Security Engineering Technical Lead

Justice Digital and Technology

View: 104

Update day: 01-06-2024

Location: Sheffield Yorkshire and the Humber

Category: Mechanical / Technical High Technology Electrical / Electronics

Industry:

Job type: Contract

Salary: £54,274 a year

Loading ...

Job content

Security Engineering Technical Lead

Closing Date: Friday 15th October 2021

Location:London, Birmingham, Sheffield, Nottingham & Glasgow

Salary Range:£54,274 London, £50,427 National
Interviews: 1st November 2021

The Role
We’re recruiting for a Security Engineering Technical Leadhere at MoJ Digital & Technology, to be part of our warm and collaborative SSIGG team.

This role is critical to the protection of the Ministry of Justice’s technology systems and services, and the vital information they contain and process.

Our Operational Security Team (OST) provides excellent security support to many different digital and technology teams, as well as suppliers and partner organisations, across the Ministry of Justice. The aim of the team is to provide constant vigilance against attacks, respond when they do occur, and continuously seek out ways to improve the security of our systems.

In this role you will be responsible for the Security Operations Engineering team within OST. Your team is responsible for building, developing and maintaining our security capabilities which we make available to the wider Digital and Technology organisation. These would include tools like Security Information and Event Management, Security Orchestration, Automation and Response, Log Management, Investigations etc. You will also build processes around these tools to help our wider team, and those we support, get the best value from them.

Your role will also involve seeking out other areas for security automation and central tooling to help other teams keep their services as safe and secure as possible.

Building and implementing technical capabilities is only part of the role, however, and an important part of your work as one of our technical leaders will be developing our skills and experiences.

Cyber security is one of the top departmental strategic risks and this role will be instrumental in measuring the impact of the work of the teams and how they are contributing to mitigating the risk. It will also be responsible for holding the teams to account for delivery and for ensuring their mitigation work is proportionate and represents good value for money.

To help picture your life at MoJ D&T please take a look at our blog and our Digital & Technology strategy.

Key Responsibilities:

  • Responsible for the implementation of our security monitoring strategy, ensuring roadmaps are achieved as expected, ensuring requirements, policies and standards to govern all activities and outputs are met.

  • Running, supporting and continuously improving each security service you are responsible for to ensure they meet user needs.

  • Develop and own the security engineering product roadmap.

  • Lead monitoring, triaging, and investigation of security alerts on security monitoring platforms to identify security incidents.

  • Review high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring.

  • Support your multi-disciplinary team in the design, development and enablement of automated security processes, advising on the tools, techniques and procedures to detect malicious activity, while communicating directly with stakeholders on the progress and status of this work.

  • Develop and coach others, both in your team and the broader cyber area, to bolster their understanding of security engineering methods and techniques. Provide technical management, continuous improvement and direction to the team.

  • Create and maintain team technical processes, Standard Operating Procedures (SOPs) and technical input into playbook documentation with a goal of automating repeatable tasks within the team for optimal and efficient service delivery.

  • Develop KPIs and dashboards to present cyber security posture to senior management.

If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!

This is a Grade 7 role with a salary of£54,274 London, £50,427 National
plus great benefits:

  • 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
  • We are committed to nurturing our staff and provide lots of training and development opportunities with learning platforms such as: Linux Academy, O’Reilly, Pluralsight, Microsoft Learning, Civil Service Learning, GDS Academy, etc.
  • 10% dedicated time to learning and development with a budget of £1000 a year per person
  • Generous civil service pension based on defined benefit scheme, with employer contributions of 26-30% depending on salary.
  • 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Queens’ birthday. 5 additional days of leave once you have reached 5 years of service.
  • Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
  • Wellbeing support including access to the Calm app.
  • Nurturing professional and interpersonal networks including those for Careers & Childcare, Gender Equality, PROUD and SPIRIT
  • Bike loans up to £2500 and secure bike parking (subject to availability and location)
  • Season ticket loans, childcare vouchers and eye-care vouchers.
  • 5 days volunteering paid leave.
  • Free membership to BCS, the Chartered Institute for IT.
  • Some offices may have a subsidised onsite Gym.

Person Specification

Essential

  • Strong knowledge of security monitoring approaches, techniques and widely-used products. Experience of developing and implementing monitoring strategies, supporting and encouraging a team of security analysts as they use tools and other techniques to seek out potentially malicious activity and improve the organisation’s security posture.

  • Experience of running and developing a team of technical engineers, ideally in the field of security monitoring and orchestration. You will be familiar with coaching, mentoring, and supporting people at different stages of their career, managing a portfolio of work, whilst delivering at pace - and providing effective delegation and support to a team.

  • Experience with security operations, processes and techniques (such as identity management, cryptography, patch management etc). Good knowledge of threats to widely used digital and technology systems, including on-prem and cloud-based solutions.

  • Enabling and informing on risks, working with risk advisors to provide feedback and support on risk impact. Propose realistic and pragmatic mitigations to identify risks and work with the product / project team to implement effective mitigations.

  • Used to using innovative approaches, driving continuous improvement and collaborating effectively across teams.

Desirable

  • Understanding security implications of transformation - Can interpret and apply understanding of policy and process, business architecture and legal and political
implications in order to assist the development of technical solutions or controls.

  • Knowledge and experience of ISO27000 and other information security frameworks.

  • Research and development experience, building and automating common and best practice security team processes and activities.

  • Knowledge of security architectures, in particular for modern digital services, including how they are developed and operated at scale.

  • Experience with the management of external stakeholders such as managed service providers

  • Knowledge and understanding of good practices for SecDevOps and cloud security.

  • Experience of ITIL Foundation v3 (or similar qualification)

We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.

Our values are Purpose, Humanity, Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.

How to Apply

Candidates must submit a CV and a cover letter which describes how you meet the requirements set out in the Person Specification above.

In D&T, we recruit using a combination of the Digital, Data and Technology CapabilityandSuccess Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:

  • Leadership
  • Managing a Quality Service
  • Making Effective Decisions
  • Changing & Improving
  • Delivery at Pace

Your application will be reviewed and sifted against the Person Specification above by a diverse panel.

Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference.

Should we receive a high volume of applications, a pre-sift based on you providing both your CV and cover letter will be conducted prior to the sift.

Further Information
Please review the following Terms & Conditions which set out the way we recruit and provide further information related to the role.

If you have any questions please feel free to contact recruitment@digital.justice.gov.uk
Loading ...
Loading ...

Deadline: 16-07-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...