Job Title: Senior Threat and Vulnerability Management (TVM) Analyst 

Location: National*

Closing Date: 27 September 2023 @ 23:55

Interviews: Week commencing 12th October 2023

Grade: SEO

(MoJ candidates who are on a specialist grade, will be able to retain this grade on lateral transfer)

Salary: National: £37,683 - £52,338 which may include an allowance up to £14,655 London: £43,657 - £56,765 which may include an allowance up to £13,118

Working pattern: Full time, part time and Flexible working 

Contract Type: Permanent

Vacancy number: 78117

*We are currently offering hybrid working which includes 2 days per week in your local office. Office locations can be found HERE

The Role:

We’re recruiting for a Senior Threat and Vulnerability Management (TVM) Analyst here at Justice Digital, to be part of our warm and collaborative Justice Digital Security Operations team.

You’ll be part of the Justice Digital Security Operations Centre (SOC) acting as the main support to the lead for the Threat and Vulnerability Management team and will own identifying, quantifying and managing cyber vulnerabilities across the MOJ, in conjunction with other parts of the supportive Cyber Security family.

This role will be responsible for the implementation and management of threat and vulnerability capabilities, interfacing with appropriate teams across the businesses and associated 3rd parties to ensure appropriate remediation plans are defined and implemented.

To help picture your life at MoJ Justice Digital please take a look at our blog and our Digital and Technology strategy 2025

Key Responsibilities:

The Threat & Vulnerability area will consist of the following remit.

• Vulnerability Assessments & Management
• Threat Intelligence
• Reporting

Responsibilities include:

• Threat Hunting
• Define minimum standards in relation to vulnerability management, remediation and compliance across the department.
• Research and investigate new and emerging vulnerabilities, to include Zero Day events, and participate in external security communities, sharing findings across the security functions.
• Prioritise the remediation of vulnerabilities based on their characteristics such as, threat intelligence, business criticality and exploit maturity.
• Define minimum standards in relation to threat management, monitoring compliance across the businesses.
• Take responsibility for scheduling, detecting, and analysing vulnerabilities and vulnerability related activity affecting MOJ’s technology domain. 
• Help create prioritised overviews of cyber vulnerabilities by putting them in a context of IT services and business applications leading to remediation actions by the respective parties
• Conduct deep-dive analysis on attacks and share actionable data with partner teams.
• Ensure the accurate and timely release of vulnerability metrics.
• Report on areas of non-compliance against Policy and/or Group Standards

Benefits

• 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
• We are committed to nurturing our staff and provide lots of training and development opportunities with learning platforms such as: Linux Academy, O’Reilly, Pluralsight, Microsoft Learning, Civil Service Learning, GDS Academy, etc.
• 10% dedicated time to learning and development with a budget of £1000 a year per person
• Generous civil service pension based on defined benefit scheme, with employer contributions of 26-30% depending on salary.
• 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Kings’ birthday. 5 additional days of leave once you have reached 5 years of service.
• Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
• Wellbeing support including access to the Calm app. 
• Nurturing professional and interpersonal networks including those for Careers & Childcare, Gender Equality, PROUD and SPIRIT
• Bike loans up to £2500 and secure bike parking (subject to availability and location)
• Season ticket loans, childcare vouchers and eye-care vouchers.
• 5 days volunteering paid leave.
• Free membership to BCS, the Chartered Institute for IT.
• Some offices may have a subsidised onsite Gym.

Person Specification:

Essential 

• Good knowledge of security monitoring approaches, techniques and widely-used products, to seek out security threats, and improve an organisation’s security posture.
• Experience with threat and vulnerability management, and other security operations processes and techniques (such as identity management, cryptography, patch management etc). Knowledge of threat to widely used digital and technology systems, including on-prem and cloud-based solutions.
• Interprets device and application logs from a variety of sources (i.e., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures, etc.) to identify anomalies or evidence of compromise.
• Experience defining a TVM solution using tools such as Tenable.io/Rapid 7/Microsoft Cloud Security Technologies.
• Experience working within a Security Operations Centre or Incident Response Team, Law Enforcement, and/or Military experience may be accepted in lieu of this requirement.
• Use of threat intelligence to identify potential threats, assess their impact, and provide actionable insights to the organisation.

Desirable (Technical requirements)

• A broad background in information security with experience in security operations, vulnerabilities and exploitation, network security, and cloud security
• Relevant experience in cybersecurity architecture, engineering, and/or SOC work experience (monitoring, detection, incident response, forensics)
• Monitoring for emerging threat patterns and vulnerabilities
• Vulnerability Scheduling
• Threat Report Generation
• SIEM Enhancements to increase detection capabilities

Willingness to be assessed against the requirements SC clearance.

We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor. 

Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.

How to Apply:

Candidates must submit CV & Covering Letter (500 words) which describes how you meet the requirements set out in the Person Specification above.

In Justice Digital, we recruit using a combination of the Digital, Data and Technology Capability and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:

• Leadership
• Making Effective Decisions
• Developing Self and Others

Your application will be reviewed against the Person Specification above by a diverse panel. 

Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference. You will be required to conduct a 5 minute presentation on what you see as threats or risks to the MOJ.

Should we receive a high volume of applications, a pre-sift based on Leadership and receipt of mandatory application documentation will be conducted prior to the sift.

Should you be unsuccessful in the role that you have applied for, but demonstrated the capability for a role at a lower level, we reserve the right to discuss this opportunity with you and potentially offer you the position without the need for a further application.

A reserve list may be held for a period of up to 12 months from which further appointments may be made.

Terms & Conditions:

Please review our Terms & Conditions which set out the way we recruit and provide further information related to the role and salary arrangements.

If you have any questions please feel free to contact recruitment@digital.justice.gov.uk