84123 - Security Risk & Assurance Principal

The national salary range is £54,358 - £61,585, London salary range is £58,847 - £66,670. Your salary will be dependent on your base location
12 Months
Please note: Some of our MoJ Office locations, such as our Liverpool Justice Collaboration Centre, require higher levels of National Security Vetting. The MoJ is working to open more Justice Collaboration Centres and Justice Satellite Offices over time. Click here to learn more about where our currently open Justice Collaboration Centres and Justice Satellite Offices are, to identify where you may be based and understand National Security Vetting requirements of each location.
Grade 7
Grade 7
Full Time
Information Technology, Security

Security Risk and Assurance Principal (G7)

The MoJ Information Security Team sits at the heart of the Ministry of Justice, enabling good security practices through the provision of security policies, guidance and education, by understanding cyber security risks from all parts of the Ministry of Justice, including the wider Justice sector and providing assurance to the departmental Senior Information Risk Owner, the Permanent Secretary and other senior stakeholders that these risks are being effectively managed in the delivery of MoJ objectives.

The role of the Security Risk and Assurance Principal is to lead a small team of risk and security professionals to deliver security risk and assurance activities across the MoJ.  This will include scoping and leading the programme of cyber security assurance across the MoJ, and measuring confidence levels that the security features, practices, procedures, and architecture of an information system bring about and enforce the security policy.

The Security Risk and Assurance Principal will be able to challenge non-compliance with required standards covering the most complex risk. They apply their understanding of information security and the organisational context to provide insight into the security implications of proposed business and technical changes, acting as a trusted advisor in communicating these effectively to technical and non-technical stakeholders.

The Security Risk and Assurance Principal will also mentor and support others in good risk management practices to enable and empower them to manage residual risk well.

Initiate and lead improvements to processes, policies and guidance resulting from risk and assurance activities and trends.

All members of the team are expected to help develop the MoJ Security Function as a centre of excellence for the department and to contribute to building a brilliant and diverse team that is a welcoming place for all.

Typical role expectations and responsibilities

Lead the implementation and delivery of security assurance processes, including GovAssure and supplier assurance activities across the MoJ, to support the overarching assurance programme. Lead on the communication of assessment and assurance outcomes to stakeholders in ways that support effective security, risk management and decision-making, and advise stakeholders on their approach to risk assessment in the context of their business outcomes.

Lead engagements with Justice Digital and Information Assurance colleagues, or supervise third party suppliers, to gather and audit evidence of the performance of technical services and organisational processes against security baselines, controls and requirements. Track the evidence provided using key performance indicators to feed into security dashboards.

Use business knowledge and technical expertise to translate evidence gathered from complex data sets into senior stakeholder reporting and recommendations for strategic risk improvement initiatives.

Identify and report on trends arising from assurance assessments across the MoJ and make sure appropriate remediation plans are in place and being actively managed.

Align risk decisions and advice with relevant regulation, policy and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk for the most complex scenarios. Escalate risks to more senior stakeholders when needed and take responsibility for closure of follow up actions.

Provide direction on input into the development and enablement of security policy and security culture by collaborating with the Security Policy, Culture, Awareness and Education team through insights on trends identified from security risks and assurance activities. Assure the ongoing appropriateness of policy in accordance with regulation and wider departmental and government policies.

Play a leading role in building the network of security partners across government and national technical authorities, and within industry. Contribute to cross-government conversations on security risk and assurance.

Make substantial contributions to submissions and reports for senior MoJ officials, including presenting at senior boards, and oversee efforts needed to respond to requests and advisories received from government partners where needed.

Monitor the efficiency and effectiveness of security processes across the organisation, and lead continuous improvement efforts, including improving methods of escalation or reporting where necessary. Maintain and grow their knowledge of industry and government best practices. Apply new concepts and thinking to develop and innovate security risk and assurance frameworks, policies, processes and tooling.

Maintain understanding of local and strategic threat environments and trends affecting the landscape, and apply this to inform and provide context in decision-making and planning. Communicate tailored threat information to relevant local stakeholders within the organisation

Lead a small team of risk and security professionals, planning and tracking delivery against objectives, developing team skills, motivation and well-being. At times the team may include external third party delivery partners and require tracking of this delivery and spend.

About you:
You will need experience of working well within a security, technology or risk team, and be able to demonstrate successful prior experience of leading, mentoring and motivating a small team. You will be able to demonstrate examples of your own motivation to grow your leadership and management skills and abilities.

You will demonstrate an understanding of cyber security, technology and risk, and show commitment to continue to grow your awareness of current and emerging technologies and their impact on existing security practices.

You will be able to communicate well and confidently with a variety of stakeholders, up to board level, and relay technical information to a non-technical audience.

You will possess excellent analytical and problem-solving skills, adopting a positive approach and displaying flexibility of mind when encountering new situations. You will display attention to detail and discretion in dealing with confidential topics and senior stakeholders.

You will need to be analytical and inquisitive, probing for information where appropriate to understand business context and reasoning. You will be a trusted partner for your areas of the organisation and demonstrate an understanding of how to appropriately challenge security decisions, including those made by senior stakeholders.


We'll assess you against these behaviours during the selection process:


  • Managing a Quality Service
  • Leadership
  • Delivering at Pace
  • Making Effective Decisions
  • Seeing the Big Picture
  • Communicating and Influencing


  • Changing and Improving 

Technical skills and experience

We will assess your current level of knowledge and experience of cyber security and risk management during the selection process.

Working Arrangements & Further Information

The MoJ offers Hybrid Working arrangements where business need allows. This is an informal, non-contractual form of flexible working that blends working from your base location, different MoJ sites and / or from home (please be aware that this role can only be worked in the UK and not overseas). Some roles will not be suitable for Hybrid Working. Similarly, Hybrid Working will not suit everyone’s circumstances. Arrangements will be discussed and agreed with the successful candidate(s) and subject to regular review.

For nationally advertised roles, the successful candidate(s) will be appointed to a MoJ office location, which may include their nearest Justice Collaboration Centre or Justice Satellite Office. This will be discussed and agreed on the completion of pre-employment checks.

Some of MoJ’s terms and conditions of service are changing as part of Civil Service reform. The changes will apply to staff joining MoJ who are new to the Civil Service. Staff joining MoJ from other civil service employers will transfer onto the new MoJ terms if they are already on 'modernised' terms in their current post or onto 'unmodernised' MoJ terms if they are on 'unmodernised' terms at their current post. Details will be available if an offer is made.

MoJ candidates who are on a specialist grade, will be able to retain their grade on lateral transfer.

All candidates who are currently in receipt of Mark Time / Pay Protection should ensure they are familiar with the new policy on permanent and temporary promotion which can be found on the employee intranet.

Flexible working hours

The Ministry of Justice offers a flexible working system in many offices.


The MoJ offers a range of benefits:

Annual Leave

Annual leave is 25 days on appointment and will increase to 30 days after five years’ service.

There is also a scheme to allow qualifying staff to buy or sell up to three days leave each year. Additional paid time off for public holidays and 1 privilege day. Leave for part-time and job share posts will be calculated on a pro-rata basis.


The Civil Service offers a choice of pension schemes, giving you the flexibility to choose the pension that suits you best.


The Ministry of Justice is committed to staff development and offers an extensive range of training and development opportunities.


The opportunity to join employee-run networks that have been established to provide advice and support and to enable the views of employees from minority groups to be expressed direct to senior management. There are currently networks for employees of minority ethnic origin, employees with disabilities, employees with caring responsibilities, women employees, and lesbian, gay, bisexual and transgender employees.


  • A range of ‘Family Friendly’ policies such as opportunities to work reduced hours or job share.
  • Access to flexible benefits such as voluntary benefits, retail vouchers and discounts on a range of goods and services.
  • For moves to or from another employer or moves across the Civil Service this can have implications on your eligibility to carry on claiming childcare vouchers. You may however be eligible for alternative government childcare support schemes, including Tax Free Childcare. More information can be found on GOV.UK or Childcare Choices. You can determine your eligibility at https://www.childcarechoices.gov.uk/.
  • Paid paternity, adoption and maternity leave.
  • Free annual sight tests for employees who use computer screens.

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles. Should you feel that the recruitment process has breached the recruitment principles you are able to raise a formal complaint in the following order

The Civil Service embraces diversity and promotes equal opportunities. As a Disability Confident employer, MoJ are committed to providing everyone with the opportunity to demonstrate their skills, talent and abilities, by making adjustments throughout all elements of the recruitment process and in the workplace. MoJ are able to offer an interview to disabled candidates who meet the minimum selection criteria, except in a limited number of campaigns.

You will be able to request reasonable adjustments to the recruitment process within the application form. If you need additional help completing the application form, please contact the SSCL Recruitment Enquiries Team.

We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit: https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.

Interview dates to be confirmed and a confirmation email with interview details will be sent to candidates selected for interview.

16/02/2024, 23:55 hours.

If you require any assistance please call 0345 241 5359 (Monday to Friday 8am - 6pm) or e mail Moj-recruitment-vetting-enquiries@gov.sscl.com Please quote the job reference - 84123.
Security Clearance (SC)

To apply for roles in MOJ you will need to confirm your employment history for at least 3 years prior to the date of application so that pre-employment checks (BPSS) can be undertaken. If you have spent significant time abroad (a total of 6 months in the past 3 years) you would be required to give a reasonable account of the reasons why. 

For some roles you will be required to successfully complete National Security Vetting at Counter Terrorism (CTC), Security Clearance (SC) or Developed Vetting (DV) level as a condition of appointment. To meet CTC/SC/DV requirements you will normally need to have been resident in the UK for at least 3/5/10 years prior to the date of application (The level of checks that are required are stated in the advert).

If you do not meet the above requirements, you may still be considered if, for example:

  • You've been serving overseas with HM Forces or in some other official capacity as a representative of HM Government
  • You were studying abroad
  • You were living overseas with parents

In such cases you will need to be able to provide referee cover for the period(s) of residence overseas. The duration of overseas residence and the country of abode will also be taken into account.

Success Profiles will enable a fairer and more inclusive method of recruitment by enabling us to assess the range of experiences, abilities, strengths, behaviours and technical/professional skills required for different roles. This flexible approach to recruitment focuses more on finding the right candidate for the specific role. To find out more about Success Profiles to support your application please click here for further guidance.

if you feel that your application has not been treated in line with the Civil Service Recruitment Principles, please contact SSCL (Moj-recruitment-vetting-enquiries@gov.sscl.com) in the first instance

We have provided detail of the assessment stages and areas being assessed to help you prepare for completing your application form, and to advise of what will be assessed following this, if you successfully pass the application stage.

Application form stage assessments

Statement of Suitability - 1000 word limit

Interview stage assessments

There is 1 interview stage for this vacancy.
Managing a Quality Service
Delivering at Pace
Making Effective Decisions
Seeing the Big Picture
Communicating and Influencing

A Great Place to Work for Veterans

The "Making the Civil Service a Great Place to work for veterans" initiative includes a guaranteed interview scheme to those who meet the minimum criteria to provide eligible former members of the Armed Forces with opportunities to secure rewarding jobs. Allowing veterans to continue to serve their country, and to bring highly skilled individuals with a broad range of experience into the Civil Service in an environment, which recognises and values your previous service in the Armed Forces.
For further details about the initiative and eligibility requirements visit : https://www.gov.uk/government/news/making-the-civil-service-a-great-place-to-work-for-veterans

Redeployment Interview Scheme

Civil Service departments are expected to explore redeployment opportunities before making an individual redundant. The MoJ are committed, as part of the Redeployment Interview Scheme, to providing opportunities to those who are 'at risk of redundancy'.

MoJ are able to offer an interview to eligible candidates who meet the minimum selection criteria, except in a limited number of campaigns. Candidate's will not be eligible for the Redeployment Interview Scheme if they are applying on promotion.

This job is broadly open to the following groups:

· UK nationals

· nationals of the Republic of Ireland

· nationals of Commonwealth countries who have the right to work in the UK

· nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) https://www.gov.uk/settled-status-eu-citizens-families

· nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)

· individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020

· Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window) https://www.gov.uk/government/publications/nationality-rules

This Vacancy is closed to applications.