Principal Cyber Security Consultant

Location: National

Closing Date: 23rd February

Interviews: after w/c 9th March

Grade: Grade 7 (MoJ candidates who are on a specialist grade, will be able to retain this grade on lateral transfer)

Salary: London: £63,343 - £78,225 (which may include an allowance of up to £14,882); National: £58,511 - £73,450 (which may include an allowance of up to £14,939)

Working pattern: Full-time/Part-time/Flexible working

Contract Type: Permanent

Vacancy number: 14702

We offer a hybrid working model, allowing for a balance between remote work and time spent in your local office.

The Role

We’re recruiting for a Principal Cyber Security Consultant here at Justice Digital, to be part of our warm and collaborative Digital Cyber team within the Office of CTO. This role aligns against Security Architect from the Government Digital and Data Framework. The Digital Cyber team plays a central role within Justice Digital, collaborating directly with various products and services to ensure the secure delivery of justice. These offerings span the entire Ministry of Justice, from legal aid applications to prison education programmes, and we operate across multiple domains to provide specialist security expertise. The Office of the CTO comprises technical and security professionals dedicated to shaping, assuring, and enhancing the digital services offered by Justice Digital. By integrating our collective skills, we function as a cohesive multidisciplinary unit, leveraging our combined knowledge and expertise while valuing the contributions of every team member. Individuals who are motivated to contribute in an environment where their problem‑solving abilities, security acumen, and communication skills are in high demand will find the Digital Cyber team an exceptional place to advance their careers.

Key Responsibilities

• This role will provide proactive hands‑on security leadership combined with expert advice in the scoping, development and ongoing improvement of Justice Digital products and services.
• You’ll be expected to develop a deep understanding of wider Government strategy (inc Secure by Design and Cyber Assurance Framework), MoJ security policy and industry best practices to ensure that new technology is built to support them, ensuring that cyber security risks are identified and mitigated to acceptable levels by effective security controls and pertinent practices.
• As someone who can work independently, under broad direction with functional alignment to different agencies, you will also take an active security lead on designated projects, providing technical expert cyber security oversight and guidance to both service owners and developer colleagues, ensuring strong collaboration and the unification of security across Justice Digital.
• Using your security expertise and experience, you’ll support teams in achieving their goals, acting as an enabler to support delivery of MoJ products and services.

The ideal person will:

• Support the design, development, improvement and evolution of a wide ranging portfolio of products and services in Justice Digital.
• Triage security requests with a positive mindset, anticipating needs and challenges.
• Provide technical advice, guidance and support from high to low level that enables business outcomes.
• Use cyber risk as an engine to drive meaningful conversations about cyber security with senior stakeholders, ensuring that discussions are grounded in the organisation’s risk landscape and aligned with business objectives.
• Challenge the status quo and work with the Central MOJ Information Security Team to develop and evolve MoJ Policy and risk practices based on organisational needs.
• Take a key role in the promotion of strategic cyber security initiatives, influencing and aligning stakeholders to the MoJ’s security aims and objectives.
• Act as a key point of contact for product teams, facilitating queries and providing sound security advice, utilising industry best practices, recognised frameworks and government policy as the foundation for your decision making.
• Be proactive in sharing knowledge, mentoring junior members of the team and documenting processes and techniques.
• Be responsible for the line management of Civil Servants and Contractors.

Benefits

• 37 hours per week and flexible working options including working from home, working part‑time, job sharing, or working compressed hours.
• A £1k per person learning budget is in place to support all our people, with access to best in class conferences and seminars, accreditation with professional bodies, fully funded vocational programmes and e‑learning platforms.
• Staff have 10% time to dedicate to develop & grow.
• Generous civil service pension based on defined benefit scheme, with employer contributions of 28.97% from April 1st 2024.
• 25 days leave (plus bank holidays) and 1 privilege day usually taken around the King’s birthday.
• 5 additional days of leave once you have reached 5 years of service.
• Compassionate maternity, adoption and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave.
• Maternity support/paternity leave at full pay for 2 weeks, too!
• Wellbeing support including access to the Calm app.
• Nurturing professional and interpersonal networks including those for Carers & Childcare, Gender Equality, PROUD and SPIRIT.
• Bike loans up to £2,500 and secure bike parking (subject to availability and location).
• Season ticket loans, childcare vouchers and eye‑care vouchers.
• 5 days volunteering paid leave.
• Some offices may have a subsidised onsite Gym.

Person Specification

Essential

• An analytical and inquisitive mind, making sense of broad statements and a keen eye for detail.
• Software Development and Technical Proficiency including; information security compliance (ISO27001, NIST, CIS, NCSC CAF); Secure by Design; Common languages; API/Microservice architecture; OWASP.
• Strong understanding of cyber risk and management, incident response and threat and vulnerability management.
• Negotiation skills and the ability to develop working relationships.
• Excellent communication skills, both written and verbal.
• Ability to make technology‑led recommendations to support difficult/time‑bound decisions.
• Understanding and awareness of project, change and business improvement techniques.
• A drive to continuously look to challenge and improve processes.
• Willingness to be assessed against the requirements for SC clearance.

We welcome the unique contribution diverse applicants bring and do not discriminate based on culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.

How to Apply

Candidates must submit a CV and Cover Letter (750 words max), which describes how you meet the requirements from the essential criteria, set out below:

• Software Development and Technical Proficiency including; information security compliance (ISO27001, NIST, CIS, NCSC CAF); Secure by Design; Common languages; API/Microservice architecture; OWASP
• Excellent communication skills, both written and verbal.

Please note, failure to provide the documents as requested for the specific role, will result in a rejection of your application.

Your application will be reviewed against the Person Specification above by a diverse panel. Successful candidates who meet the required standard will then be invited to a 90‑minute panel interview held via video conference. Candidates will also be required to provide a 7‑minute presentation with 5 additional minutes for panel questions during the interview stage. Details of the presentation will be sent across prior to interview, with sufficient notice for candidates to prepare.

In Justice Digital, we recruit using a combination of the Government Digital and Data Profession Capability and Success Profiles Frameworks. We will assess your Technical Skills and the following Behaviours during the assessment process:

• Seeing the bigger picture
• Making effective decisions
• Communicating and influencing
• Changing and improving

Should we receive a high volume of applications, a pre‑sift based on "Software Development and Technical Proficiency including; information security compliance (ISO27001, NIST, CIS, NCSC CAF); Secure by Design; Common languages; API/Microservice architecture; OWASP" and "Excellent communication skills, both written and verbal" will be conducted prior to the sift.

Should you be unsuccessful in the role that you have applied for, but demonstrated the capability for a role at a lower level, we reserve the right to discuss this opportunity with you and potentially offer you the position without the need for a further application. A reserve list may be held for a period of up to 12 months from which further appointments may be made.

Application Guidance

Please access the following link for guidance on how to apply and how to complete a Personal Statement.

Use of Artificial Intelligence

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Recruitment Process Notice

This role is being delivered in partnership with PeopleScout, our managed recruitment service provider. As part of the recruitment process, your personal data will be shared with PeopleScout for the purposes of candidate assessment, communication, and selection. PeopleScout will process your data on behalf of the Ministry of Justice in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Your data will be handled securely, used only for recruitment purposes, and retained only as long as necessary.

The Ministry of Justice processes your personal data under the lawful bases of: Contractual necessity - to assess and progress your application, Legal obligation - for checks such as right to work, Legitimate interest - to improve recruitment processes and ensure fair selection.

You have the right to:

• Access your personal data
• Request correction or deletion
• Restrict or object to processing
• Request data portability

Your data will be retained for up to 12 months following the recruitment process or the duration of the appointment, whichever is shorter, after which it will be securely deleted. For more information on how your data will be used and your rights under data protection law, please refer to https://justice.gov.uk/privacy or contact the MoJ Data Protection Team at data.protection@justice.gov.uk.

Terms & Conditions

Please review our Terms and Conditions which set out how we recruit and provide further information related to the role and salary arrangements. If you have any questions, please feel free to contact digitalanddatarecruitment@justice.gov.uk.