Job Description
Are you ready to join a dedicated cyber operations team? We are seeking a Cyber Security Analyst to become a key member of the Digital Risk & Security branch within our Chief Digital Office. In this key role, you will serve as the first line of defence for our security operations team, supporting Social Security Scotland's commitment to safeguarding public data and digital services.
The ideal candidate will bring hands-on experience of vulnerability management and good familiarity with identity and access management (IAM) in any major cloud platform (AWS, Azure, or GCP). Having experience of working with anti-virus and mobile device management etc would also be advantageous.
The successful applicant will have the opportunity to develop, grow, and be actively encouraged to learn and enhance their experience and knowledge with access to CBT training platforms provided as well as support from colleagues and senior management.
Social Security Scotland, an Executive Agency of the Scottish Government, is undertaking the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, Social Security Scotland is delivering a social security system that will support the people of Scotland for decades to come.
We aim to develop within Social Security Scotland, a positive and inclusive culture, which supports our people to flourish, by embedding a working environment where we all treat each other with dignity and respect, and recognise each other's contributions.
Cyber Security Analysts are responsible for protecting the confidentiality, integrity, and availability of information and information systems used by government and Partners Across Government.
* Communicates information security risks and issues to business managers and others.
* Contributes to vulnerability assessments
* Applies and maintains specific security controls as required by organisational policy and local risk assessments.
* Takes action to respond to security breaches in line with security policy and records the incidents and action taken.
* Identifies operational problems and contributes to their resolution.
* Investigates problems in systems, processes and services. Assists with the implementation of agreed remedies and preventative measures.
Responsibilities
Responsibilities
* Monitor, analyse and respond to security intel to reduce risks within IAM, and Vulnerability Management. Support IAM and Vulnerability Management practices and help tighten security around access control and privilege access management.
* Have a good technical security operational background with familiarity security tooling such as IAM, vulnerability management tooling, anti-virus and mobile device management etc.
* Assists users in defining their access rights and privileges.
* Communicates information security risks and issues to business managers and others.
* Performs security risk, vulnerability assessments, and business impact analysis for small information systems.
* Identifies operational problems and contributes to their resolution.
* Applies and maintains specific security controls as required by organisational policy and local risk assessments.
Qualifications
Success Profiles
We use an assessment framework called 'Success Profiles' which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements.
Essential Experience
1. You will have experience of applying routine security procedures such as vulnerability management, managing access rights, malware protection or IAM with minimum supervision.
2. You have a general knowledge of system architectures in order to articulate the impact of vulnerabilities on existing and future designs and systems.
Behaviours
• Changing and improving - Level 2
• Delivering at pace - Level 2
You can find out more about Success Profiles Behaviours here.
Technical / Professional Skills
This role is aligned to General Cyber Security Analyst within the Digital, Data and Technology Profession.
These skills will be tested during the Technical Assessment if you are successful at sift stage. They will be not be assessed at application stage. Please review the following to understand the skill expectations: Cyber security: operations - gov.scot
How to apply
Apply online, you must provide a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet the experience and behaviours listed in the Success Profiles above.
In the event that we receive a high volume of applications, we may conduct an initial sift using the CV and Supporting Statement based on the first Experience criteria. Candidates who successfully pass this initial sift will have their applications fully assessed.
Candidates who are successful at sift stage will be invited to attend an Interview and Technical Assessment. The interview will further assess the Experience and Behaviours listed in the job advert and the technical assessment will evaluate the technical skills relevant to the role.
Candidates who pass the sift and are invited to the Interview and Technical Assessment stage will receive a Technical Assessment Candidate Pack, which will outline the skills to be assessed and the assessment methods to be used.
Following the application sift, there may be a telephone interview as part of the assessment process before the main interview.
We aim to provide feedback on request. However, if we receive a large number of applications it may not be possible for us to provide specific feedback on your application. We will provide feedback on request to candidates who attend an interview/assessment.
Information Session
We are holding a candidate information session for this role to provide you with information about the application and interview process as well as further information on the role and team.
We will be talking about:
* The Cyber Security Analyst role and Digital Risk & Security branch
* About Social Security Scotland
* Our recruitment process
* Q&A with the hiring manager
The session will be held on Thursday 21st August at 11.30am - 12.30pm
Please join us using the link below to find out more about the role and working for Social Security Scotland.
Join the meeting now
Expected Timeline (subject to change)
Sift - w/c 25th August
Interview - w/c 15th September
Location - In Person in either Dundee or Glasgow
Reserve List
In the event that there are more successful candidates than posts available, a reserve list will be kept for up to 12 months.
About us
Social Security Scotland is an Executive Agency of the Scottish Government. Our benefits help people from all walks of life in Scotland. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles. We are committed to recruiting a diverse workforce that is representative of the clients we serve. Find more about us here.
We offer a supportive and inclusive working environment along with a wide range of employee benefits. Find out more about what we offer.
As part of the UK Civil Service, we uphold the Civil Service Nationality Rules.
DDaT Pay Supplement
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.
Working pattern
Our standard hours are 35 hours per week and we offer a range of flexible working options, depending on the needs of the role. We embrace a hybrid working style where all colleagues will spend time in either our Glasgow or Dundee offices. There is an expectation of a minimum 2 days per week in your assigned location, which will be either Glasgow or Dundee. If you have specific questions about the role you are applying for, please contact us.
Equality Statement
Social Security Scotland are committed to equality and inclusion, and we aim to recruit a diverse workforce that reflects the population of our nation.
Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at Recruitment@socialsecurity.gov.scot.
Find out more about our commitment to diversity and how we offer and support recruitment adjustments for anyone who needs them.
Further information
This post requires the successful candidate to clear additional National Security Vetting clearance (Security Check) before a start date can be offered. Further information regarding National Security Vetting clearance can be found here - United Kingdom Security Vetting: Applicant - GOV.UK (www.gov.uk)
Find out more about our organisation, what we offer staff members and how to apply on our Careers Website.
Read our Candidate Guide for further information on our recruitment and application processes.
The successful candidate will be expected to remain in post for a minimum of 3 years unless successful in gaining promotion to a higher Band or Grade.
Social Security Scotland's recruitment processes are underpinned by the recruitment principles of the Civil Service Commissioner, which outline that selection for appointment be made on merit on the basis of fair and open competition - Recruitment - Civil Service Commission (independent.gov.uk)
If you feel at any time your application has not been treated in accordance with the values in the Civil Service Code and/or if you feel the recruitment has been conducted in such a way that conflicts with the Civil Service Commissioner's Recruitment Principles, you can make a complaint, by contacting Social Security Scotland at recruitment@socialsecurity.gov.scot in the first instance. If you are not satisfied with the response you receive you can contact the Civil Service Commissioner.
If you experience any difficulties accessing our website or completing the online application form, please contact the Resourcing Team via recruitment@socialsecurity.gov.scot
Apply before Monday 25th August 2025 @23.55
Contact Name - Resourcing Team
Contact email - Recruitment@socialsecurity.gov.scot #J-18808-Ljbffr