Principal Cyber Security Lead

Details
-----------

Reference number

463110

Salary

£76,400 \- £82,450
A DDaT allowance of up to £8750 may be applicable.

Applicants new to the civil service will be recruited at the minimum of the pay band for the grade of the position into which they are appointed. Only in exceptional circumstances will a salary above the minimum be considered, based on skills, knowledge, experience and qualifications demonstrated through the recruitment process, and also equity with staff internal to the CMA.
A Civil Service Pension with an employer contribution of 28\.97%
GBP

Job grade

Grade 6### Contract type

Permanent### Type of role

Architecture and Data

Digital

Information Technology

Security### Working pattern

Flexible working, Full\-time, Part\-time### Number of jobs available

1
Contents
------------

• Location


• About the job


• Benefits


• Things you need to know


• Apply and further information

Location
------------

LondonAbout the job
-----------------

Job summary

This is a particularly exciting moment to become part of the Competition and Markets Authority (CMA). As the principal body responsible for competition and consumer protection in the United Kingdom, the CMA is charged with ensuring that markets operate efficiently and fairly for consumers. The organisation plays a crucial role in tackling significant challenges currently facing the UK, such as enhancing productivity, driving economic growth, strengthening economic resilience, reducing cost of living pressures, and addressing the influence of major digital corporations. Additionally, the CMA is at the forefront of navigating the unprecedented opportunities and risks presented by emerging technologies, including Artificial Intelligence.

In response to these evolving challenges, the CMA has formed the Executive Directorate for Data, Technology, and Insight (DTI). This directorate brings together expertise and activities across several critical domains of increasing importance. Among these are data science, data engineering, artificial intelligence, behavioural science, technology insight, and digital forensics. The directorate also encompasses the development and management of technology systems, architecture, digital products, and tools, thereby consolidating the CMA’s capability to respond effectively to the demands of the digital age.

Job description

The Principal Cyber Security Lead is a vital member of the Cloud and Infrastructure team, dedicated to safeguarding data, systems, and services.

The role centres on becoming the technical cyber security lead within CMA, taking the technical lead for the entire defensive stack and the opportunity to remediate, improve, and enhance CMAs cyber. By performing these functions, the Principal Cyber Security Lead supports the CMA’s ongoing commitment to secure and robust digital operations.

Key responsibilities will include;

• Providing technical expertise and leading on security controls


• Security solution administration and enhancement


• Incident response


• Security Operations Centre (SOC) engagement


• Vulnerability reporting


• Continuous improvement and governance


• Identity and access management


• Compliance and framework alignment

Person specification

It is essential that you can provide evidence and examples for each of the following selection criteria in your application. For tips on how to make the most your application, please have a look at our guidance document.

Essential:

• Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. (Lead Criteria)


• Hands on experience securing Microsoft Azure and Amazon Web Services cloud environments. (Lead Criteria)


• Technical experience working and securing Microsoft Client and Server technologies such as Windows 11, Windows Server and SQL Server.


• Knowledge of security operations, digital threat monitoring, and common frameworks for cyber incident response.


• Experience in taking ownership for analysing and interpreting security events/logs and performing digital forensics tasks end\-to\-end from alert to remediation.


• Strong analytical, communication, and problem\-solving skills, including the ability to produce clear technical and non\-technical reports.

Desirable:

• Understanding of network protocols, firewalls, intrusion detection/prevention, anti\-malware, and incident response methodologies.


• Recognised cyber security certifications (e.g., CompTIA Security\+, CEH, GIAC, CISSP).


• Experience with Darktrace


• Experience with Ubuntu (or Linux)

Qualifications

Bachelor’s degree in Cybersecurity or Computer Science### Behaviours

We'll assess you against these behaviours during the selection process:

• Delivering at Pace


• Communicating and Influencing


• Managing a Quality Service


• Changing and Improving


• Making Effective Decisions

Technical skills

We'll assess you against these technical skills during the selection process:

• Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools.


• Securing Microsoft Azure and Amazon Web Services cloud environments.


• Securing Microsoft Client and Server technologies such as Windows 11, Windows Server and SQL Server.


• You will be assessed against the Digital, Data and Technology profession capability framework at Lead Security Architect level. \- https://ddat\-capability\-framework.service.gov.uk/role/security\-architect\#lead\-security\-architect

Benefits
------------

Alongside your salary of £76,400, Competition \& Markets Authority contributes £22,133 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
You’ll also get:

• 25 days leave (increasing to 30 days over five years), plus 8 public holidays and an additional day off for the King’s birthday. In addition, you’ll be able to access a wide range of other types of leave as and when you need it, including generous maternity, paternity, shared parental leave and adoption options, as well as paid special leave for volunteering


• Season ticket loans, cycle to work scheme, flu vaccinations and eye tests


• Access to the Civil Service Sports \& Leisure, giving discounted gym membership, high street discounts, free access to UK wide attractions and a free Tastecard


• A range of wellbeing benefits, including an employee assistance programme, flexible working options and family friendly policies, regular networking events and professional learning opportunities at work

You can read more about our benefits in our candidate pack.

Our Values

We are Ambitious and Evidence\-based, and always strive for Excellence. We treat everyone with Respect and are Collaborative and Inclusive.

Everything we do is underpinned by the Civil Service values: Honesty, Integrity, Impartiality and Objectivity.

You can read more about life at the CMA in our candidate pack

Things you need to know
---------------------------

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.### Selection process details

This vacancy is using Success Profiles , and will assess your Behaviours, Experience and Technical skills.Application and sift stage

• As part of the application process, you will be asked to complete a CV, personal statement, and an online application form. Further details about application requirements are listed on the application form.


• The selection process is noted below and will comprise of the sift (CV \& application review) and interviews.


• Please note that it is essential that your personal statement is aligned to provide evidence that you have the knowledge and experience for each of the essential criteria (as included on the role profile attached and listed above under 'Person Specification') in your application. Your personal statement should be no more than 1250 words. You will first be sifted on the first two criteria points (Lead Criteria). If your application progresses to a full sift, all elements of the essential criteria listed under Person Specification will then be considered.


• We may raise the score required at sift stage to progress to interview if we receive a high number of applications and take through the highest performing candidates to the interview stage.

Interview stage

• At the CMA we apply a blended interview technique, allowing us to find out more about you and we use the Success Profiles framework assessing the Behaviours and experience (essential criteria) listed in the advert and attached role profile.


• During the interview(s) you will be asked questions based on the Technical skills, Behaviours and experience outlined in the role profile.


• A reserve list may be held for up to 12 months from which further appointments may be made for the same or similar roles.

There will be two interview stages. The first interview will be a 30 minute Technical interview in which you will be asked questions aligned to the required technical skills.

Candidates that are successful at the first interview will be invited to a second 45\-60 minute interview in which you will be asked Technical, Behaviour and Experience questions.

Timeline (the dates outlined below are indicative and may be subject to change)

• The advert closing date is 23:55pm on 8th June 2026\.

This listing is from indeed. View original listing ↗