13117 - Cyber Threat Intelligence Principal
| Dyddiad hysbysebu: | 29 Rhagfyr 2025 |
|---|---|
| Cyflog: | £58,511 i £70,725 bob blwyddyn |
| Gwybodaeth ychwanegol am y cyflog: | The national salary is £58,511 - £65,329, London salary is £63,343 - £70,725. Your salary will be dependent on your base location |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 07 Ionawr 2026 |
| Lleoliad: | UK |
| Gweithio o bell: | Hybrid - gweithio o bell hyd at 3 ddiwrnod yr wythnos |
| Cwmni: | Ministry of Justice |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 13117 |
Crynodeb
The Role
We’re recruiting for a Cyber Threat Intelligence Principal here at Justice Digital, to be part of our warm and collaborative Digital Infrastructure and Security Operations (DISO) team.
The role aligns to the Vulnerability Management Principal position within the Government Security Profession Framework
As the Principal Cyber Intelligence Analyst at the Ministry of Justice (MOJ), you will lead and be responsible for a team of analysts undertaking analysis, collection, and dissemination of actionable threat intelligence to protect the MOJ. Your deep understanding of adversary tactics, techniques, and procedures (TTPs) will help to inform and improve MOJ cybersecurity defences - helping to predict and mitigate against emerging threats. You will work closely with security engineers, incident response teams, and external partners, translating raw intelligence into strategic insights that drive operational security decisions.
To help picture your life at MoJ Justice Digital please look at our blog and our Digital and Technology strategy 2025
Core responsibilities include:
• Ensuring that the MOJ takes a threat-led approach to cyber security with intelligence having a demonstrable impact on security decision-making at all levels of the organisation.
• Leading a multiskilled team of cyber intelligence specialists to deliver operational outcomes.
• Principal intelligence practitioner for the team able to share best practice and oversight of intelligence outputs to ensure the highest quality.
• Developing the skills and knowledge of your team as CTI practitioners.
• Shaping the development of CTI and threat hunting capability within MOJ.
• Incident Response - managing intelligence and threat hunting responsibilities as a core part of the incident response team to investigate and respond to security incidents.
• Maintain high levels of awareness of the latest threat intelligence and cybersecurity trends to fill the role of CTI Subject Matter Expert (SME) within a wide range of Security engagements.
• Leading collaboration activities with internal teams across the organisation in order to provide further internal understanding of potential adversaries and attack vectors.
• Delivery of verbal presentations and threat briefs, in-person and virtually, to internal and external stakeholders at all seniority levels.
• Represent the MOJ as the Subject Matter Expert (SME) on Cyber Threat Intelligence; delivering outputs to CISOs and other internal stakeholders.
• Relationship management within the wider Information Security community. Representation of the MOJ in a wide range of fora, to ensure impactful collaboration across Government Security communities including direct engagement with NCSC and the NCA.
• Ownership of CTI Vendor relationships - driving effective integration and usage of vendor platforms.
• Line Management/Performance management responsibilities for team members.
Person Specification
Essential Criteria:
• Substantial proven experience in leading threat intelligence/security teams and managing technical staff
• Intelligence reporting SME is able to deliver high quality products and maintain standards and quality across the team. Track record of delivering measurable impact from intelligence.
• Holds current relevant professional qualifications in Intelligence and/or Information Security (e.g. CREST CTIM/CISM) or relevant experience.
• Strong knowledge of cyber security principles, threat landscapes, and attack vectors. Knowledge of intelligence tooling
• Knowledge and understanding of current security threats, threat models, frameworks and common mitigations
• Excellent analytical and problem-solving skills,
• Demonstrable experience of proactive, operational delivery in a fast-paced security environment
Willingness to be assessed against the requirements for SC Clearance.
We welcome the unique contribution diverse applicants bring and do not discriminate based on culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.
Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.
We’re recruiting for a Cyber Threat Intelligence Principal here at Justice Digital, to be part of our warm and collaborative Digital Infrastructure and Security Operations (DISO) team.
The role aligns to the Vulnerability Management Principal position within the Government Security Profession Framework
As the Principal Cyber Intelligence Analyst at the Ministry of Justice (MOJ), you will lead and be responsible for a team of analysts undertaking analysis, collection, and dissemination of actionable threat intelligence to protect the MOJ. Your deep understanding of adversary tactics, techniques, and procedures (TTPs) will help to inform and improve MOJ cybersecurity defences - helping to predict and mitigate against emerging threats. You will work closely with security engineers, incident response teams, and external partners, translating raw intelligence into strategic insights that drive operational security decisions.
To help picture your life at MoJ Justice Digital please look at our blog and our Digital and Technology strategy 2025
Core responsibilities include:
• Ensuring that the MOJ takes a threat-led approach to cyber security with intelligence having a demonstrable impact on security decision-making at all levels of the organisation.
• Leading a multiskilled team of cyber intelligence specialists to deliver operational outcomes.
• Principal intelligence practitioner for the team able to share best practice and oversight of intelligence outputs to ensure the highest quality.
• Developing the skills and knowledge of your team as CTI practitioners.
• Shaping the development of CTI and threat hunting capability within MOJ.
• Incident Response - managing intelligence and threat hunting responsibilities as a core part of the incident response team to investigate and respond to security incidents.
• Maintain high levels of awareness of the latest threat intelligence and cybersecurity trends to fill the role of CTI Subject Matter Expert (SME) within a wide range of Security engagements.
• Leading collaboration activities with internal teams across the organisation in order to provide further internal understanding of potential adversaries and attack vectors.
• Delivery of verbal presentations and threat briefs, in-person and virtually, to internal and external stakeholders at all seniority levels.
• Represent the MOJ as the Subject Matter Expert (SME) on Cyber Threat Intelligence; delivering outputs to CISOs and other internal stakeholders.
• Relationship management within the wider Information Security community. Representation of the MOJ in a wide range of fora, to ensure impactful collaboration across Government Security communities including direct engagement with NCSC and the NCA.
• Ownership of CTI Vendor relationships - driving effective integration and usage of vendor platforms.
• Line Management/Performance management responsibilities for team members.
Person Specification
Essential Criteria:
• Substantial proven experience in leading threat intelligence/security teams and managing technical staff
• Intelligence reporting SME is able to deliver high quality products and maintain standards and quality across the team. Track record of delivering measurable impact from intelligence.
• Holds current relevant professional qualifications in Intelligence and/or Information Security (e.g. CREST CTIM/CISM) or relevant experience.
• Strong knowledge of cyber security principles, threat landscapes, and attack vectors. Knowledge of intelligence tooling
• Knowledge and understanding of current security threats, threat models, frameworks and common mitigations
• Excellent analytical and problem-solving skills,
• Demonstrable experience of proactive, operational delivery in a fast-paced security environment
Willingness to be assessed against the requirements for SC Clearance.
We welcome the unique contribution diverse applicants bring and do not discriminate based on culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.
Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.