Dundee, Glasgow Job Summary Are you ready to join a dedicated cyber operations team? We are seeking a Cyber Security Analyst to become a key member of the Digital Risk & Security branch within our Chief Digital Office. In this key role, you will serve as the first line of defence for our security operations team, supporting Social Security Scotland’s commitment to safeguarding public data and digital services. The ideal candidate will bring hands-on experience of vulnerability management and good familiarity with identity and access management (IAM) in any major cloud platform (AWS, Azure, or GCP). Having experience of working with anti-virus and mobile device management etc would also be advantageous. The successful applicant will have the opportunity to develop, grow, and be actively encouraged to learn and enhance their experience and knowledge with access to CBT training platforms provided as well as support from colleagues and senior management. Cyber Security Analysts are responsible for protecting the confidentiality, integrity, and availability of information and information systems used by government and Partners Across Government. Communicates information security risks and issues to business managers and others. Contributes to vulnerability assessments Applies and maintains specific security controls as required by organisational policy and local risk assessments. Takes action to respond to security breaches in line with security policy and records the incidents and action taken. Identifies operational problems and contributes to their resolution. Investigates problems in systems, processes and services. Assists with the implementation of agreed remedies and preventative measures. DDaT Pay supplement This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded. Responsibilities Job description Monitor, analyse and respond to security intel to reduce risks within IAM, and Vulnerability Management. Support IAM and Vulnerability Management practices and help tighten security around access control and privilege access management. Have a good technical security operational background with familiarity security tooling such as IAM, vulnerability management tooling, anti-virus and mobile device management etc. Assists users in defining their access rights and privileges. Communicates information security risks and issues to business managers and others. Performs security risk, vulnerability assessments, and business impact analysis for small information systems. Identifies operational problems and contributes to their resolution. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Responsibilities Monitor, analyse and respond to security intel to reduce risks within IAM, and Vulnerability Management. Support IAM and Vulnerability Management practices and help tighten security around access control and privilege access management. Have a good technical security operational background with familiarity security tooling such as IAM, vulnerability management tooling, anti-virus and mobile device management etc. Assists users in defining their access rights and privileges. Communicates information security risks and issues to business managers and others. Performs security risk, vulnerability assessments, and business impact analysis for small information systems. Identifies operational problems and contributes to their resolution. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Person specification Success Profiles We use an assessment framework called ‘Success Profiles’ which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements. Essential Experience You will have experience of applying routine security procedures such as vulnerability management, managing access rights, malware protection or IAM with minimum supervision. You have a general knowledge of system architectures in order to articulate the impact of vulnerabilities on existing and future designs and systems. Behaviours Changing and improving - Level 2 Delivering at pace - Level 2 You can find out more about Success Profiles Behaviours here. Technical / Professional Skills This role is aligned to General Cyber Security Analyst within the Digital, Data and Technology Profession. These skills will be tested during the Technical Assessment if you are successful at sift stage. They will be not be assessed at application stage. Please review the following to understand the skill expectations: Cyber security: operations - gov.scot Annual Leave - You will receive 25 days annual leave on joining us. This will increase to 30 days after four full years of service. You will also have 11.5 public and privilege days of leave every year. We also offer Flexi-time. Any extra hours you've worked can be taken as leave when suitable. A Civil Service Pension - This job comes with a Civil Service pension. New joiners to the Civil Service will join a career average pension scheme as standard. Read more here - www.civilservicepensionscheme.org.uk. Healthy work life balance - We can offer the possibility of full-time, part-time, term-time, and job shares. We also encourage flexible working. Discounts - You can enjoy a vast range of retail, travel and lifestyle discounts through our benefit scheme. Personal support for you - Our Employee Assistance Programme gives you confidential, independent information and guidance 24/7. Volunteering special leave - Up to six days paid special leave a year for volunteering. We support our staff to help causes important to them. Great locations - Our bright and modern offices in the heart of Dundee and Glasgow have been designed with staff in mind. Both locations are ideal for public transport. Selection process details Expected Timeline (subject to change) Sift – w/c 25th August Interview – w/c 15th September Location – In Person in either Dundee or Glasgow Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This Job Is Broadly Open To The Following Groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window). Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job Contact : Name : Resourcing Team Email : recruitment@socialsecurity.gov.scot Recruitment team Email : Recruitment@socialsecurity.gov.scot Further information https://www.socialsecurity.gov.scot/working-with-us/help-with-your-application