At a Glance
- Tasks: Secure cloud platforms and deliver vital public services through innovative cyber security solutions.
- Company: Join Social Security Scotland, a forward-thinking organisation prioritising security and public service.
- Benefits: Enjoy flexible working, competitive salary, and a £4,000 annual pay supplement.
- Other info: Flexible hours with hybrid working options and excellent career development opportunities.
- Why this job: Make a real impact by shaping secure cloud architectures and leading cyber security initiatives.
- Qualifications: Experience in cloud security, risk assessments, and automated security controls is essential.
The predicted salary is between 55000 - 65000 € per year.
Social Security Scotland is seeking a Senior Cyber Security Engineer to help secure the cloud platforms that deliver vital public services. This is a key role in a cloud‑first organisation, working to ensure solutions are secure by design, resilient, and compliant. The Senior Cyber Security Engineer leads the design, implementation, and assurance of cyber security controls across cloud platforms, applications, and infrastructure. You will translate security policy and risk into practical cloud security solutions, working closely with Architecture, Cloud Engineering, DevOps, and Product teams. Acting as a technical authority, you will provide hands‑on expertise, assurance, and risk‑based guidance, embedding security throughout the delivery lifecycle.
Responsibilities
- Build, develop, and configure tooling and processes to be secure, supporting pre‑commit, Continuous Integration, Continuous Deployment, and production.
- Have experience of operating systems, networking, PKI and cloud security tools.
- Build secure configuration management using Infrastructure as Code.
Main Duties
- Design and deliver secure cloud architectures across IaaS, PaaS, and SaaS environments.
- Lead the implementation of cyber security standards and controls across cloud platforms.
- Provide senior cyber security consultancy, including cloud risk assessments, threat modelling, architecture reviews, audits, and contribution to cyber strategy.
- Work closely with Architecture teams to shape secure target architectures and ensure security requirements are reflected in technical designs.
- Lead and enhance cloud security operations, including identity and access management, vulnerability management, logging, monitoring, and incident response.
- Design and implement automated security controls and assurance, including policy as code, secure configuration baselines, and continuous compliance.
- Translate security requirements into engineering level guidance, supporting developers and engineers to remediate issues and adopt secure coding and deployment practices.
- Engage with internal and external stakeholders, providing security assurance, clear risk articulation, and support for change associated with security improvements.
- Act as a technical mentor, championing cloud security best practice and supporting the development of engineers and security practitioners.
- Design, review, and implement secure cloud infrastructure using IaC tooling such as Terraform and CloudFormation.
Success Profiles
This role uses an assessment framework called "Success Profiles" which tests essential elements and behaviours.
Essential Experience
- Experience implementing cloud native security controls such as IAM, encryption, key management, logging, and monitoring.
- Experience embedding security across the full delivery lifecycle, from early design through to live operations.
- Experience creating or implementing automated security controls and assurance (e.g., policy as code, configuration compliance, or security monitoring rules using IaC tooling).
Behaviours
Leadership – Level 3
Technical / Professional Skills
These skills will be tested during the technical assessment if the candidate is successful at the sift stage.
Equality and Diversity
Social Security Scotland is committed to equality and inclusion, and we will consider any reasonable adjustments required throughout the recruitment process.
Working Pattern
Standard hours are 35 hours per week with flexible working options, including hybrid working with a minimum of two days per week in an assigned Glasgow or Dundee office.
Security Checks
Successful candidates must complete Baseline Personnel Security Standard (BPSS) and National Security Vetting clearance before appointment.
Right to Work in the UK
Social Security Scotland is an approved sponsor under the UK Visa and Immigration Skilled Worker route.
Pay Supplement
This post is part of the Government Digital and Data (GDD) profession and attracts a £4,000 annual GDD pay supplement.
Further Information
The successful candidate is expected to remain in post for a minimum of three years unless promoted.
Senior Cyber Security Engineer in Glasgow employer: Social Security Scotland
Social Security Scotland is an exceptional employer, offering a dynamic work environment where innovation meets public service. With a strong commitment to employee growth and development, we provide opportunities for continuous learning and mentorship in the rapidly evolving field of cyber security. Our flexible working options and inclusive culture ensure that every team member can thrive while contributing to the vital mission of securing cloud platforms that support essential public services.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cyber Security Engineer in Glasgow
✨Tip Number 1
Network like a pro! Reach out to folks in the cyber security field, especially those working at Social Security Scotland. A friendly chat can open doors and give you insights that might just land you an interview.
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies showcasing your experience with cloud security tools and practices. This will help you stand out and demonstrate your hands-on expertise during interviews.
✨Tip Number 3
Practice makes perfect! Get ready for technical assessments by brushing up on your knowledge of IAM, encryption, and IaC tooling. We recommend doing mock interviews with friends or using online platforms to simulate the real deal.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in joining the team at Social Security Scotland. Don’t miss out!
We think you need these skills to ace Senior Cyber Security Engineer in Glasgow
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience with cloud security and the specific skills mentioned in the job description. We want to see how your background aligns with what we're looking for!
Showcase Your Technical Skills:Don’t hold back on detailing your technical expertise! Mention your experience with IAM, encryption, and IaC tooling like Terraform or CloudFormation. We love seeing candidates who can demonstrate their hands-on knowledge.
Be Clear and Concise:When writing your application, keep it clear and to the point. Use bullet points where possible to make it easy for us to read through your qualifications and experiences. We appreciate a well-structured application!
Apply Through Our Website:Remember to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. We can’t wait to see what you bring to the table!
How to prepare for a job interview at Social Security Scotland
✨Know Your Cloud Security Inside Out
Make sure you brush up on your knowledge of cloud security controls, especially IAM, encryption, and logging. Be ready to discuss how you've implemented these in past roles, as well as any challenges you've faced and how you overcame them.
✨Showcase Your Technical Skills
Prepare to demonstrate your technical prowess with tools like Terraform and CloudFormation. Bring examples of how you've used Infrastructure as Code to build secure configurations and automated security controls. This will show that you can translate security requirements into practical solutions.
✨Emphasise Collaboration
This role involves working closely with various teams, so be prepared to talk about your experience collaborating with Architecture, DevOps, and Product teams. Share specific examples of how you've successfully embedded security throughout the delivery lifecycle and supported others in adopting secure practices.
✨Be Ready for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think about potential security threats and how you would address them, or how you would lead a team in implementing security standards. Practising these scenarios can help you articulate your thought process clearly during the interview.
