58382 - Senior TechOps Engineer

We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit: https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.

Senior TechOps Engineer

Location: National

Closing Date: 30th May 2022

Interviews: 17th June 2022

Grade: SEO

Salary: £41,747 - £47,591 London, £36,049 - £41,095 National

*We are currently offering hybrid working which includes 2 days per week in your local office. Office locations can be found here

The Role

We’re recruiting for a Senior TechOps Engineer here at MoJ Digital & Technology, to be part of our warm and collaborative SOC (Security Operations Centre) team.

The Cyber Security TechOps Engineers sit alongside the infrastructure teams; supporting the architecture and environment that they are helping to build and support. You’ll be implementing, maintaining and configuring security tools and platforms; creating policy changes, completing constant monitoring, preparing status reports and identifying / resolving issues.

To help picture your life at MoJ D&T please take a look at our blog and our Digital and Technology strategy 2025

Key Responsibilities:

The Security Operations Engineering area will consist of the following remit;

• Implementation and oversight of security tools that provide insight into the MOJ’s security environment.
• Closely collaborate with the Cyber Assistance Team’s consultancy arm to provide technical support and guidance.
• Act as the technical leads and SME on project teams, providing advice, knowledge sharing, and technical assistance to other sections of the MOJ's digital estates.

Responsibilities include:

• Develop and evolve security for new/existing systems.
• Assisting and advising on ensuring best practice is carried out throughout the development life cycle.
• Assisting in the development of a training framework to raise in-team skill sets.
• Using scripting or tools, automate our current manual process minimise human effort
• Increase cybersecurity awareness by creating best practice guides and contributing to SecOps quarterly newsletter
• Provide advice or assistance for colleagues with security related issues
• Ensure critical or high severity events and incidents are not allowed to propagate further and major incident handling is initiated

Additional responsibilities will eventually include:

• Develop content to accurately detect cybersecurity incidents and intrusions (SIEM Content Engineer) -
• Use automation to improve operations at both a technical/infrastructure level as well as at a SOC/human layer (Automation Engineer)
• Perform regular health checks on SIEM components.
• Upgrade SIEM components as needed
• Work closely with D&T Services to ensure that their log sources (eg Windows/Linux Servers, databases, Firewalls, VPN, web Proxy, mail gateway, intrusion prevention systems, cloud platforms, custom logs, etc.) feed into the SIEM.
• Provide advice and support to D&T Services on how to configure their log sources to send useful events to the SIEM.
• Verify log sources feed into the SIEM correctly.
• Support the D&T SOC on incident response and digital forensic (DFIR) projects, where required, e.g. querying and exporting log data, building rules to detect in-progress attacks, etc.

If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!

Benefits

• 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
• We are committed to nurturing our staff and provide lots of training and development opportunities with learning platforms such as: Linux Academy, O’Reilly, Pluralsight, Microsoft Learning, Civil Service Learning, GDS Academy, etc.
• 10% dedicated time to learning and development with a budget of £1000 a year per person
• Generous civil service pension based on defined benefit scheme, with employer contributions of 26-30% depending on salary.
• 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Queens’ birthday. 5 additional days of leave once you have reached 5 years of service.
• Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
• Wellbeing support including access to the Calm app.
• Nurturing professional and interpersonal networks including those for Careers & Childcare, Gender Equality, PROUD and SPIRIT
• Bike loans up to £2500 and secure bike parking (subject to availability and location)
• Season ticket loans, childcare vouchers and eye-care vouchers.
• 5 days volunteering paid leave.
• Free membership to BCS, the Chartered Institute for IT.
• Some offices may have a subsidised onsite Gym.

Person Specification

Essential

• Experience in security operations and administration (SecOps or DevSecOps) experience
• Hands-on experience with any SIEM product in a mid- to senior-level role
• Scripting experience – Powershell, Bash or equivalent
• High level of proven delivery ability with AWS and Azure technologies
• Knowledge of security technologies (IDS/IPS/IP Firewall/WAF)
• Security clearance SC or eligibility to be security cleared
• Proven ability to work and manage within a team environment and contribute to the overall progression of the SOC
• The ability to provide and maintain high level knowledge with internal and external stakeholders over various platforms
• Excellent oversight of the entire organisation with particular attention to interactions between business areas

Essential Technical requirements (Good knowledge of)

• Cloud Technologies (Azure, AWS, G-Suite)
• Office 365
• Elastic Technologies (ELK Stack)

Desirable Technical requirements

• Azure Sentinel
• Hands on Azure security configuration and Scripting skills
• Demonstrable experience and execution of security automation
• Knowledge of cybersecurity architecture, engineering, and/or SOC work experience (monitoring, detection, incident response, forensics)

You will be required to meet the requirements for BPSS clearance

We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.

Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.

How to Apply

Candidates must submit a CV which describes how you meet the requirements set out in the Person Specification above.

In D&T, we recruit using a combination of the Digital, Data and Technology Capability and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:

• Managing a quality service
• Seeing the bigger picture
• Developing self and other
• Delivery at Pace

Your application will be reviewed against the Person Specification above by a diverse panel.

Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference.

Should we receive a high volume of applications, a pre-sift based on the technical requirements you possess will be conducted prior to the sift.

Terms and conditions

Please review our Terms & Conditions which set out the way we recruit and provide further information related to the role and salary arrangements.

If you have any questions please feel free to contact recruitment@digital.justice.gov.uk