JOB SUMMARY

About us
The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways.
Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.
Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements.
Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.
The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated three times in a row for ‘Best Public Sector Employer’ at the Women in Tech awards!

JOB DESCRIPTION

About the role
We are expanding our Cyber Incident Detection and Response team and are looking for experienced and motivated Senior SOC Analysts to help strengthen our cyber defence capabilities.
In this role, you will play a key part in protecting the department’s systems and data. You will lead the triage and investigation of security alerts, manage incident response activities, and implement the development of detection and response processes. You will also act as an escalation point for complex incidents and contribute to improving our monitoring and logging coverage.
Alongside operational responsibilities, you will mentor and support other analysts, helping to build a collaborative and capable team. You will report to the Principal Analyst team and contribute to the continuous improvement of our SOC operations through defined areas of focus during non-operational time.
We are committed to your professional development, offering access to a range of training platforms, dedicated learning time, and opportunities to attend external training and industry events such as SANS.
Main responsibilities

You Will:

• Lead the triage, investigation, and resolution of security alerts and incidents in line with processes, ensuring timely and effective response.
• Act as an escalation point for complex or high-priority incidents, providing guidance and oversight throughout the incident lifecycle.
• Support the development and refinement of incident response procedures, playbooks, and documentation.
• Contribute to the continuous improvement of logging, monitoring, and alerting capabilities to enhance threat visibility.
• Collaborate with other teams to ensure security considerations (controls, logging etc.) are embedded and improved.
• Provide line management and day-to-day leadership to SOC Analysts, including setting objectives, supporting performance and development, and conducting regular check-ins. Actively mentor team members, sharing knowledge and experience to build capability, confidence, and a collaborative team culture.
• Maintain awareness of emerging threats, vulnerabilities, and trends to inform detection and response strategies.
• Use time away from live operations to develop key SOC capabilities, including incident response, threat hunting, and detection engineering, supporting long-term strategic goals.

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

Information Technology
Security
Other