Security Risk and Assurance Lead (SEO)

The MoJ Information Security Team sits at the heart of the Ministry of Justice, enabling good security practices through the provision of security policies, guidance and education, by understanding cyber security risks from all parts of the Ministry of Justice and providing assurance to the departmental SIRO, the Permanent Secretary and other senior stakeholders that these risks are being effectively managed in the delivery of MoJ objectives.

The role of a Security Risk and Assurance Lead is to lead the programme of cyber security assurance for their assigned area of the organisation, highlighting non-compliance with required standards and providing appropriate challenge to the owners of cyber security risks arising from control gaps.

A Security Risk and Assurance Lead may also mentor and support others in good risk management practices to enable them to manage residual risk well, identify trends resulting from risk and assurance activities and use these to initiate and lead improvements to processes, policies and guidance, and own the resolution of tactical requests to the team.

All members of our team are expected to help develop the MoJ Security Function as a centre of excellence for the department and to contribute to building a brilliant and diverse team that is a welcoming place for all.





Typical role expectations and responsibilities

As a Security Risk and Assurance Lead, you will get involved in a wide range of tasks. Here are examples of typical things you might work on:

Lead the implementation and delivery of security assurance processes, including GovAssure and supplier assurance activities for your assigned area, to support the overarching assurance programme. Communicate assessment and assurance outcomes to stakeholders in ways that enable effective security, risk management and decision-making. Advise stakeholders on their approach to risk assessment in the context of their business outcomes.

Manage significant cybersecurity incidents and coordinate response efforts across business and technical teams. Oversee the full incident lifecycle, from notification through to resolution, ensuring swift action and embedding lessons learned for continuous improvement. Depending on the situation, you will lead triage or support teams performing triage. Act as a key driver for clear, timely communication with senior stakeholders during major incidents. You will document incidents, support investigations and root cause analysis, and ensure compliance with relevant policies.

Engage with Justice Digital and Information Assurance colleagues (or supervise third-party suppliers) to gather evidence of technical service and organisational process performance against security baselines, controls and requirements, using key performance indicators.

Analyse data to assess the quality of evidence and effectiveness of controls, focusing on business-critical services and associated operational areas.

Identify and report on trends from assurance assessments in your assigned area and ensure appropriate remediation plans are in place and actively managed.

Align risk decisions and advice with relevant regulation, policy and standards, providing proportional, practical guidance tailored to the local environment. Advise on residual risk, escalate risks when necessary, and take responsibility for closing follow-up actions.

Contribute to the development and enablement of security policy and culture, collaborating with the Security Policy, Culture, Awareness and Education team through insights from assurance activities. Assure ongoing appropriateness of policy in line with regulation and wider departmental and government requirements. Lead risk-related work and enable compliance and governance.

Build and maintain a network of security partners across government, national technical authorities and industry.

Contribute to submissions and reports for senior MoJ officials, and lead efforts to respond to requests and advisories from government partners.

Monitor the efficiency and effectiveness of security processes across the organisation and lead continuous improvement initiatives, including enhancing escalation and reporting methods where necessary.

This role may include line management responsibilities for more junior team members.



About you:
You will need experience of working well within a security, technology and risk team, and be able to demonstrate successful prior experience of leading, mentoring and motivating a small team. You will be able to demonstrate examples of your own motivation to grow your leadership and management skills and abilities.


You will be able to evidence people management skills with experience leading and motivating teams. Mentor team members, fostering a collaborative and high-performing environment.

You will be able to demonstrate the ability to translate technical risk into business impact and influence decisions at senior levels.

You will demonstrate an understanding of cyber security and technology, showing willingness to continue to grow your awareness of current and emerging technologies and their impact on existing security practices.

You will be able to communicate well and confidently with a variety of stakeholders, up to board level, and relay technical information to a non-technical audience. Represent MoJ in high-stakes situations internally and with external partners


You will possess excellent analytical and problem-solving skills, adopt a positive approach and display flexibility of mind when encountering new situations.


You will display attention to detail and discretion in dealing with confidential topics and senior stakeholders.


You will need to be analytical and inquisitive, probing for information where appropriate to understand business context and reasoning. You will be a trusted partner for your areas of the organisation and demonstrate an understanding of how to appropriately challenge security decisions, including those made by senior stakeholders.



Essential Skills

A proven track record in incident response leadership, the ability to translate technical risk into business impact, and the confidence to challenge constructively and influence outcomes at all levels.


The post holder will be expected to understand cloud security concepts such as, Azure, AWS, network and endpoint security, cyber-attack vector and threat actor tactics.


This role acts as a bridge between technical responders and senior management and requires strong analytical and problem-solving skills.


You will have experience of gathering and analysing data from various sources (internal systems, supply chain, public bodies) to identify vulnerabilities and trends.




Behaviours

We'll assess you against these behaviours during the selection process:

Technical skills

We may assess your current level of knowledge of cyber security and risk management during the selection process.