SEO Lead Cyber Security Monitoring

£44,241 per year, £44,241 plus an additional Government Digital and Data Profession allowance up to £14,756

Contract Type: Permanent

Hours: Full time

Disability Confident: Yes

Closing Date: 22/02/2026

About this job

Join DVSA's mission to make roads safer and more efficient by shaping the future of digital public services.

As Lead Cyber Security Monitoring, you'll play a pivotal role in protecting DVSA's systems, data, and services used by millions across the country.

Keeping its critical digital services secure by leading the frontline of cyber defence.

You will take ownership of responding to complex security events and incidents, working from threat intelligence, monitoring outputs, and established procedures without the need for direct supervision.

You'll lead the containment, investigation, and remediation of cyber incidents, ensuring rapid recovery, minimal business impact, and robust forensic readiness.

You will also drive proactive security through threat hunting, vulnerability management, and continuous improvement of SOC processes.

As a senior role within the Security Operations Centre, you will guide, support and mentor SOC analysts and colleagues across DVSA, acting as a subject matter expert in incident response, threat detection, and cyber resilience.

You will champion high standards of cyber security practice, ensuring compliance with policy, shaping response processes, and strengthening organisational readiness through exercises, training, and cross government collaboration.

You will be committed to operational excellence and will promote strong security behaviours across the organisation.

You will communicate clearly both with senior stakeholders and end users and ensure DVSA remains prepared for tackling emerging threats and evolving attack vectors.

Joining our department comes with many benefits, including: Employer pension contribution of
28.97% of your salary.

Responsibilities

• Leading the rapid detection, investigation, and response to cyber security incidents, ensuring threats are contained, impact is minimised, and incidents are handled in line with DVSA policies, legal requirements, and best practice security standards, including performing or arranging digital forensics to support evidence gathering and preservation.

Driving proactive cyber defence through threat hunting and vulnerability management, using threat intelligence to identify emerging risks, suspicious activity, and weaknesses in DVSA's security posture.

Manage post incident review, including root cause analysis, to feedback information and so improve monitoring and evidencing need for policy change as necessary.

Managing and improving SOC processes and protective monitoring capabilities, ensuring DVSA and its suppliers meet contractual and policy obligations for incident reporting and security operations.

Planning, leading, and evaluating incident response exercises, including red team activity, to strengthen organisational readiness and validate response procedures.

Providing expert advice to senior leaders and technical teams, helping them understand risks, make informed decisions, and embed strong security practices.

Building strong relationships across DVSA and with external partners, including government departments, regulators, and third party suppliers.

Producing clear, high quality reporting and communication, including incident summaries, performance statistics, lessons learned, and recommendations for continuous improvement.

Demonstrating leadership by guiding, mentoring, and supporting SOC analysts and colleagues, acting as a role model for professional standards, technical excellence, and Civil Service values.

Great line management is important to us as an organisation, and we will equip and support line managers to develop the skills they need.

We aim to empower line managers to create teams where people can flourish and deliver excellent outcomes for the public.

Proud member of the Disability Confident employer scheme.