Senior Threat and Vulnerability Analyst

Job summary

The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways.

Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.

Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements.

Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.

The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated four times in a row for ‘Best Public Sector Employer’ at the Women in Tech awards and won the award in 2025!

About the role

You will be helping to protect DBT and the wider UK government from cyber threats in a fast paced and exciting role. Reporting to, acting as the main support to and operating under the strategic direction the Principle Cyber Threat and Vulnerability Manager, The Senior Threat and Vulnerability Analyst is responsible for leading day‑to‑day operational delivery and continuous improvement of the efficiency, quality and effectiveness of TVM operational processes, tooling and workflows.

You will work closely with other members of the SOC, architecture, delivery and GRC teams to ensure vulnerabilities and threats are identified, assessed, prioritised and remediated in line with DBT’s risk‑based approach. You will provide operational leadership, technical direction and assurance, ensuring TVM processes are effective, well‑understood and continuously improved. A healthy curiosity is essential: you will proactively identify emerging threats and vulnerabilities, ensure appropriate investigation and response, and support the organisation in understanding and managing cyber risk.

We offer a range of training and upskilling opportunities to help you build your skills, broaden your experience, and support your ongoing professional development.

Job description

Your day-to-day role will involve the need to:

Threat Intelligence and assessment

• Conduct structured Threat Hunting and deep-dive analysis on potential threats against DBT, proactively identifying and leveraging threat intelligence sources to inform strategic threat and vulnerability mitigation measures.

Penetration Testing

• Coordinate the end-to-end execution of penetration testing and the tracking, remediation and verification of its outcomes to assess the robustness of DBTs systems, products and technologies.

Vulnerability management

• Lead prioritisation of vulnerability remediation across DBT’s platforms and multi-cloud environments through a risk-based approach to reduce the number of vulnerabilities and highest risk issues on the estate.

• Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation.

• Collaborate extensively with different business units and service teams to ensure effective vulnerability and misconfiguration mitigation in accordance with DBT vulnerability management policies.

Cyber Operations

• Develop the effectiveness and efficiency of the operational TVM service, identifying and implementing improvements to process, tooling and ways of working.

• Use metrics and insight to drive continuous improvement and demonstrate risk reduction over time and communicate effectively with senior colleagues regarding the status of remediation.

Person specification

You should be able to demonstrate essential skills and experience of:

• Substantive experience in a Threat and Vulnerability Management or related Cyber Operations role.

• Demonstrable experience and knowledge in end-to-end vulnerability management, application security testing tools and penetration testing management within cloud environments.

• Excellent communication skills, including ability to relay technical vulnerabilities and articulating risk clearly and effectively to both technical and non-technical audiences, for example through briefings, written reports, or stakeholder engagement.

• Ability to influence senior stakeholders to drive the prioritisation and continuous improvement of Threat and Vulnerability Management related processes.

• Experience in assessing the Cyber threat landscape, threat actors’ techniques, tactics, and procedures.

• Experience threat hunting in a cloud-based environment such as interpreting device and application logs from various sources and monitoring for emerging threat patterns and vulnerabilities.

It is desirable that you have:

• Hands on experience in penetration testing.

• Working knowledge of the software development lifecycle

Behaviours

We'll assess you against these behaviours during the selection process:

• Managing a Quality Service
• Changing and Improving

Technical skills

We'll assess you against these technical skills during the selection process:

• Penetration testing
• Vulnerability Management and Information risk assessment.
• Threat Understanding.
• Cyber Security Operations

Benefits

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an employer contribution of 28.97%

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

How to apply

As part of the application process you will be asked to upload a two-page CV and complete a 750 word personal statement outlining how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer.

Sift will be from week commencing 22nd June 2026

Interviews will be from week commencing 6th July 2026

Please note these dates are indicative and may be subject to change.

If there is a high volume of applications, we will sift looking at the lead criteria Substantive experience in a Threat and Vulnerability Management or related Cyber Operations role only. You may then be progressed to full sift or straight to interview.

How we interview

At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework which are listed above. These are role specific and in line with the Government Security Profession Career Framework.

You will also be asked to deliver a presentation and will be informed on the topic following the sift

How we offer

Offers will be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for.

This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn.

Checks will also be made against:

• departmental or company records (personnel files, staff reports, sick leave reports and security records)

• UK criminal records covering both spent and unspent criminal records

• your credit and financial history with a credit reference agency

• security services record

• location details

More about us

This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.

The Department will not consider sponsoring a visa or issuing a Certificate of Sponsorship. We are unable to offer advice on any Visa and Immigration cases.

You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure in the candidate pack attached to this advert.

Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : DDaT Recruitment
• Email : Ddat.recruitment@businessandtrade.gov.uk

Recruitment team

• Email : dbtrecruitment.grs@cabinetoffice.gov.uk

Further information

Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners’ Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DBT by email at Resourcing@trade.gov.uk. If you are not satisfied with the response you receive, you can contact the Civil Service Commission, which regulates all Civil Service recruitment. For further information on bringing a complaint to the Civil Service Commission please visit their web pages: Civil Service Commission Complaints

Attachments

DDaT Candidate Pack Aug 25 - Final Opens in new window (pdf, 631kB)