Job Summary

The Home Office Cyber Security Operations Centre (CSOC) works 24/7/365 to protect the organisation from cyber threats. Threat Operations is an operational area within the CSOC that consists of several proactive and reactive services. The CSOC’s Threat Modelling team is a core function responsible for identifying, prioritising, and mitigating potential cyber threats and vulnerabilities within Home Office systems, applications and networks. This function is closely tied with the CSOC Onboarding process and other areas like Threat Intelligence, Threat Hunting and the Use Case Factory.

The Senior Threat Modelling Analyst role focuses on Threat Modelling within the Threat Operations unit, working closely with stakeholders and service owners. A strong understanding of technical research and analysis of adversary tools, techniques and procedures (TTPs) that could be used to compromise technology components is required. Threat Modelling involves identifying preventative, detective and corrective controls, potentially liaising with subject matter experts (SMEs). You will perform deep-dive analysis against technology components, create threat-focused data flow diagrams using tools like MS Visio, and draft use-case proposals articulating defined detection requirements for each component. You will manage your workload within the Jira ecosystem which integrates with our processes.

Salary: £44,720 plus capability and skills allowance of up to £12,680

Location: Manchester Soapworks (hybrid with 60% office attendance)

Close Date: 11:55pm

Key Responsibilities

• Assist in conducting and maturing the CSOC’s threat modelling processes to meet the organisation’s needs in line with appropriate standards. Advise stakeholders on mitigation and escalate where appropriate.
• Support identifying and classifying security threats to networks, systems and applications. Prioritise controls relevant to identified threats through a risk-based approach.
• Support the development of use-cases, including creation within CSOC tooling to enable threat detection.
• Prioritise attack vectors and support mitigation by providing standard risk control advice. Develop and implement threat modelling schedules aligned with organisational goals and compliance needs.
• Communicate common mitigation strategies such as preventative controls and basic configuration changes (system hardening). Continuously seek to identify potential service and process improvements, applying industry best practices, good judgment and problem-solving skills to security operations and investigations.
• Support stakeholder engagement by interpreting technical information around networks and infrastructure. Communicate threats clearly to service owners about potential risks to components and systems.

Please note that this role requires Security Clearance, which would normally require 5 years’ UK residency in the past 5 years. Candidates must also hold or be prepared to undergo NPPV3 clearance.

You’ll bring a demonstrable passion for cyber security and experience in:

• Developing and sharing actionable insights on current and emerging cyber threats, helping organisations understand their impact on system architecture.
• Coordinating responses to cyber security incidents and restoring service quickly by identifying likely threat scenarios and attack paths, followed by security recommendations.
• Developing, improving or deploying detective use cases within security software (e.g., SIEM or EDR).
• Delivering management, technical and administrative services to implement security controls and management strategies.
• Building strong partnerships and influencing stakeholder decisions to monitor and improve detections while navigating complex technology landscapes.
• Experience in management, vulnerability research, malware and exploit analysis, investigations, or working in a Security Operations Centre (SOC).
• Familiarity with standards and models such as NIST, ISO27001, COBIT, BS EN 31111, Cyber Essentials, Cyber Defence Controls, Cloud Principles, NCSC guidelines, and threat analysis frameworks.
• A range of benefits including a highly competitive pension with an employer contribution of 28.97%; 25 days annual leave rising to 30 days plus 8 public holidays and 1 day for the King’s Birthday; flexible working options; hybrid working model (minimum 60% in workplace); training and development opportunities; access to funded qualifications; capability allowance; inclusive culture; enhanced parental leave; and annual performance-based bonus and recognition awards.

How to apply: Please click on apply now to be redirected to our application portal

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology and Analyst

Industries

Government Administration

Additional information: Referrals increase your chances of interviewing at UK Home Office. This role is based in Manchester, England, United Kingdom.