, developing and disseminating intelligence at the appropriate local, regional, national and international level to protect the public, mitigate the risk of offenders’ ability to commit crime and bring offenders to justice.
Setting investigation strategies working with both force and regional line supervisors to protect the public, mitigate the risk of offenders’ ability to commit crime and bring offenders to justice.
Providing specialist technical advice and assistance to officers engaged in non-cyber investigations, for example, dark web, cryptocurrencies, to protect the public, mitigate the risk of offenders' ability to commit crime and bring offenders to justice.
Working closely with cyber prevent, ensuring appropriate risk assessments and deconfliction work is conducted on suitably referred nominals at risk of committing cyber criminality to divert to more positive outcomes.

Competencies, values and core skills

The competency and values framework (CVF) provides clear expectations for everyone working in policing. It describes the behaviours required by police officers and staff to be effective in their roles and uphold the Code of Ethics for policing.

Competencies

The CVF has six competencies, which are split into levels. These levels can be used flexibly to allow for a better fit with frontline and non-frontline policing roles, and at different levels of seniority.

This role should be operating at or working towards the following competencies.

We are emotionally aware – Level 1: practitioner

We take ownership – Level 1: practitioner

We collaborate – Level 1: practitioner

We support and inspire – Level 1: practitioner

We analyse critically – Level 1: practitioner

We are innovative and open-minded – Level 1: practitioner

Values

The CVF has three values. These values apply to everyone in policing, regardless of their role or seniority.

Courage

Respect and empathy

Public service

Core skills

All roles in policing have nine core skills in common. Skills are split into levels that represent the different levels of policing.

This role should be operating at or working towards the following core skills.

Communicating and influencing – Level 1

Problem solving – Level 1

Performance management– Level 1

Relationship management – Level 1

Change management – Level 1

Managing people – Level 1

Managing resources – Level 1

Planning – Level 1

Use of IT – Level 1

Education, qualifications and experience

To achieve effective performance in the role, the following standards should be met.

Previous education, qualifications and experience

Accredited PIP2 investigator (or equivalent) or working towards accreditation.

Proven recent experience of conducting complex reactive and proactive investigations, demonstrating a sound awareness of intelligence and evidential gathering techniques.
Demonstrate an ability to communicate confidently at all levels including the ability to convey technical matters to a non-technical audience.
Demonstrate an understanding of current technologies and display the ability to understand complex technical issues.
Demonstrate the ability to work with limited supervision as part of a small team, being able to prioritise workloads.
Have a broad understanding of the CMA, UK General Data Protection Regulation (UKGDPR) and associated legislation.

In-role education, qualifications and experience

To achieve effective performance in the role, the following training, learning and qualifications should be met.

Successfully complete the NPCC cyber foundation course or equivalent

Successfully complete the NPCC cyber pursue course or equivalent
Successfully complete the NPCC cyber incident response course or equivalent
Successfully complete the NPCC cyber cryptocurrency courses or equivalent
Successfully complete neurodiversity training provided through the NPCC cybercrime pathway.

Continuing professional development

Continuing professional development (CPD) enables everyone in policing to develop and gain recognition for their professional skills, knowledge and competence.

CPD ensures that we continue to provide high-quality policing to keep the public safe and help to drive career aspirations. Discussion of CPD is usually included as part of a professional development review (PDR) conversation.

Learning and accreditation

Complete all core training required by the force.
Any exemptions to learning and accreditation requirements are at chief constable discretion, in line with the local force policy.

Professional development

This role should consider the following CPD:

engaging in regular reflection on personal performance and associated impacts with particular reference to the competency and values framework
maintaining knowledge and understanding of the threats of cybercrime
maintaining knowledge and understanding of developments in cyber, cyber security and technology
maintaining knowledge of local safeguarding processes and ensuring own practice adheres to national good practice

Related roles

You can find other service deliverer roles in the: