If you'd like to find out more about the role, the Cyber Security Team and what it’s like to work at DBT, we're holding a Hiring Manager Q&A session for this role where you can virtually 'meet the team' on Wednesday 20th August at 12:30pm. Please click here to book your spot.
About us
The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways:
Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies are rewarded for treating their employees properly.
Secondly, we open international markets and ensure resilient supply chains through Free Trade Agreements, trade facilitation, and multilateral agreements.
Finally, we work in partnership with businesses every day, providing finance and deal-making support to those looking to start up, invest, export, and grow.
The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission.
As a Lead Cyber Security Engineer at DBT, you will play a vital role in safeguarding the department’s digital estate, supporting the UK’s economic resilience and global competitiveness. You’ll lead the design and implementation of secure-by-design solutions across cloud, hybrid, and on-premises environments, embedding security throughout the digital lifecycle.
Your responsibilities will span strategic and operational domains. You’ll lead security engineering across DBT’s digital platforms, ensuring robust protection of trade, business, and investment systems. You’ll oversee our Security Operations Centre (SOC), managing security event data to generate actionable alerts for cyber analysts.
Working closely with the SOC Manager, you’ll ensure that security tooling and data pipelines are current, effective, and tailored to reduce alert fatigue. You’ll create analytic rules and collaborate with analysts to refine detection capabilities. You’ll also manage security alerts and lead incident response and investigations.
As a senior member, you’ll advise on cyber risks, emerging threats, and mitigation strategies aligned with the Government Security Framework. You’ll collaborate across government, industry, and international partners to uphold the UK’s cyber reputation. Additionally, you’ll mentor and develop talent within the cyber team, fostering innovation and continuous improvement.
Main responsibilities
You will be:
* Leading large, cross-functional teams in designing and developing automated monitoring processes, advising on SIEM and network analysis tools, techniques, and procedures to detect malicious activity, and communicating progress to leadership.
* Implementing a monitoring strategy, ensuring roadmaps are achieved, and requirements, policies, and standards are met.
* Reviewing high-priority security event data to manage incident response, making decisions on reporting or escalation, and identifying process improvements.
* Communicating with senior stakeholders and defining the vision, principles, and strategy for incident response. Deputising for the SOC manager when required.
* Reviewing incident documentation to ensure lessons learned are captured and implemented.
* Maintaining and integrating Cyber Threat Intelligence services to enhance threat detection capabilities.
* Mentoring junior engineers and contributing to the development of the security profession.
About you
* Good, open communication skills across written, verbal, and virtual mediums.
* Strong decision-making abilities.
* Strong collaboration skills, recognizing the need to work with other Cyber team members, Service teams, and third parties.
* Ability to prioritize workload based on SOC requirements and guidance.
#J-18808-Ljbffr