Senior Infrastructure Engineer
Role details
Job location
Tech stack
Job description
HM Land Registry (HMLR) is looking for a Senior Infrastructure Specialist Red Team Operator to join our growing IT Security Operations function. This is an exciting opportunity to become part of a new and developing Red Team capability, helping to strengthen HMLRs cyber resilience through advanced security testing, adversary emulation, and threat-informed assessments. The role is aligned to HMLR's developing Red Team function within the IT Security Operations area.
As a specialist within the Security Cluster, you will emulate real-world threat actors to identify vulnerabilities, test security controls, and provide actionable intelligence that helps improve our security posture. Working closely with defensive security teams, engineering teams and operational stakeholders, you will play a key role in protecting the systems and services that support one of the UK's largest digital property registers.
This is an excellent opportunity for someone who enjoys technical challenge, problem-solving, and collaborative working, and who wants to help shape the future direction of Red Teaming within HMLR., The IT Operations Practice sits within the Digital, Data and Technology (DDaT) directorate and is responsible for the performance and delivery of the technical infrastructure that underpins HMLR's services. The practice brings together a wide range of technical teams responsible for supporting, monitoring and operating critical infrastructure and services across the organisation
Within the practice sits a mature security function responsible for operational security across HMLR's platforms and systems. As part of a newly emerging Red Team capability, you will have the opportunity to influence and develop how the function operates, working closely with Security Operations, Security Assurance, infrastructure engineering teams and other technical specialists across the organisation.
Working as part of a team safeguarding HMLR systems against cyber threats, you will explore the tactics, techniques and procedures used by malicious actors to infiltrate systems undetected. Through simulated attacks, penetration testing and adversary emulation activities, you will identify weaknesses and provide evidence-based recommendations that help improve detection, response and security controls.
Main Duties
- Emulate the actions of threat actors to identify exploitable vulnerabilities across HMLR systems and services.
- Carry out penetration testing activities against networks, applications and computer systems.
- Perform simulated attacks to assess the effectiveness of defensive controls and detection capabilities.
- Identify security weaknesses, misconfigurations and attack paths, ensuring findings are communicated to the appropriate operational teams.
- Assess risks associated with security findings and potential vulnerabilities.
- Analyse attacker entry points and exploitation methods using real-world threat intelligence.
- Communicate priority risks, vulnerabilities and recommendations clearly to technical and non-technical stakeholders.
- Support the identification, prioritisation and implementation of security control improvements.
- Plan, coordinate and deliver adversary emulation and Red Team engagements.
- Provide actionable threat intelligence and security insights to Blue Teams and other security functions.
- Assess and enhance security controls, threat intelligence processes and incident response capabilities.
- Maintain awareness of the evolving cyber threat landscape and the tactics, techniques and procedures used by threat actors.
- Produce clear documentation, technical reports and recommendations that support informed decision-making across the Security Cluster.
Additional Requirement
- Occasional travel will be required to HM Land Registry offices, supplier locations and other Government departments, which may include overnight stays.
- The role will require occasional planned out-of-hours working to support IT changes, maintenance activities and security testing exercises.
- The post is covered by HMLR's flexible working hours agreement.
- Participation in an on-call rota may be required.
- The successful candidate will be required to obtain and maintain the appropriate level of Security Clearance and will be subject to additional background checks., We'll assess you against these behaviours during the selection process:
- Making Effective Decisions
- Leadership
- Communicating and Influencing
- Managing a Quality Service, The Civil Service values honesty and integrity and expects all candidates to share these values. Please ensure all examples provided throughout the recruitment process are representative of your own experience. Any instances of plagiarism or other forms of cheating (including the improper use of artificial intelligence) will be investigated and, if proven, the application will be withdrawn., * UK nationals
- nationals of the Republic of Ireland
- nationals of Commonwealth countries who have the right to work in the UK
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
- Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Requirements
- Holds a qualification in Information Technology or a related area (Degree level or equivalent) or significant experience in an IT field
- Advanced skills in the management of at least three of a range of security technologies such as: - SIEM, EDR-XDR, CTEM, DAST, WAF/DDoS, Entra ID, IPS/IDS, PKI, SASE
- Advanced Skills in Data Collection & reconnaissance, Exploitation frameworks, Password cracking, Attack Surface Mapping, Exposure Management
- Advanced scripting in one of: - Python, Perl, SQL Assembly, PowerShell, Shell scripting
Desirable Technical Skills and Qualifications:
- Ethical Hacking Essentials (EHE)
- Certified Ethical Hacker (CEH)
- Extensive knowledge in the security of either Windows, Linux or Mainframe systems
- Extensive knowledge in the operation of security controls in cloud services such as AWS or Azure
- Web application testing and exploitation
- Network penetration testing and exploitation
Essential Experience:
- Experience of technical information gathering, analysis and problem solving of security related issues
- Experience of technologies including but not limited to Firewalls, IDS/IPS, Active Directory, Microsoft Windows OS, Linux, TCP/IP, and networking
- Experience in cyber security testing
- Experience in planning and executing attack simulations
- Experience in applying standard frameworks to map attacker behaviour
- Experience in threat analysis and security incident response
- Excellent communication skills and the ability to work effectively as part of a team
- Strong leadership demonstrated through coaching or mentoring
Desirable Experience:
- Software Engineering Fundamentals
- Advanced experience in designing and documenting security systems and controls
- Experience in Malware Analysis & development, Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .
Benefits & conditions
Pulled from the full job description
- Annual leave
- Company pension, Alongside your salary of £48,400, HM Land Registry contributes £14,021 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides ., We have a strong and positive culture, a commitment to inclusivity, an emphasis on continuous learning and development, and flexible ways of working. We offer competitive pay and annual leave, attractive pension options and a wide range of other benefits.
- We have integrity we value honesty, trust and doing the right thing in the right way.
- We drive innovation we are forward-thinking, embrace change and are continually improving our processes.
- We are professional we value and grow our knowledge and professional expertise.
- We give assurance we guarantee our services and provide confidence to the property market.
https://www.gov.uk/government/organisations/land-registry/about/recruitment#what-hm-land-registry-can-offer-you