Principal Security Analyst

The Security Operations Centre (SOC) at the Ministry of Justice (MOJ) is seeking a highly motivated and experienced Principal Analyst - Protective Monitoring and a Principal Analyst - Threat and Vulnerability Management to provide leadership and direction to our service. The MOJ SOC is undertaking significant development to its people, processes and technology and will be responsible for monitoring a significantly increased number of MOJ and HMCTS services. You will be a key part of the leadership team delivering these changes across the SOC. Principal Analyst in the Protective Monitoring Team. The Principal Analyst in the Protective Monitoring Team will play a critical role in safeguarding the MoJ's IT infrastructure, assets, and data. In addition to ensuring that the team operate effectively they will lead the ongoing development of the team as it onboards critical MOJ and HMCTS services through a new monitoring platform. They will be responsible for ensuring that SOC protective monitoring (ProMon) processes are efficient, effective, and aligned with best practices. The Principal Analyst will also engage with appropriate business and technical teams across the MOJ, and with associated 3rd parties to ensure appropriate Protective Monitoring plans and processes are defined and implemented. Principal Analyst Threat and Vulnerability Management. The Principal Analyst Threat and Vulnerability Management will be responsible for overseeing the operation and development of the MOJ Cyber Threat Intelligence capability. Additionally, they will further develop and refine core Vulnerability Management processes, helping ensure that MOJ Service Owners keep their systems and applications patched and protected. They will be responsible for ensuring that the team processes are efficient, effective, and aligned with best practices and has a development path. As Principal Analyst you will also engage with appropriate business and technical teams across the MOJ, and with associated 3rd parties, to ensure appropriate Threat Intelligence processes, including awareness, communication, and vulnerability management, are defined, and implemented. To help picture your life at MoJ Justice Digital please take a look at our blog and our Digital and Technology strategy 2025,

• Lead your team as it undertakes a significant change programme.
• Manage your team, prioritising activity with a focus on business output. Foster a collaborative and high-performing work environment.
• Develop goals and performance metrics in line with business needs; demonstrate progress against those goals.
• Develop and maintain relevant processes and procedures to ensure efficient and effective operation of the SOC.
• Develop and maintain relationships with teams across the MOJ and wider government to enable and integrate response to threats and incidents.
• Support development of the SOC through analysis of trends that identify risk and areas for improvement both internally and in the rest of the MOJ.
• Drive ongoing development of your team and the SOC overall aligned with the MOJ's Security Strategy, the MOJ's risk posture and best practice; identify, and, where possible, implement technologies, processes and training that will support that development.
If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!, Please review our Terms & Conditions which set out how we recruit and provide further information related to the role and salary arrangements.,
• You've been serving overseas with HM Forces or in some other official capacity as a representative of HM Government
• You were studying abroad
• You were living overseas with parents
In such cases you will need to be able to provide referee cover for the period(s) of residence overseas. The duration of overseas residence and the country of abode will also be taken into account. Success Profiles Success Profiles will enable a fairer and more inclusive method of recruitment by enabling us to assess the range of experiences, abilities, strengths, behaviours and technical/professional skills required for different roles. This flexible approach to recruitment focuses more on finding the right candidate for the specific role. To find out more about Success Profiles to support your application please click here for further guidance. if you feel that your application has not been treated in line with the Civil Service Recruitment Principles, please contact SSCL (Moj-recruitment-vetting-enquiries@gov.sscl.com) in the first instance Supporting document 1 Final 2 x Principal Security Analyst_Job Description Oct 24.docx - 197KB Opens in a new window Converted File Final 2 x Principal Security Analyst_Job Description Oct 24.docx.pdf - 104KB Opens in a new window We have provided detail of the assessment stages and areas being assessed to help you prepare for completing your application form, and to advise of what will be assessed following this, if you successfully pass the application stage.


• Proven experience leading and mentoring a security analyst team.
• Working knowledge of various security tools and technologies used in a SOC environment (SIEM, firewalls, EDR, etc.) OR Experience with threat intelligence tools and technologies (e.g., SIEM, threat feeds, threat modelling tools).
• Substantial experience in a Security Operations Centre (SOC) environment.
• Excellent analytical, problem-solving, and decision-making skills.
• Effective written and verbal communication skills, and collaboration and leadership skills.
• Ability to work effectively under pressure and manage multiple tasks simultaneously.
• Experience establishing goals for organisations and to establish a system of measuring effectiveness of goal attainment.
• Strong understanding of security best practices, frameworks (MITRE ATT&CK, etc.), and incident response methodologies.
• Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field OR equivalent experience.
Willingness to be assessed against the requirements for SC clearance The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.,
• Proven experience leading and mentoring a security analyst team.
• Working knowledge of various security tools and technologies used in a SOC environment (SIEM, firewalls, EDR, etc.) OR Experience with threat intelligence tools and technologies (e.g., SIEM, threat feeds, threat modelling tools).
• Substantial experience in a Security Operations Centre (SOC) environment.
• Ability to work effectively under pressure and manage multiple tasks simultaneously.
In Justice Digital, we recruit using a combination of the Government Digital and Data Profession Capability and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:
• Leadership
• Delivering at Pace
• Making Effective Decisions, To apply for roles in MOJ you will need to confirm your employment history for at least 3 years prior to the date of application so that pre-employment checks (BPSS) can be undertaken. If you have spent significant time abroad (a total of 6 months in the past 3 years) you would be required to give a reasonable account of the reasons why.
For some roles you will be required to successfully complete National Security Vetting at Counter Terrorism (CTC), Security Clearance (SC) or Developed Vetting (DV) level as a condition of appointment. To meet CTC/SC/DV requirements you will normally need to have been resident in the UK for at least 3/5/10 years prior to the date of application (The level of checks that are required are stated in the advert).

We're recruiting for Principal Security Analysts here at Justice Digital, to be part of our warm and collaborative Digital Infrastructure and Security Operations (DISO) team. DISO is part of Technology Services in Justice Digital, a modern and diverse workplace that promotes a healthy work-life balance and flexible working options.

The national salary range is £54,358 - £61,585, London salary range is £58,847 - £66,670. Your salary will be dependent on your base location Total pay in the range of '£50,001 to £60,000, £60,001 and over' are subject to capability, skills and experience. Salary may consist of base pay and a Recruitment and Retention Allowance (RRA) Number of jobs available 2 Detail of reserve list 12 Months Region National City/Town National Building/Site NATIONAL, Salary: London: £58,847 - £78,225 (which may include an allowance of up to £19,378) National: £54,358 - £73,450 (which may include an allowance of up to £19,092) Working pattern: Full-time, part-time, flexible working (There will be a requirement for some on-call responsibilities out of hours in the future. This will be recompensed in line with MOJ rates).,
• 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
• A £1k per person learning budget is in place to support all our people, with access to best in class conferences and seminars, accreditation with professional bodies, fully funded vocational programmes and e-learning platforms
• Staff have 10% time to dedicate to develop & grow
• Generous civil service pension based on defined benefit scheme, with employer contributions of 28.97% from April 1st 2024 (Contribution Rates)
• 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Kings' birthday. 5 additional days of leave once you have reached 5 years of service.
• Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
• Wellbeing support including access to the Calm app.
• Bike loans up to £2500 and secure bike parking (subject to availability and location)
• Season ticket loans, childcare vouchers and eye-care vouchers.
• 5 days volunteering paid leave.
• Free membership to BCS, the Chartered Institute for IT.
• Some offices may have a subsidised onsite Gym., London: £58,847 - £78,225 (which may include an allowance of up to £19378)
National: £54,358 - £73,450 (which may include an allowance of up to £19092) Closing Date