Senior Cyber Security Analyst

We’re seeking a Senior Cyber Security Analyst to join our team in the Digital Risk and Security Branch. The ideal candidate will bring hands-on experience with vulnerability Management and strong familiarity with Identity and Access Management (IAM) in any major cloud platform (AWS, Azure, or GCP).

On a day-to-day basis, will monitor, analyse and respond to security intel to reduce risks within IAM, and Vulnerability Management. Support IAM and Vulnerability Management practices and help tighten security around access control and privilege access management. Assist in improving, implementing and documenting security processes to reduce risk.

Having a strong technical security operational background with familiarity security tooling such as IAM, vulnerability management tooling, anti-virus and mobile device management etc. The successful applicant will have the opportunity to develop, grow, and be actively encouraged to learn and enhance their experience and knowledge with free access to training platforms provided as well as support from colleagues and senior management.

Senior Cyber Security Analysts are responsible for protecting the confidentiality, integrity, and availability of information and information systems used by government and Partners Across Government

• Investigates and manages security incidents where appropriate.
• Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
• Specifies requirements for environment, data, resources and tools. Interprets, and executes using agreed methods and standards.

Social Security Scotland, an Executive Agency of the Scottish Government, is undertaking the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, Social Security Scotland is delivering a social security system that will support the people of Scotland for decades to come.

We aim to develop within Social Security Scotland, a positive and inclusive culture, which supports our people to flourish, by embedding a working environment where we all treat each other with dignity and respect and recognise each other’s contributions.

Responsibilities

• Technical Security Operations: Working within the security operations team to provide advice and guidance across all application and operational security controls, which align to out information security policy and procedures.
• Vulnerability Management: Investigates vulnerabilities in accordance with established procedures and recommends required actions and supports /follows up to ensure these are implemented.
• Identity and Access Management: Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
• Privilege Management Expertise: Provides guidance in defining access rights and privileges.
• Stakeholder Engagement: Communicates information security risks and issues to business managers and others.
• Cyber Threat awareness: Maintains current knowledge of malware attacks, and other cyber security threats.
• Cyber Security Expertise: Maintains knowledge of specific specialisms, provides advice regarding their application and executes specialised tasks.

Success Profiles
We use an assessment framework called “Success Profiles” which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements.

Essential Experience

• You have experience of developing security operating procedures for use across multiple information systems or maintaining compliance with them.
• You have experience of applying routine security procedures such as vulnerability management, managing access rights, malware protection or IAM without supervision.

Technical Skills
This role is aligned to Senior Cyber Security Analyst within the Digital, Data and Technology Profession.

These skills will be tested during the Technical Assessment if you are successful at sift stage. They will not be assess at application stage. Please review the following to understand the skills expectations Cyber security: operations - gov.scot

Behaviours

• Changing and Improving
• Making Effective Decisions
• Communicating and Influencing

You can find out more about Success Profiles, here: Behaviour levels - Success profiles: candidate guide - gov.scot

How to Apply
Apply online, you must provide a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet the experience and behaviours listed in the Success Profiles above. Be sure to provide specific examples of work that you’ve done that showcase your relevant experience.

Should a large number of applications be received, an initial sift may be conducted using the CV and Supporting Statement on the Experience criteria. Candidates who pass the initial sift will have their applications fully assessed.

Candidates who are successful at sift stage will be invited to attend an Interview and Technical Assessment. The Interview will further assess the Experience and Behaviours listed in the job advert and the Technical Assessment will evaluate the Technical Skills relevant to the role.

Candidates who are invited to the Interview and Technical Assessment stage will receive a Technical Assessment Candidate Pack, which will outline the skills to be assessed and the assessment methods to be used.

Following the application selection there may be a telephone interview as part of the assessment process before the main interview.

We aim to provide feedback on request. However, if we receive a large number of applications, it may not be possible for us to provide specific feedback on your application. We will provide feedback on request to all candidates that attend an interview/assessment.

Expected Timeline (subject to change)
Sift - w/c 2nd June 2025
Interview - w/c 18th June 2025
Location - In Person in either Dundee or Glasgow

Reserve List
In the event that there are more successful candidates than posts available, a reserve list will be kept for up to 12 months.

About Us
Social Security Scotland is an Executive Agency of the Scottish Government. Our benefits help people from all walks of life in Scotland. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles. We are committed to recruiting a diverse workforce that is representative of the clients we serve.  Find more about us here.

We offer a supportive and inclusive working environment along with a wide range of employee benefits. Find out more about what we offer.

As part of the UK Civil Service, we uphold the Civil Service Nationality Rules.

DDaT Pay Supplement
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.

Working Pattern
Our standard hours are 35 hours per week and we offer a range of flexible working options, depending on the needs of the role. We embrace a hybrid working style where all colleagues will spend time in either our Glasgow or Dundee offices. There is an expectation of a minimum 2 days per week in your assigned location, which will be either Glasgow or Dundee.  If you have specific questions about the role you are applying for, please contact us.

Equality Statement
Social Security Scotland are committed to equality and inclusion, and we aim to recruit a diverse workforce that reflects the population of our nation.

Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at Recruitment@socialsecurity.gov.scot.

Find out more about our commitment to diversity and how we offer and support recruitment adjustments for anyone who needs them.

Further Information
This post requires the successful candidate to clear additional National Security Vetting clearance (Security Check) before a start date can be offered. Further information regarding National Security Vetting clearance can be found here - United Kingdom Security Vetting: Applicant - GOV.UK (United Kingdom Security Vetting: Applicant - GOV.UK)

Find out more about our organisation, what we offer staff members and how to apply on our Careers Website.

Read our Candidate Guide for further information on our recruitment and application processes.

The successful candidate will be expected to remain in post for a minimum of 3 years unless successful in gaining promotion to a higher Band or Grade.

Social Security Scotland’s recruitment processes are underpinned by the recruitment principles of the Civil Service Commissioner, which outline that selection for appointment be made on merit on the basis of fair and open competition - Recruitment - Civil Service Commission (independent.gov.uk)

If you feel at any time your application has not been treated in accordance with the values in the Civil Service Code and/or if you feel the recruitment has been conducted in such a way that conflicts with the Civil Service Commissioner’s Recruitment Principles, you can make a complaint, by contacting Social Security Scotland at recruitment@socialsecurity.gov.scot in the first instance. If you are not satisfied with the response you receive you can contact the Civil Service Commissioner.

If you experience any difficulties accessing our website or completing the online application form, please contact the Resourcing Team via recruitment@socialsecurity.gov.scot

Apply before Monday 2nd June 2025

Contact Name - Resourcing Team
Contact Email – Recruitment@socialsecurity.gov.scot