Dundee, Glasgow
Job Summary
We’re seeking a Senior Cyber Security Analyst to join our team in the Digital Risk and Security Branch. The ideal candidate will bring hands-on experience with vulnerability Management and strong familiarity with Identity and Access Management (IAM) in any major cloud platform (AWS, Azure, or GCP).
On a day-to-day basis, will monitor, analyse and respond to security intel to reduce risks within IAM, and Vulnerability Management. Support IAM and Vulnerability Management practices and help tighten security around access control and privilege access management. Assist in improving, implementing and documenting security processes to reduce risk.
Have a strong technical security operational background with familiarity security tooling such as IAM, vulnerability management tooling, anti-virus and mobile device management etc. The successful applicant will have the opportunity to develop, grow, and be actively encouraged to learn and enhance their experience and knowledge with free access to training platforms provided as well as support from colleagues and senior management.
Senior Cyber Security Analysts are responsible for protecting the confidentiality, integrity, and availability of information and information systems used by government and Partners Across Government
- Investigates and manages security incidents where appropriate.
- Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
- Specifies requirements for environment, data, resources and tools. Interprets, and executes using agreed methods and standards.
We aim to develop within Social Security Scotland, a positive and inclusive culture, which supports our people to flourish, by embedding a working environment where we all treat each other with dignity and respect and recognise each other’s contributions.
DDaT Pay Supplement
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.
Responsibilities
Job description
- Technical Security Operations: Working within the security operations team to provide advice and guidance across all application and operational security controls, which align to our information security policy and procedures.
- Vulnerability Management: Investigates vulnerabilities in accordance with established procedures and recommends required actions and supports /follows up to ensure these are implemented.
- Identity and Access Management: Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
- Privilege Management Expertise: Provides guidance in defining access rights and privileges.
- Stakeholder Engagement: Communicates information security risks and issues to business managers and others.
- Cyber Threat awareness: Maintains current knowledge of malware attacks, and other cyber security threats.
- Cyber Security Expertise: Maintains knowledge of specific specialisms, provides advice regarding their application and executes specialised tasks.
- Technical Security Operations: Working within the security operations team to provide advice and guidance across all application and operational security controls, which align to our information security policy and procedures.
- Vulnerability Management: Investigates vulnerabilities in accordance with established procedures and recommends required actions and supports /follows up to ensure these are implemented.
- Identity and Access Management: Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
- Privilege Management Expertise: Provides guidance in defining access rights and privileges.
- Stakeholder Engagement: Communicates information security risks and issues to business managers and others.
- Cyber Threat awareness: Maintains current knowledge of malware attacks, and other cyber security threats.
- Cyber Security Expertise: Maintains knowledge of specific specialisms, provides advice regarding their application and executes specialised tasks.
Success Profiles
We use an assessment framework called “Success Profiles” which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements.
Essential Experience
- You have experience of developing security operating procedures for use across multiple information systems or maintaining compliance with them.
- You have experience of applying routine security procedures such as vulnerability management, managing access rights, malware protection or IAM without supervision.
This role is aligned to Senior Cyber Security Analyst within the Digital, Data and Technology Profession.
These skills will be tested during the Technical Assessment if you are successful at sift stage. They will not be assessed at application stage. Please review the following to understand the skills expectations Cyber security: operations - gov.scot
Behaviours
- Changing and Improving
- Making Effective Decisions
- Communicating and Influencing
How to Appl y
Apply online, you must provide a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet the experience and behaviours listed in the Success Profiles above. Be sure to provide specific examples of work that you’ve done that showcase your relevant experience.
Should a large number of applications be received, an initial sift may be conducted using the CV and Supporting Statement on the Experience criteria. Candidates who pass the initial sift will have their applications fully assessed.
Candidates who are successful at sift stage will be invited to attend an Interview and Technical Assessment. The Interview will further assess the Experience and Behaviours listed in the job advert and the Technical Assessment will evaluate the Technical Skills relevant to the role.
Candidates who are invited to the Interview and Technical Assessment stage will receive a Technical Assessment Candidate Pack, which will outline the skills to be assessed and the assessment methods to be used.
Following the application selection there may be a telephone interview as part of the assessment process before the main interview.
We aim to provide feedback on request. However, if we receive a large number of applications, it may not be possible for us to provide specific feedback on your application. We will provide feedback on request to all candidates that attend an interview/assessment.
Information Session
We are holding a candidate information session for this role to provide you with information about the application and interview process as well as further information on the role and team.
The session will be held on Wednesday 21st May 2025 at 1-2pm.
Please join us using the link below to find out more about the role and working for Social Security Scotland:
Join the Meeting now
Annual Leave - You will receive 25 days annual leave on joining us. This will increase to 30 days after four full years of service. You will also have 11.5 public and privilege days of leave every year. We also offer Flexi-time. Any extra hours you\'ve worked can be taken as leave when suitable.
A Civil Service Pension - This job comes with a Civil Service pension. New joiners to the Civil Service will join a career average pension scheme as standard. Read more here - work life balance - We can offer the possibility of full-time, part-time, term-time, and job shares. We also encourage flexible working.
Discounts - You can enjoy a vast range of retail, travel and lifestyle discounts through our benefit scheme.
Personal support for you - Our Employee Assistance Programme gives you confidential, independent information and guidance 24/7.
Volunteering special leave - Up to six days paid special leave a year for volunteering. We support our staff to help causes important to them.
Great locations - Our bright and modern offices in the heart of Dundee and Glasgow have been designed with staff in mind. Both locations are ideal for public transport.
Selection process details
Expected Timeline (subject to change)
Sift - w/c 2nd June 2025
Interview - w/c 18th June 2025
Location - In Person in either Dundee or Glasgow
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
This Job Is Broadly Open To The Following Groups:
- UK nationals
- nationals of the Republic of Ireland
- nationals of Commonwealth countries who have the right to work in the UK
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
- Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission\'s recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission\'s recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job Contact :
- Name : Resourcing Team
- Email :
- Email :
#J-18808-Ljbffr
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cyber Security Analyst (1290) in Dundee
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Social Security Scotland, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Social Security Scotland
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Social Security Scotland. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Social Security Scotland insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Social Security Scotland that you’re committed to staying ahead in the game.
How to prepare for a job interview at Social Security Scotland
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Social Security Scotland to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Social Security Scotland.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
