The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways. Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly. Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements. Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.
The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated four times in a row for 'Best Public Sector Employer' at the Women in Tech awards! We are expanding our Cyber Incident Detection and Response team and are looking for capable and motivated SOC Analysts to help strengthen our cyber defence capabilities. In this role, you will play a key part in protecting the department's systems and data. You will triage and investigation security alerts, aid with incident response activities, and support the development of detection and response processes. You will be supported by the Senior Analyst team. You will have dedicated time for non-alert responsibilities, with defined areas of focus during non-operational time. This will include proactive initiatives to enhance the department's cyber capabilities e.g. creation of Threat Hunting tooling, and alert refinement.
Main responsibilities: You will:
* Be able to triage, investigate and resolve security alerts and incidents in line with processes, ensuring timely and effective response
* Contribute to the development and refinement of incident response procedures, playbooks, and documentation
* Contribute to the continuous improvement of logging, monitoring, and alerting capabilities to enhance threat visibility
* Provide support and advice to stakeholders and colleagues
* Maintain awareness of emerging threats, vulnerabilities, and trends to aid with detection and response
* Allocate time to defined areas of focus outside of operational duties, supporting the strategic development of SOC capabilities (Incident Response Procedures, Threat Hunting, Detection Engineering)
* Use time away from live operations to develop key SOC capabilities, including alert refinement, dashboard creation and wider engagement in the Cyber Team
Disability Confident
About Disability Confident A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to .
#J-18808-Ljbffr