About us
The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways:
1. We help to build a strong, competitive business environment, where consumers are protected and companies are rewarded for treating their employees properly.
2. We open international markets and ensure resilient supply chains, through Free Trade Agreements, trade facilitation, and multilateral agreements.
3. We work in partnership with businesses daily, providing finance and deal-making support to those looking to start up, invest, export, and grow.
The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support this mission. The team has been nominated three times consecutively for ‘Best Public Sector Employer’ at the Women in Tech awards!
About the role
We are expanding our Cyber Incident Detection and Response team and are looking for experienced and motivated Senior SOC Analysts to strengthen our cyber defence capabilities. In this role, you will:
* Lead the triage and investigation of security alerts, manage incident response activities, and develop detection and response processes.
* Act as an escalation point for complex incidents and contribute to improving monitoring and logging coverage.
* Mentor and support other analysts, fostering a collaborative team environment.
* Report to the Principal Analyst team and contribute to continuous SOC operations improvement.
* Engage in professional development through training platforms, dedicated learning time, and industry events such as SANS.
Main responsibilities
* Lead the triage, investigation, and resolution of security alerts and incidents, ensuring timely and effective response.
* Act as an escalation point for complex or high-priority incidents, providing guidance throughout the incident lifecycle.
* Support the development and refinement of incident response procedures, playbooks, and documentation.
* Contribute to enhancing threat visibility through logging, monitoring, and alerting improvements.
* Collaborate with other teams to embed and improve security controls and logging.
* Provide leadership and mentorship to SOC Analysts, supporting performance and development.
* Stay informed on emerging threats, vulnerabilities, and trends to inform detection and response strategies.
* Use non-operational time to develop SOC capabilities, including incident response, threat hunting, and detection engineering.
#J-18808-Ljbffr