SEO Lead Cyber Security Monitoring

Posting date:	23 January 2026
Salary:	£44,241 per year
Additional salary information:	£44,241 plus, an additional Government Digital and Data Profession allowance up to £14,756
Hours:	Full time
Closing date:	03 February 2026
Location:	London
Company:	Government Recruitment Service
Job type:	Permanent
Job reference:	445384/4

Summary

Join DVSA’s mission to make roads safer and more efficient by shaping the future of digital public services. As Lead Cyber Security Monitoring, you’ll play a pivotal role in protecting DVSA’s systems, data, and services used by millions across the country. Keeping its critical digital services secure by leading the frontline of cyber defence.

You will take ownership of responding to complex security events and incidents, working from threat intelligence, monitoring outputs, and established procedures without the need for direct supervision. You’ll lead the containment, investigation, and remediation of cyber incidents, ensuring rapid recovery, minimal business impact, and robust forensic readiness. You will also drive proactive security through threat hunting, vulnerability management, and continuous improvement of SOC processes.

As a senior role within the Security Operations Centre, you will guide, support and mentor SOC analysts and colleagues across DVSA, acting as a subject matter expert in incident response, threat detection, and cyber resilience. You will champion high standards of cyber security practice, ensuring compliance with policy, shaping response processes, and strengthening organisational readiness through exercises, training, and cross-government collaboration.

You will be committed to operational excellence and will promote strong security behaviours across the organisation. You will communicate clearly both with senior stakeholders and end users and ensure DVSA remains prepared for tackling emerging threats and evolving attack vectors.

Joining our department comes with many benefits, including:

• Employer pension contribution of 28.97% of your salary. Read more about Civil Service Pensions here
• 25 days annual leave, increasing by 1 day each year of service (up to a maximum of 30 days annual leave), plus 8 bank holidays a privilege day for the King’s birthday
• Flexible working options where we encourage a great work-life balance.

Read more in the Benefits section below!

Find out more about what it's like working at Driver and Vehicle Standards Agency - Department for Transport Careers

Your responsibilities will include, but aren’t limited to:

• Leading the rapid detection, investigation, and response to cyber security incidents, ensuring threats are contained, impact is minimised, and incidents are handled in line with DVSA policies, legal requirements, and best‑practice security standards, including performing or arranging digital forensics to support evidence gathering and preservation.
• Driving proactive cyber defence through threat hunting and vulnerability management, using threat intelligence to identify emerging risks, suspicious activity, and weaknesses in DVSA’s security posture.
• Manage post-incident review, including root cause analysis, to feedback information and so improve monitoring and evidencing need for policy change as necessary.
• Managing and improving SOC processes and protective monitoring capabilities, ensuring DVSA and its suppliers meet contractual and policy obligations for incident reporting and security operations.
• Planning, leading, and evaluating incident response exercises, including red‑team activity, to strengthen organisational readiness and validate response procedures.
• Providing expert advice to senior leaders and technical teams, helping them understand risks, make informed decisions, and embed strong security practices.
• Building strong relationships across DVSA and with external partners, including government departments, regulators, and third‑party suppliers.
• Producing clear, high‑quality reporting and communication, including incident summaries, performance statistics, lessons learned, and recommendations for continuous improvement.
• Demonstrating leadership by guiding, mentoring, and supporting SOC analysts and colleagues, acting as a role model for professional standards, technical excellence, and Civil Service values.

Great line management is important to us as an organisation, and we will equip and support line managers to develop the skills they need. We aim to empower line managers to create teams where people can flourish and deliver excellent outcomes for the public.

For further information on the role, please read the attached role profile. Please note that the role profile is for information purposes only - whilst all elements are relevant to the role, they may not all be assessed during the recruitment process. This job advert will detail exactly what will be assessed during the recruitment process.

Proud member of the Disability Confident employer scheme

About Disability Confident

A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.