Senior Cyber Security Analyst

Are you interested in safeguarding Scotland’s digital future?

The Cyber Security Unit are responsible for the overall Information security of the Scottish Government. The branch is divided into several different teams, covering Cyber Security, Defence, Vulnerabilities, and Risk. This role will be in the Cyber Defence Team, who are focused on the proactive elements of Cyber Security. 

This is an exciting opportunity to be responsible for protecting the confidentiality, integrity and availability of information assets and systems used by the Scottish Government, through application of their Cyber Security knowledge and close working with the rest of the team. In addition, this role will feed in to small to medium size projects, and the continual service improvement process within the team and wider branch. 

Responsibilities 

• Develop security operating procedures for use across multiple information systems or maintains compliance with them. 
• Apply routine security procedures appropriate to the role, such as patching, managing access rights, malware protection, or vulnerability testing with autonomy.
• Develop and test rules for detecting violations of security operating procedures with autonomy. 
• Follow documented principles and guidelines for incident management, incident investigation, and response activities. 
• Advise others on incident management, incident investigation, and response processes. 
• Able to understand and articulate the impact of vulnerabilities on existing and future designs and systems, and able to provide insight into how these can be exploited. 

Success Profile 

Success profiles are specific to each job, and they include the mix of experience, skills and behaviours candidates will be assessed on. 

Experience:  

• Lead Criteria 1: Good knowledge and understanding of the internal and external cyber security risks to digital systems and services.  
• Lead Criteria 2: Experience of cyber security tools & techniques, and an understanding of the role they play as part of a wider digital infrastructure.  
• Experience of engaging with, and managing, a wide range of internal and external stakeholders, including senior officials, customers and suppliers. 

Experience is assessed at sift, along with a more in-depth assessment at interview. 

Technical Skills: 

This role is aligned to the Cyber Security Analyst within the Cyber Security and Information Assurance job family.  

You can find out more about the skills required, here.

These skills are assessed by technical assessment, designed to represent the role. Candidates reaching this stage will receive a Technical Assessment Candidate Pack which outlines the specific skills to be assessed, plus the method of assessment.  

Behaviours: 

• Changing and Improving (Level 3) 
• Working Together (Level 3) 

 You can find out more about Success Profiles Behaviours, here. 

Behaviours are assessed at interview. Full details will be shared in advance with all candidates invited to this stage. 

How to apply 

Apply online, providing a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet each of the 3 Experience criteria listed in the Success Profile above.  

Candidates will have their applications assessed against all Experience criteria. If a large number of applications are received an initial sift will be conducted on the Lead Criteria highlighted above. Candidates who pass the initial sift will have their applications fully assessed.  

If invited for further assessment, this will consist of an interview and DDaT Technical assessment where the behaviours, experiences and technical skills outlined in the Success Profile will be assessed. 

The sift is scheduled for w/c 11th August.  

Interviews and DDaT Technical assessments are scheduled for w/c 25th August, however these may be subject to change. 

Security Vetting  

As part of the onboarding process for this role you will be required to undergo national security vetting to Security Check (SC) level. You should ensure before applying that you can fulfil the requirements of this vetting. 

About Us 

The Scottish Government is the devolved government for Scotland. We have responsibility for a wide range of key policy areas including education, health, the economy, justice, housing, and transport. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles. 

Our staff are part of the UK Civil Service, working for Ministers and senior stakeholders to deliver vital public services which improve the lives of the people of Scotland. 

We offer a supportive and inclusive working environment along with a wide range of employee benefits. Find out more about what we offer. 

As part of the UK Civil Service, we uphold the Civil Service Nationality Rules. 

Working Pattern 

Our standard hours are 35 hours per week, we offer a truly flexible working including full-time, part-time, flexitime, and compressed hours depending on the needs of the role. 

If you have specific questions about the role you are applying for, please contact ben.norris@gov.scot 

DDaT Pay Supplement 

This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession, as a member of the profession you will join the professional development system. This post currently attracts a £5,000.00 annual DDAT pay supplement, applicable after a 3-month competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.  

Equality Statement 

We are committed to equality and inclusion, and we aim to recruit a diverse workforce that reflects the population of our nation.  

Find out more about our commitment to diversity and how we offer and support recruitment adjustments for anyone who needs them. 

Further Information 

Find out more about our organisation, what we offer staff members and how to apply on our Careers Website. 

Read our Candidate Guide for further information on our recruitment and application processes. 

Apply Before: 3rd August (23:59)