Security Engineer

Location: National*

Closing Date: 27th October

Interviews: From 5th November

Grade: SEO

(MoJ candidates who are on a specialist grade, will be able to retain this grade on lateral transfer)

Salary: National: £42,914 - £51,675 (which may include an allowance of up to £8,761) London: £49,325 - £56,050 (which may include an allowance of up to £6,725)

Working pattern: Full-time, part-time, flexible working.

Contract Type: Permanent

*We offer a hybrid working model, allowing for a balance between remote work and time spent in your local office. Office locations can be found ON THIS MAP

The Role

We’re recruiting for a Security Engineer to be part of our warm and collaborative Digital Infrastructure and Security Operations (DISO) Team.

This role aligns against Monitoring Lead from the Government Security Profession Framework

The Technology Services team within Justice Digital is responsible for all infrastructure, end user computing, onsite support and delivery of technology projects. It has responsibility for 95,000 devices and infrastructure across 900+ sites.

We’re looking for an individual with strong interpersonal skills who likes working with delivery focused and agile multidisciplinary teams. You will also contribute to the wider community and share your skills and experiences with others across the MOJ and across the wider Government, as required.

MOJ Justice Digital was set up to change the way that people access and use justice services. Our goal is to make the justice system simpler and quicker while saving public money.

Within the technology platform and security team, our mission is to secure the department (including its arms length bodies) against cyber threat vulnerabilities. We protect our nationwide internal IT infrastructure and high-profile digital services.

To help picture your life at MoJ Justice Digital please take a look at our blog and our Digital and Technology strategy 2025

Key Responsibilities:

• Guide the implementation of cutting-edge cyber security solutions across network infrastructures.

• Document security protocols comprehensively, addressing potential threats proactively.

• Collaborate with stakeholders to improve platform and service security.

• Maintain proficiency in XSIAM principles, Palo Alto Networks’ Cortex platforms, and security automation.

If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!

Benefits

• 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.

• A £1k per person learning budget is in place to support all our people, with access to best-in-class conferences and seminars, accreditation with professional bodies, fully funded vocational programmes and e-learning platforms

• Staff have 10% time to dedicate to develop & grow

• Generous civil service pension based on defined benefit scheme, with employer contributions of 28.97% from April 1st 2024 (Contribution Rates)

• 25 days leave (plus bank holidays) and 1 privilege day usually taken around the King’s birthday. 5 additional days of leave once you have reached 5 years of service.

• Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!

• Wellbeing support including access to the Calm app.

• Nurturing professional and interpersonal networks including those for Carers & Childcare, Gender Equality, PROUD and SPIRIT

• Bike loans up to £2500 and secure bike parking (subject to availability and location)

• Season ticket loans, childcare vouchers and eye-care vouchers.

• 5 days volunteering paid leave.

• Some offices may have a subsidised onsite Gym.

Person Specification

Essential

• Proficiency in managing security platforms, such as SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools.

• Experience in enterprise-level monitoring, with a focus on supporting large-scale user environments and ensuring system resilience.

• Ability to design and maintain security playbooks and correlation rules, contributing to automated threat detection and incident response workflows.

• Strong communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.

• Demonstrated expertise in Palo Alto Networks technologies, including Cortex XDR, Cortex Data Lake, and Cortex XSOAR.

• Solid understanding of cloud security principles, network and system security fundamentals, and scripting for automation (e.g., Python, PowerShell, Bash).

• Knowledge of key compliance and security standards (e.g., GDPR, HIPAA, NIST).

Willingness to be assessed against the requirements for SC clearance

We welcome the unique contribution diverse applicants bring and do not discriminate based on culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.

Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

How to Apply

Candidates must submit a CV (no more than 2 pages) and Personal Statement. Your Personal Statement (no more than 750 words) should highlight your relevant experience and skills, supported by clear examples of work you have undertaken. It must address the following three criteria, listed within the Person Specification. Please structure your response using a separate paragraph for each:

• Proficiency in managing security platforms, such as SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools.

• Solid understanding of cloud security principles, network and system security fundamentals, and scripting for automation (e.g., Python, PowerShell, Bash).

• Knowledge of key compliance and security standards (e.g., GDPR, HIPAA, NIST).

(*Personal Statements which have not adhered to the application process, of providing examples to the three points above may be rejected at sift).

Application Guidance

Please access the following link for guidance on how to apply and how to complete a Personal Statement

Application Guidance

In Justice Digital, we recruit using a combination of the Government Security Profession Framework skills and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:

• Working Together

• Making Effective Decisions

• Communicating and Influencing

A diverse panel will review your application against the Person Specification above.

Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference.

Should we receive a high volume of applications, a pre-sift based the below criteria will be conducted before the sift.

• Proficiency in managing security platforms, such as SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools.

Should you be unsuccessful in the role that you have applied for but demonstrate the capability for a role at a lower level, we reserve the right to discuss this opportunity with you and offer you the position without needing a further application.

A reserve list may be held for up to 12 months, from which further appointments may be made.

Use of Artificial Intelligence

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Terms & Conditions

Please review our Terms and Conditions which set out how we recruit and provide further information related to the role and salary arrangements.

If you have any questions, please feel free to contact digitalanddatarecruitment@justice.gov.uk