Cyber Threat and Vulnerability Manager

If you would like to find out more about the role, the Threat & Vulnerability Management team and what it’s like to work at DBT, we are holding a Hiring Manager Q&A session for this role where you can virtually 'meet the team' on Tuesday 11th November at 13.00pm. Please click here to book your spot.

The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways.

Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.

Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements.

Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.

The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission.

You will be helping to protect DBT and the wider UK government from cyber threats in a fast paced and exciting role. Reporting to the Head of Cyber Security Operations, you will manage and be responsible for the Threat and Vulnerability Management function within the SOC, by providing leadership on identification and improvement opportunities, and ensuring service owners are aware of weaknesses in their security posture and are empowered with the right information to take appropriate actions.

A healthy curiosity will be essential, to actively go out and discover items of potential interest to the team, ensuring that there is collaboration between the architects, SOC engineers and analysts, and risk managers to deliver a documented risk-based response to the present and future of anything that may be found.

Your day-to-day role will involve the need to:

• Working with the Security Leadership team to develop a strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program.
• Line management of the threat and vulnerability management team.
• Building sustainable relationships to champion the adoption of vulnerability and threat management, compliance, and penetration testing program across the Department.
• Manage the relationship with pen testing 3rd parties and the scheduling of tests.
• Develop, implement, and maintain the organisation's vulnerability management strategy, policies, standards, and procedures.
• Be accountable for thorough assessments of the department’s systems, networks, and applications.
• Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.
• Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.
• Development and maintenance of actionable key performance and risk indicators (KPI’s & KRI’s) that provide a view over the effectiveness of the department’s Vulnerability Management & Threat Intelligence program.
• Continuously improve DBT’s TVM program maturity and security posture through driving successful remediation efforts with internal and external teams responsible for infrastructure and applications.