Senior Cyber Security Analyst (Closing Date 06/03/2025)

We’re seeking a Senior Cyber Security Analyst to join our team in the Digital Risk and Security Branch. The ideal candidate will bring hands-on experience with vulnerability Management and strong familiarity with Identity and Access Management (IAM) in any major cloud platform (AWS, Azure, or GCP).

On a day-to-day basis, will monitor, analyse and respond to security intel to reduce risks within IAM, and Vulnerability Management. Support IAM and Vulnerability Management practices and help tighten security around access control and privilege access management. Assist in improving, implementing and documenting security processes to reduce risk.

Having a strong technical security operational background with familiarity security tooling such as IAM, vulnerability management tooling, anti-virus and mobile device management etc. The successful applicant will have the opportunity to develop, grow, and be actively encouraged to learn and enhance their experience and knowledge with free access to training platforms provided as well as support from colleagues and senior management.

Senior Cyber Security Analysts are responsible for protecting the confidentiality, integrity, and availability of information and information systems used by government and Partners Across Government

• Investigates and manages security incidents where appropriate.
• Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
• Specifies requirements for environment, data, resources and tools. Interprets, and executes using agreed methods and standards.

Social Security Scotland, an Executive Agency of the Scottish Government, is undertaking the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, Social Security Scotland is delivering a social security system that will support the people of Scotland for decades to come.

We aim to develop within Social Security Scotland, a positive and inclusive culture, which supports our people to flourish, by embedding a working environment where we all treat each other with dignity and respect and recognise each other’s contributions.

Responsibilities

• Technical Security Operations: Working within the security operations team to provide advice and guidance across all application and operational security controls, which align to out information security policy and procedures.
• Vulnerability Management: Investigates vulnerabilities in accordance with established procedures and recommends required actions and supports /follows up to ensure these are implemented.
• Identity and Access Management: Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
• Privilege Management Expertise: Provides guidance in defining access rights and privileges.
• Stakeholder Engagement: Communicates information security risks and issues to business managers and others.
• Cyber Threat awareness: Maintains current knowledge of malware attacks, and other cyber security threats.
• Cyber Security Expertise: Maintains knowledge of specific specialisms, provides advice regarding their application and executes specialised tasks.

Success Profiles
We use an assessment framework called “Success Profiles” which lists the elements we test and provides detailed descriptions of each. 

Essential Experience

• You have experience of developing security operating procedures for use across multiple information systems or maintaining compliance with them.
• You have experience of applying routine security procedures such as vulnerability management, managing access rights, malware protection or IAM without supervision.

Technical Skills
This role is aligned to Senior Cyber Security Analyst within the Digital, Data and Technology Profession.

These skills will be tested during the Technical Assessment if you are successful at sift stage. They will not be assess at application stage. Please review the following to understand the skills expectations Cyber security: operations - gov.scot

Behaviours

• Changing and Improving
• Making Effective Decisions
• Communicating and Influencing