Overview
Subsea7 is seeking a Cyber Security Analyst to join our team on a staff basis in our Westhill, Aberdeen office.
The Cyber Security Analyst is responsible for protecting the organisation's systems, data, and services through thorough documentation practices, risk-based analysis, proactive security operations, and continuous improvement of security controls.
While the role includes hands‑on support of security tools and platforms, its primary focus is on maintaining high‑quality security documentation and ensuring the organisation's policies, standards, and procedures remain accurate, current, and aligned with industry best practice.
What will you be doing?
Documentation & Governance
Develop, maintain, and improve security documentation, including policies, standards, procedures, and guidelines.
Ensure documentation aligns with key security frameworks (e.g., ISO 27001, NIST CSF, GDPR) and supports audit and compliance requirements.
Coordinate periodic reviews and updates of security documents, ensuring clarity, accuracy, and version control.
Support the preparation of evidence and documentation for internal and external audits.
Security Operations & Tooling
Monitor and triage security alerts from SIEM, EDR, and other security tools; perform initial investigation and root cause analysis.
Support vulnerability management activities, including scanning, tracking remediation, and documenting findings.
Assist with endpoint protection administration, and other operational security tasks.
Contribute to the continual improvement of security controls, processes, and operational playbooks.
Work collaboratively with IT teams to support secure configuration, patching, and incident response activities.
What experience would we like you to have?
Please note, if you don't tick all the boxes below but feel you have some of the relevant skills and experience we're looking for, please do consider applying. We would encourage you to have apply with a CV that highlights your transferable skills and experience.
Skills & Attributes
Clear and effective written communication skills with meticulous attention to detail.
Ability to translate technical concepts into clear, structured documentation.
Takes initiative, organised, and capable of prioritising workload based on risk and business impact.
Familiarity with security frameworks and standards (ISO 27001, NIST CSF, GDPR).
Experience with tools such as SIEM, EDR and M365
Ideal Candidate Profile
The ideal candidate is detail‑orientated, process‑driven, and comfortable handling both documentation and technical investigative tasks. They are skilled at maintaining structured, accurate documentation while supporting the operational security team in improving the organisation's security posture.