81413 - Lead Application Security Engineer

The national salary is £54,358 - £61,585, London salary is £58,847 - £66,670. Your salary will be dependent on your base location
Total pay in the range of '£50,001 to £60,000, £60,001 and over' are subject to capability, skills and experience. Salary may consist of base pay and a Recruitment and Retention Allowance (RRA)
12 Months
Please note: Some of our MoJ Office locations, such as our Liverpool Justice Collaboration Centre, require higher levels of National Security Vetting. The MoJ is working to open more Justice Collaboration Centres and Justice Satellite Offices over time. Click here to learn more about where our currently open Justice Collaboration Centres and Justice Satellite Offices are, to identify where you may be based and understand National Security Vetting requirements of each location.
Grade 7
Grade 7
Full Time, Part Time, Flexible Working

We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.

Our values are Purpose, Humanity, Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.

Lead Application Security Engineer

Location: National*

Interviews: w/c 11th December

Grade: Grade 7

(MoJ candidates who are on a specialist grade, will be able to retain this grade on lateral transfer)

Salary: National: £54,358 - £73,450 (which may include an allowance of up to £19,092)

London: £58,847 - £78,225 (which may include an allowance of up to £19,378)

Working pattern: Full-time, part-time & flexible working

Contract Type: Perm

*We are currently offering hybrid working which includes 2 days per week in your local office. Office locations can be found HERE

The Role

We’re recruiting for a Lead Application Security Engineer here at Justice Digital, to be part of our warm and collaborative Platforms and Architecture team.

The cyber security of the digital services of the Ministry of Justice is vital to ensuring both trust in the justice system, as well as meeting our legal obligations, to protect sensitive information. The potential of a successful cyber attack is a departmental risk, and the allocation of effective and skilled effort to help reduce the risk is part of the mitigation presented to MoJ.

Part of achieving this requirement is through the delivery of Application Security (AppSec). Working in partnership with the development teams, AppSec work improves, and scales up security activities, helping teams design, build and automate security into their solutions, and finding new ways to reduce risk scores.

Providing this operational security improvement is a vital part of our collective work to mitigate existing security deficiencies in legacy and digital services, and to embed more effective security in our services for the future.

To help picture your life at MoJ Justice Digital please take a look at our blog and our Digital and Technology strategy 2025

Key Responsibilities:

You will be part of the Platforms and Architecture Cyber Security Team, providing expert hands-on cyber security support to our development teams across the MoJ Justice Digital estate. You will be working to find better ways to defend and protect the development pipeline by building automation into processes and building in AWS and Azure native safeguards, where appropriate.

You will be working alongside cyber security consultants, and alerting them to areas of increased risk and new processes and techniques.

What you'll be doing:

  • Designing, developing and automating security tools and techniques to implement a secure software development lifecycle (SDLC), providing continuous assurance that systems are protected against common threats.
  • Implementing consistent DevSecOps best practices for the MoJ organisation.
  • Supporting and participating in workshops to raise awareness of security vulnerabilities and mitigations available to teams.
  • Help to address product security requirements by deploying homegrown and open source tools.
  • Coordinating with developers and product management to ensure these tools are fit for purpose.
  • Driving improvements in teams that ultimately improve audit outcomes in GovAssure.
  • Collaborating with internal and external DevOps Teams to advocate software security practices and with Cloud Security and Security Architects in maintaining/extending Cloud Security patterns and use cases.
  • Communicating security findings to stakeholders in a clear and actionable fashion, focusing on real-world impact and with pragmatic options for resolution.
  • Maintaining good practice around code repo's (like Github), identifying and remediating weaknesses in Open Source libraries.
  • Working closely with platform teams to build centralised security reporting dashboards that provide security assurance across our applications.
  • Supporting threat modelling and security design reviews with engineering teams, providing subject matter expertise in resolving complex security problems.
  • Critiquing mitigations suggested from development teams on security issues.
  • Build the profile of the cyber security team through positive stakeholder interactions.

If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!


  • 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
  • We are committed to nurturing our staff and provide lots of training and development opportunities with learning platforms such as: Linux Academy, O’Reilly, Pluralsight, Microsoft Learning, Civil Service Learning, GDS Academy, etc.
  • 10% dedicated time to learning and development with a budget of £1000 a year per person
  • Generous civil service pension based on defined benefit scheme, with employer contributions of 26-30% depending on salary.
  • 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Kings’ birthday. 5 additional days of leave once you have reached 5 years of service.
  • Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
  • Wellbeing support including access to the Calm app.
  • Nurturing professional and interpersonal networks including those for Careers & Childcare, Gender Equality, PROUD and SPIRIT
  • Bike loans up to £2500 and secure bike parking (subject to availability and location)
  • Season ticket loans, childcare vouchers and eye-care vouchers.
  • 5 days volunteering paid leave.
  • Free membership to BCS, the Chartered Institute for IT.
  • Some offices may have a subsidised onsite Gym.

Person Specification

To excel in the role, the following skills are essential:

  • You have successfully established relationships with development teams based on collaboration, emotional intelligence, and pursuit of excellence.
  • You have experience of deploying techniques like SCA, SAST, DAST, IaC etc to the development pipeline.
  • You have knowledge of lightweight Threat Modelling techniques.
  • You have hands-on experience with CI/CD tools like Jenkins, Github Actions and CircleCI.
  • Understand how to secure public facing endpoints and APIs.
  • You have experience of modern development practices, cloud (AWS/ Azure) and container technologies such as Docker and Kubernetes.
  • Familiarity with microservice architecture and networking.
  • Ability to effectively present and communicate security threats and risks to any audience and impress upon them the mitigation techniques and strategies.
  • Excellent knowledge of frameworks such as OWASP, MITRE, Cyber Killchain
  • You have experience with implementing secure software lifecycle practices within an agile engineering organisation.
  • You have an ability to create a positive security culture in development teams.

Willingness to be assessed against the requirements for SC clearance

We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.

Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.

How to Apply

Candidates must submit a CV and a suitability statement of no more than 750 words which describes how you meet the requirements set out in the Person Specification above.

In Justice Digital, we recruit using a combination of the Digital, Data and Technology Capability and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process

  • Working Together
  • Communicating and Influencing

Your application will be reviewed against the Person Specification above by a diverse panel.

Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference.

Should we receive a high volume of applications, a pre-sift based on successfully established relationships with development teams will be conducted prior to the sift.

Should you be unsuccessful in the role that you have applied for, but demonstrated the capability for a role at a lower level, we reserve the right to discuss this opportunity with you and potentially offer you the position without the need for a further application.

A reserve list may be held for a period of up to 12 months from which further appointments may be made.

Terms & Conditions

Please review our Terms & Conditions which set out the way we recruit and provide further information related to the role and salary arrangements.

If you have any questions please feel free to contact recruitment@digital.justice.gov.uk

National: £54,358 - £73,450 (which may include an allowance of up to £19,092)

London: £58,847 - £78,225 (which may include an allowance of up to £19,378)

26/11/2023, 23:55 hours.

If you have any questions please feel free to contact recruitment@digital.justice.gov.uk

If you require any assistance please call 0345 241 5359 (Monday to Friday 8am - 6pm) or e mail Moj-recruitment-vetting-enquiries@gov.sscl.com Please quote the job reference - 81413.

To apply for roles in MOJ you will need to confirm your employment history for at least 3 years prior to the date of application so that pre-employment checks (BPSS) can be undertaken. If you have spent significant time abroad (a total of 6 months in the past 3 years) you would be required to give a reasonable account of the reasons why. 

For some roles you will be required to successfully complete National Security Vetting at Counter Terrorism (CTC), Security Clearance (SC) or Developed Vetting (DV) level as a condition of appointment. To meet CTC/SC/DV requirements you will normally need to have been resident in the UK for at least 3/5/10 years prior to the date of application (The level of checks that are required are stated in the advert).

If you do not meet the above requirements, you may still be considered if, for example:

  • You've been serving overseas with HM Forces or in some other official capacity as a representative of HM Government
  • You were studying abroad
  • You were living overseas with parents

In such cases you will need to be able to provide referee cover for the period(s) of residence overseas. The duration of overseas residence and the country of abode will also be taken into account.

Success Profiles will enable a fairer and more inclusive method of recruitment by enabling us to assess the range of experiences, abilities, strengths, behaviours and technical/professional skills required for different roles. This flexible approach to recruitment focuses more on finding the right candidate for the specific role. To find out more about Success Profiles to support your application please click here for further guidance.

if you feel that your application has not been treated in line with the Civil Service Recruitment Principles, please contact SSCL (Moj-recruitment-vetting-enquiries@gov.sscl.com) in the first instance

We have provided detail of the assessment stages and areas being assessed to help you prepare for completing your application form, and to advise of what will be assessed following this, if you successfully pass the application stage.

Application form stage assessments

Interview stage assessments

There is 1 interview stage for this vacancy.

A Great Place to Work for Veterans

The "Making the Civil Service a Great Place to work for veterans" initiative includes a guaranteed interview scheme to those who meet the minimum criteria to provide eligible former members of the Armed Forces with opportunities to secure rewarding jobs. Allowing veterans to continue to serve their country, and to bring highly skilled individuals with a broad range of experience into the Civil Service in an environment, which recognises and values your previous service in the Armed Forces.
For further details about the initiative and eligibility requirements visit : https://www.gov.uk/government/news/making-the-civil-service-a-great-place-to-work-for-veterans

Redeployment Interview Scheme

Civil Service departments are expected to explore redeployment opportunities before making an individual redundant. The MoJ are committed, as part of the Redeployment Interview Scheme, to providing opportunities to those who are 'at risk of redundancy'.

MoJ are able to offer an interview to eligible candidates who meet the minimum selection criteria, except in a limited number of campaigns. Candidate's will not be eligible for the Redeployment Interview Scheme if they are applying on promotion.

For further information and to apply for this position please see the following link: https://www.jobtrain.co.uk/justicedigital/Job/JobDetail?jobid=139.

This job is broadly open to the following groups:

· UK nationals

· nationals of the Republic of Ireland

· nationals of Commonwealth countries who have the right to work in the UK

· nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) https://www.gov.uk/settled-status-eu-citizens-families

· nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)

· individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020

· Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window) https://www.gov.uk/government/publications/nationality-rules

This Vacancy is closed to applications.