Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Monitor security events and support cloud security initiatives.
- Company: Join the UK Atomic Energy Authority, a leader in sustainable fusion energy.
- Benefits: Enjoy competitive perks, including flexible working options and a commitment to diversity.
- Why this job: Be part of a transformative mission for a secure digital future in energy.
- Qualifications: HND in Information Security or related field; hands-on experience with Microsoft security tools required.
- Other info: We encourage applications from diverse backgrounds and promote an inclusive workplace.
The predicted salary is between 36000 - 60000 £ per year.
Social network you want to login/join with:
IT Cloud & Applications Security Analyst, Abingdon
Client: UK Atomic Energy Authority
Location: Abingdon, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Reference: 82b8a06a94b7
Job Views: 5
Posted: 14.07.2025
Expiry Date: 28.08.2025
Job Description
This role is based at the site in Culham, Oxfordshire.
This role requires employees to complete an online Baseline Personnel Security Standard (BPSS) / be eligible for SC Clearance (must have resided in the UK for the last 5 years), including The Disclosure & Barring Service (DBS) checks for criminal convictions.
The Role
Are you looking for an exciting opportunity to make a difference?
Join us in shaping a secure digital future for sustainable fusion energy.
The UK Atomic Energy Authority (UKAEA) is a world leader in developing nuclear fusion as a clean and limitless energy source. As part of our mission, we’re building a digitally mature and secure enterprise. This role offers you the opportunity to be at the heart of that transformation.
We’re looking for a skilled and ambitious IT Cloud & Applications Security Analyst to join our Information & Cyber Security Group. If you have experience securing cloud environments and business applications and want to help shape UKAEA’s cyber resilience across M365, Azure, and beyond—this is your next step.
What you’ll be doing:
- Monitor and respond to security events affecting cloud platforms and applications
- Support the design and implementation of IAM and PAM policies across Entra ID and M365
- Manage posture and compliance monitoring tools (Defender, Intune, Sentinel)
- Support DevSecOps practices in collaboration with platform and application teams
- Help ensure application-level security is embedded across our enterprise stack
- Contribute to audits and assessments aligned to ISO 27001, CAF, and Secure by Design
- Provide input on best practices for cloud security and access management.
Qualifications
Essential
- At least a HND in Information Security, Computer Science, or a related STEM field, or equivalent experience. Degree preferred.
- Demonstrable hands-on experience with Microsoft Entra ID (Azure AD), Conditional Access, and Identity Protection.
- Experience administering Microsoft 365 security controls, including Defender for Office 365, Purview, and Intune.
- Understanding of modern authentication protocols (OAuth2.0, SAML, OpenID Connect).
- Familiarity with SaaS security, user lifecycle management, and enterprise access models.
- Working knowledge of security and compliance frameworks such as CAF, ISO 27001, NIST CSF, and GDPR.
- Analytical and investigative skills with the ability to identify risk patterns and remediation actions.
- Experience managing technical controls in cloud-native platforms (Azure, AWS, or GCP).
- Knowledge of Privileged Identity Management (PIM), Just-In-Time (JIT) access, or PAM solutions.
- Experience supporting regulatory audits or security assurance reviews.
- Strong documentation and communication skills to support audits and security reviews.
- Ability to obtain SC-level national security clearance.
Desirable
- Certifications such as AZ-500, SC-300, or equivalent.
- Experience with Power Platform, Dataverse, and automation tooling.
- Exposure to DevSecOps practices, CI/CD security, and secure SDLC.
- Familiarity with ITSM workflows and change control procedures.
Additional Information
A full list of our benefits can be found here: https://careers.ukaea.uk/life-at-ukaea/employee-benefits/
We welcome applications from under-represented groups, particularly individuals from black and other ethnic minority backgrounds, people with disabilities, and women. Our Executive team, supported by our \’Equality, Diversity and Inclusion\’ (EDI) Partner and Inclusion Ambassadors, actively promotes EDI and takes steps to increase diversity within our organization. We reinforce best practices in recruitment and selection and evaluate approaches to remove barriers to success.
Please note that vacancies are generally advertised for 4 weeks but may close earlier if we receive a large number of applications.
#J-18808-Ljbffr
IT Cloud & Applications Security Analyst employer: UK Atomic Energy Authority
Contact Detail:
UK Atomic Energy Authority Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Cloud & Applications Security Analyst
✨Tip Number 1
Familiarise yourself with the specific technologies mentioned in the job description, such as Microsoft Entra ID and Azure security controls. Being able to discuss your hands-on experience with these tools during an interview will demonstrate your suitability for the role.
✨Tip Number 2
Network with professionals in the field of IT security, particularly those who work with cloud environments. Engaging with industry groups or attending relevant events can provide insights and connections that may help you stand out when applying.
✨Tip Number 3
Stay updated on the latest trends and best practices in cloud security and compliance frameworks like ISO 27001 and NIST CSF. This knowledge will not only prepare you for potential interview questions but also show your commitment to continuous learning.
✨Tip Number 4
Prepare to discuss your analytical skills and how you've identified and mitigated risks in previous roles. Providing concrete examples will help illustrate your problem-solving abilities and make a strong impression during the interview process.
We think you need these skills to ace IT Cloud & Applications Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in IT security, particularly with cloud environments and applications. Emphasise your hands-on experience with Microsoft Entra ID, M365 security controls, and any certifications you hold.
Craft a Strong Cover Letter: Write a cover letter that specifically addresses the job description. Mention your understanding of security frameworks like ISO 27001 and your analytical skills. Show enthusiasm for contributing to UKAEA's mission in sustainable fusion energy.
Highlight Relevant Skills: In your application, clearly outline your skills related to IAM, PAM policies, and compliance monitoring tools. Provide examples of how you've managed security in cloud-native platforms and your familiarity with modern authentication protocols.
Proofread and Format: Before submitting your application, proofread for any spelling or grammatical errors. Ensure your documents are well-formatted and easy to read, as this reflects your attention to detail—a crucial skill for an IT Security Analyst.
How to prepare for a job interview at UK Atomic Energy Authority
✨Know Your Cloud Security Basics
Make sure you brush up on your knowledge of cloud security principles, especially around Microsoft Entra ID and Azure. Be prepared to discuss how you've implemented security measures in previous roles, as this will show your practical experience.
✨Familiarise Yourself with Compliance Frameworks
Understand the key compliance frameworks mentioned in the job description, such as ISO 27001 and NIST CSF. Be ready to explain how you've worked with these frameworks in the past and how they relate to cloud security.
✨Demonstrate Your Analytical Skills
Prepare to showcase your analytical and investigative skills. Think of examples where you've identified risk patterns and taken remediation actions, as this is crucial for the role.
✨Communicate Clearly
Strong communication skills are essential for this position. Practice explaining complex technical concepts in simple terms, as you'll need to convey security practices to non-technical stakeholders.
