Lead Cyber Security Analyst

5 days ago

Edinburgh, Edinburgh, United Kingdom Scottish Government Full time £60,000 - £100,000 per year
Description
Job description

Do you want to help protect critical digital services that support students across Scotland in accessing life changing financial support for higher education?

Join the Student Awards Agency Scotland (SAAS) as a Lead Cyber Security Analyst and play a vital role in safeguarding sensitive data and supporting the secure delivery of services to more than 150,000 students each year.
 

Responsibilities
  • Lead and assure cyber security initiatives across AWS and on-premise environments, ensuring secure-by-design services and compliance with policy and standards.
  • Own and maintain incident response plans, lead incident management, root-cause analysis, and lessons-learned activities to improve organisational resilience.
  • Conduct security risk and vulnerability assessments, threat analysis, and business impact assessments, providing clear recommendations to mitigate risk.
  • Develop, review, and oversee execution of security test plans for new and existing services.
  • Provide expert guidance on access management, including defining and assuring technical, procedural, and privileged access controls across all systems and services.
  • Contribute to cyber security policies, standards, and guidelines, ensuring alignment with NCSC principles, legal and regulatory requirements, and industry best practice.
  • Communicate complex technical risks and cyber threats clearly to both technical and non-technical audiences, including colleagues, suppliers, and partners.
  • Maintain up-to-date knowledge of malware trends, threat actors, and attack techniques, providing timely advice to support decision-making and risk management.
  • Lead and develop IT teams and suppliers in secure practices, building capability and strong partnerships across SAAS, the Scottish Government, and external stakeholders.

     


Responsibilities
Success profile Success profiles are specific to each job and they include the mix of skills, experience and behaviours candidates will be assessed on.   Behaviours
  • Making Effective Decisions
  • Working Together
Experience
  • Subject matter expertise in developing and operational techniques for cyber security operations (e.g. detecting anomalous activity, automating orchestration, configuration of IT) OR experience identifying the need for, and implementing, new operating procedures and practices to meet changing requirements
  • Proven experience of managing incidents end-to-end, reporting on and bringing investigations to successful conclusion, and advising on response best practice.
  • Experience of delivering or reviewing risk assessments using appropriate methods for enterprise IT and/or cloud systems, with a clear understanding of how assessed risks should be addressed.
  • Experience designing and implementing multi-platform test programmes for systems, products, or services, selecting appropriate tools and techniques to identify vulnerabilities and adapting the approach based on findings.
  • Advanced knowledge of system architectures, with the ability to articulate the impact of vulnerabilities on existing and future designs and systems.
     
Technical / Professional Skills
  • .Cyber Security Operations (Expert)
  • Incident Management, Investigation & Response (Expert)
  • Information Risk Assessment & Management (Practitioner)
  • Penetration Testing (Practitioner)
  • Specific Security Technology & Understanding (Practitioner)

These skills are assessed by technical assessment, designed to represent the role. Candidates reaching this stage will receive a Technical Assessment Candidate Pack which outlines the specific skills to be assessed, plus the method of assessment.  

You can find out more about the skills required here: Cyber security: operations -

How to apply

Apply online, providing a CV and Supporting Statement (of no more than 1500 words) which provides evidence of how you meet the experience and behaviours listed in the Success Profile above.   Artificial Intelligence (AI) tools can be used to support your application, but all statements and examples provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, and presented as your own) applications will be withdrawn and internal candidates may be subject to disciplinary action.     Please see our candidate guidance for more information on acceptable and unacceptable uses of AI in recruitment.   If invited for further assessment, this will consist of an interview and (DDAT Technical Assessment ). Assessments are scheduled for w/c 8th December however this may be subject to change.

Qualifications
About us The Scottish Government is the devolved government for Scotland. We have responsibility for a wide range of key policy areas including: education, health, the economy, justice, housing and transport. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles.   Our staff are part of the UK Civil Service, working for Ministers and senior stakeholders to deliver vital public services which improve the lives of the people of Scotland. We offer a supportive and inclusive working environment along with a wide range of employee benefits. Find out more about what we offer.   As part of the UK Civil Service, we uphold the Civil Service Nationality Rules. Working pattern   Our standard hours are 35 hours per week and we offer a range of flexible working options depending on the needs of the role. From October 2025, the Scottish Government will require staff in hybrid-compatible roles to work in-person 40% of the time, either in an office or other agreed work location. If you have specific questions about the role you are applying for, please contact us.   Security checks   Successful candidates must complete the Baseline Personnel Security Standard (BPSS), before they can be appointed. BPSS is comprised of four main pre-employment checks – Identity, Right to work, Employment History and a Criminal Record check (unspent convictions).   You can find out more about BPSS on the UK Government website, or read about the different levels of security checks in our Candidate Guide.    Equality statement   We are committed to equality and inclusion and we aim to recruit a diverse workforce that reflects the population of our nation.    Find out more about our commitment to diversity and how we offer and support recruitment adjustments for anyone who needs them.   Further information   Find out more about our organisation, what we offer staff members and how to apply on our Careers Website.   Read our Candidate Guide for further information on our recruitment and application processes.

  • Cyber Security Governance Lead

    1 week ago

    Edinburgh, Edinburgh, United Kingdom Nortal Full time £60,000 - £120,000 per year

    OverviewAt Nortal, we believe in thinking big—creating digital solutions with meaningful, far-reaching impact. With over 2,000 professionals across 26 locations, we've spent over two decades helping governments, enterprises, and healthcare institutions in Europe, North America and the Middle East build secure digital organizations, businesses and entire...

  • Junior IT Security Analyst

    5 days ago

    Edinburgh, Edinburgh, United Kingdom Calero Full time £30,000 - £60,000 per year

    Job Summary:Exciting opportunity to join our growing security team to develop your skills in IT Cyber Security using some of the latest threat detection applications. This is an entry level role where you will be working with experienced security analysts and engineers. With mentoring and professional training you will advance your knowledge in end point...

  • Cyber Security Engineer

    2 weeks ago

    Edinburgh, Edinburgh, United Kingdom Crown Office and Procurator Fiscal Service Full time £38,443 - £43,434 per year

    DetailsReference number438787Salary£38,443 - £43,934Starting salary would be £38,443. with the maximum salary onthis scale being £43,934 subject to future COPFS pay awards.All salaries are pro rata for part-time staff.A Civil Service Pension with an employer contribution of 28.97%GBPJob gradeHigher Executive OfficerDContract typePermanentType of...

  • Cyber Security Consultant

    5 days ago

    Edinburgh, Edinburgh, United Kingdom Dev Full time £40,000 - £80,000 per year

    Company Description Jobs for Humanity is dedicated to building an inclusive and just employment ecosystem. Therefore, we have dedicated this job posting to individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Ethnic Minority, and the Previously Incarcerated. If you identify with any of the following...

  • Cyber Security Risk Manager

    5 days ago

    Edinburgh, Edinburgh, United Kingdom Bright Purple Full time £70,000 per year

    Senior Cyber Security Risk ManagerHybrid, EdinburghUp to £70,000 + benefitsBenefitsIn return for your expertise and commitment, you'll receive:Annual bonusFlexible hybrid workingExcellent healthcare and pension schemeLife assuranceElectric Vehicle SchemeAbout the RoleThis is a brilliant opportunity for an experienced Cyber Security Risk professional to take...

  • Cyber Security Threat Hunter

    7 days ago

    Edinburgh, Edinburgh, United Kingdom Sanderson Full time £900,000 - £1,040,000 per year

    Cyber Security Threat HunterEdinburgh / Hybrid Working£75,000 - £85,000 + benefitsFantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering / Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects.As a...

  • Customer Advocacy Marketing Manager

    3 days ago

    Edinburgh, Edinburgh, United Kingdom Quorum Cyber Full time £60,000 - £120,000 per year

    Company Description:At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents.We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly...

  • Senior Cyber Security Engineer

    5 days ago

    Edinburgh, Edinburgh, United Kingdom Aberdeen Full time £60,000 - £100,000 per year

    Job DescriptionAt Aberdeen, our ambition is to be the UK's leading Wealth & Investments group.Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry's best talent.Our people put our stakeholders at the heart of everything they do by helping us to...

  • Cyber Security Engineer

    2 weeks ago

    Edinburgh, Edinburgh, United Kingdom abrdn Full time £60,000 - £100,000 per year

    Job Description At Aberdeen, our ambition is to be the UK's leading Wealth & Investments group.Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry's best talent.Our people put our stakeholders at the heart of everything they do by helping us to...

  • Cyber Security Engineer

    2 weeks ago

    Edinburgh, Edinburgh, United Kingdom Aberdeen Full time £60,000 - £100,000 per year

    Job DescriptionAt Aberdeen, our ambition is to be the UK's leading Wealth & Investments group.Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry's best talent.Our people put our stakeholders at the heart of everything they do by helping us to...