About us
The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways:
1. We help to build a strong, competitive business environment, where consumers are protected and companies are rewarded for treating their employees properly.
2. We open international markets and ensure resilient supply chains through Free Trade Agreements, trade facilitation, and multilateral agreements.
3. We work in partnership with businesses daily, providing finance and deal-making support to those looking to start up, invest, export, and grow.
The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team has been nominated three times in a row for ‘Best Public Sector Employer’ at the Women in Tech awards!
About the role
We are expanding our Cyber Incident Detection and Response team and are looking for experienced and motivated Senior SOC Analysts to help strengthen our cyber defence capabilities. In this role, you will play a key part in protecting the department’s systems and data. You will lead the triage and investigation of security alerts, manage incident response activities, and develop detection and response processes. You will also act as an escalation point for complex incidents and contribute to improving our monitoring and logging coverage.
Alongside operational responsibilities, you will mentor and support other analysts, helping to build a collaborative and capable team. You will report to the Principal Analyst team and contribute to the continuous improvement of our SOC operations through focus areas during non-operational time. We are committed to your professional development, offering access to training platforms, dedicated learning time, and opportunities to attend external training and industry events such as SANS.
Main responsibilities
* Lead the triage, investigation, and resolution of security alerts and incidents, ensuring timely and effective response.
* Act as an escalation point for complex or high-priority incidents, providing guidance throughout the incident lifecycle.
* Support the development and refinement of incident response procedures, playbooks, and documentation.
* Contribute to the improvement of logging, monitoring, and alerting capabilities to enhance threat visibility.
* Collaborate with other teams to embed and improve security considerations (controls, logging, etc.).
* Provide line management and day-to-day leadership to SOC Analysts, including setting objectives, supporting performance and development, and conducting regular check-ins. Mentor team members to build capability, confidence, and a collaborative team culture.
* Maintain awareness of emerging threats, vulnerabilities, and trends to inform detection and response strategies.
* Use time away from operations to develop SOC capabilities, including incident response, threat hunting, and detection engineering, supporting strategic goals.
#J-18808-Ljbffr