Join a team at the heart of the global economy! The Department for Business and Trade ("DBT") and Inspire People are partnering together to bring you an exciting opportunity for a Senior Cyber Security Engineer to play an instrumental role within the SOC (Security Operations Centre) supporting the identification and mitigation of threats by creating new capabilities, supporting existing capabilities and providing expertise to analysts. Salary between £43,117 to £57,500 plus excellent Civil Service benefits including 27% pension contribution. Salary is dependent on location and technical skills as assessed at interview. Flexible, hybrid working from London, Cardiff, Darlington, Belfast, Birmingham, Salford and Edinburgh.

About the Role This role sites within the Department for Business and Trade’s SOC (Security Operations Centre), reporting to the Principle Cyber Engineer. The SOC is responsible for identification and mitigation of threats, both internal and external to the security of DBT. This role is to support these actions by creating new capabilities, supporting existing capabilities and provide expertise to analysts when required. Focussing on supporting the delivery of the monitoring and development aspects of DBT’s TOM (Target Operating Model), this role will involve development of security tools, providing cyber security advice to the development community in DBT to ensure best practice is being followed. This role will be suitable for an individual with a DevSecOps (Development and Security Operations) background or someone who has skills in both development and Cyber Security.

Main ResponsibilitiesYou will be:

• Supporting the Principle Cyber Security Engineer and SOC Manager in the implementation of the monitoring and improvement roadmap
• Identifying areas of improvement within the SOC and building a plan to implement the improvement.
• Testing and Implementing changes within multiple Cloud Environment.
• Producing software documentation to accurately represent the system that has been implemented and its current state for other engineers to use and rely on.
• Updating and maintaining existing tools and infrastructure.
• Facilitating the ingestion and enriching new logging services into the SIEM (Security Incident and Event Management) Tool for the analysts.
• Maintaining the pipelines and infrastructure that is facilitating the ingestion of logs and processing logs.
• Being able to assist with active investigations that and provide expert knowledge to assist analysts.
• Creating Playbooks for creating new capabilities and documentation for maintaining new capabilities.

Skills and Experience

It is essential that you have:

• In depth experience in configuring AWS and Azure policies and infrastructure, underlying logging systems and mechanisms
• Demonstratable experience configuring Security related tools and implementing security policies
• Demonstratable experience working with a SIEM tool (Microsoft Sentinel, Splunk, etc)
• Understanding of threats to an organisation and how they can be mitigated using tools
• Good communication and stakeholder management skills, acting as a bridge between the technical and the non-technical

It is desirable that you have:

• Knowledge of AWS with configuring Security elements of AWS (Guard Duty, CloudTrail, CloudWatch)
• Knowledge of using Python and/or the Django framework
• Good working knowledge of Query Languages (SQL, KQL (Kusto), etc.)

In return, you can expect a planned, transparent progression with learning and development tailored to your role, an environment with flexible working options and a culture encouraging inclusion and diversity, plus the following benefits:
• Salary of £43,117 to £57,500 depending on skills as assessed at interview
• Flexible, hybrid working from London, Cardiff, Darlington, Edinburgh, Belfast, Birmingham, Salford
• Training and development tailored to your role with study days and certifications expensed
• Annual leave starting at 26 days per annum plus statutory bank holidays rising to 30 days with service
• An excellent Civil Service pension scheme starting at 27% employer contribution Additional information

• Apply before Monday 29th July at 12pm (noon)
• This role requires SC clearance, a condition of which is to have been present in the UK for 3 out of the past 5 years
• DBT does not hold a UK Visa & Immigration (UKVI) Skilled Worker License sponsor and are unable to sponsor any individuals for Skilled Worker Sponsorship

If you are an experienced Cyber Security Engineer looking to enhance your career and make a difference across a function that will make a real difference to the UK economy, then apply today or contact Alison Whitehead at Inspire People in complete confidence for further information.