About us
The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow, and export to create jobs and opportunities across the country. We do this by:
1. Building a strong, competitive business environment, protecting consumers, and rewarding companies that treat their employees properly.
2. Opening international markets and ensuring resilient supply chains through Free Trade Agreements, trade facilitation, and multilateral agreements.
3. Partnering with businesses daily, providing finance and deal-making support for startups, investments, exports, and growth.
The Digital, Data and Technology (DDaT) directorate develops tools and services to support this mission. Our team has been nominated three times for ‘Best Public Sector Employer’ at the Women in Tech awards!
About the role
We are expanding our Cyber Incident Detection and Response team and seek experienced Senior SOC Analysts to strengthen our cyber defense capabilities. You will play a key role in protecting our systems and data by leading triage and investigation of security alerts, managing incident response activities, and developing detection and response processes. You will act as an escalation point for complex incidents and help improve our monitoring and logging coverage. Additionally, you will mentor other analysts, fostering a collaborative team environment. Reporting to the Principal Analyst team, you will contribute to the ongoing improvement of SOC operations through focus areas during non-operational times. We support your professional growth with training platforms, dedicated learning time, and opportunities for external training and industry events like SANS.
Main responsibilities include:
* Leading triage, investigation, and resolution of security alerts and incidents, ensuring timely responses.
* Acting as an escalation point for complex or high-priority incidents, providing guidance throughout the incident lifecycle.
* Supporting the development and refinement of incident response procedures and documentation.
* Enhancing logging, monitoring, and alerting capabilities to improve threat detection.
* Collaborating with other teams to embed and improve security controls and logging.
* Providing leadership and mentorship to SOC Analysts, setting objectives, supporting performance, and fostering team development.
* Staying informed about emerging threats and vulnerabilities to inform detection strategies.
* Using non-operational time to develop SOC capabilities like incident response, threat hunting, and detection engineering.
#J-18808-Ljbffr