Lead Cyber Security Analyst
Join to apply for the Lead Cyber Security Analyst role at The Scottish Government. The Student Awards Agency Scotland (SAAS) is looking for a Lead Cyber Security Analyst to safeguard sensitive data and support the secure delivery of services to more than 150,000 students each year.
Pay Range
The actual pay will be based on your skills and experience, as discussed with your recruiter.
Responsibilities
* Lead and assure cyber security initiatives across AWS and on‑premise environments, ensuring secure‑by‑design services and compliance with policy and standards.
* Own and maintain incident response plans, lead incident management, root‑cause analysis, and lessons‑learned activities to improve organisational resilience.
* Conduct security risk and vulnerability assessments, threat analysis, and business impact assessments, providing clear recommendations to mitigate risk.
* Develop, review, and oversee execution of security test plans for new and existing services.
* Provide expert guidance on access management, including defining and assuring technical, procedural, and privileged access controls across all systems and services.
* Contribute to cyber security policies, standards, and guidelines, ensuring alignment with NCSC principles, legal and regulatory requirements, and industry best practice.
* Communicate complex technical risks and cyber threats clearly to both technical and non‑technical audiences, including colleagues, suppliers, and partners.
* Maintain up‑to‑date knowledge of malware trends, threat actors, and attack techniques, providing timely advice to support decision‑making and risk management.
* Lead and develop IT teams and suppliers in secure practices, building capability and strong partnerships across SAAS, the Scottish Government, and external stakeholders.
Success profile
Success profiles are specific to each job and they include the mix of skills, experience and behaviours candidates will be assessed on.
Behaviours
* Making Effective Decisions
* Working Together
Experience
* Subject matter expertise in developing and operational techniques for cyber security operations (e.g. detecting anomalous activity, automating orchestration, configuration of IT) OR experience identifying the need for, and implementing, new operating procedures and practices to meet changing requirements.
* Proven experience of managing incidents end‑to‑end, reporting on and bringing investigations to successful conclusion, and advising on response best practice.
* Experience of delivering or reviewing risk assessments using appropriate methods for enterprise IT and/or cloud systems, with a clear understanding of how assessed risks should be addressed.
* Experience designing and implementing multi‑platform test programmes for systems, products, or services, selecting appropriate tools and techniques to identify vulnerabilities and adapting the approach based on findings.
* Advanced knowledge of system architectures, with the ability to articulate the impact of vulnerabilities on existing and future designs and systems.
Technical / Professional Skills
* Cyber Security Operations (Expert)
* Incident Management, Investigation & Response (Expert)
* Information Risk Assessment & Management (Practitioner)
* Penetration Testing (Practitioner)
* Specific Security Technology & Understanding (Practitioner)
These skills are assessed by technical assessment, designed to represent the role. Candidates reaching this stage will receive a Technical Assessment Candidate Pack which outlines the specific skills to be assessed, plus the method of assessment.
You can find out more about the skills required: Cyber security: operations - gov.scot
How To Apply
Apply online, providing a CV and Supporting Statement (of no more than 1500 words) which provides evidence of how you meet the experience and behaviours listed in the Success Profile. Artificial Intelligence (AI) tools can be used to support your application, but all statements and examples must be truthful, factually accurate and taken directly from your own experience. Plagiarism will lead to withdrawal of applications.
If invited for further assessment, this will consist of an interview and a DDAT Technical Assessment scheduled for the week commencing 8th December, subject to change.
About Us
The Scottish Government is the devolved government for Scotland, responsible for key policy areas such as education, health, the economy, justice, housing and transport. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles.
Working pattern
Standard hours are 35 hours per week with flexible working options. From October 2025, staff in hybrid‑compatible roles must work in‑person 40% of the time, either in an office or another agreed location.
Security checks
Successful candidates must complete the Baseline Personnel Security Standard (BPSS), which includes identity, right‑to‑work, employment history and a criminal record check.
Equality statement
We are committed to equality and inclusion and aim to recruit a diverse workforce that reflects the population of Scotland.
Further information
Find out more about our organisation, staff benefits and how to apply on our Careers Website. Read our Candidate Guide for additional details on recruitment and application processes.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
Government Administration
#J-18808-Ljbffr