Lead Cyber Security Analyst ( 2547)

Do you want to help protect critical digital services that support students across Scotland in accessing life changing financial support for higher education? Join the Student Awards Agency Scotland (SAAS) as a Lead Cyber Security Analyst and play a vital role in safeguarding sensitive data and supporting the secure delivery of services to more than 150,000 students each year., + Lead and assure cyber security initiatives across AWS and on-premise environments, ensuring secure-by-design services and compliance with policy and standards.

• Own and maintain incident response plans, lead incident management, root-cause analysis, and lessons-learned activities to improve organisational resilience.
• Conduct security risk and vulnerability assessments, threat analysis, and business impact assessments, providing clear recommendations to mitigate risk.
• Develop, review, and oversee execution of security test plans for new and existing services.
• Provide expert guidance on access management, including defining and assuring technical, procedural, and privileged access controls across all systems and services.
• Contribute to cyber security policies, standards, and guidelines, ensuring alignment with NCSC principles, legal and regulatory requirements, and industry best practice.
• Communicate complex technical risks and cyber threats clearly to both technical and non-technical audiences, including colleagues, suppliers, and partners.
• Maintain up-to-date knowledge of malware trends, threat actors, and attack techniques, providing timely advice to support decision-making and risk management.
• Lead and develop IT teams and suppliers in secure practices, building capability and strong partnerships across SAAS, the Scottish Government, and external stakeholders., We'll assess you against these behaviours during the selection process:
• Making Effective Decisions
• Working Together

Technical skills We'll assess you against these technical skills during the selection process:

• Cyber Security Operations (Expert
• Incident Management, Investigation & Response (Expert)
• Information Risk Assessment & Management (Practitioner)
• Penetration Testing (Practitioner)
• Specific Security Technology & Understanding (Practitioner)

• Subject matter expertise in developing and operational techniques for cyber security operations (e.g. detecting anomalous activity, automating orchestration, configuration of IT) OR experience identifying the need for, and implementing, new operating procedures and practices to meet changing requirements

• Proven experience of managing incidents end-to-end, reporting on and bringing investigations to successful conclusion, and advising on response best practice.

• Experience of delivering or reviewing risk assessments using appropriate methods for enterprise IT and/or cloud systems, with a clear understanding of how assessed risks should be addressed.

• Experience designing and implementing multi-platform test programmes for systems, products, or services, selecting appropriate tools and techniques to identify vulnerabilities and adapting the approach based on findings.

• Advanced knowledge of system architectures, with the ability to articulate the impact of vulnerabilities on existing and future designs and systems. Technical / Professional Skills

• .Cyber Security Operations (Expert)

• Incident Management, Investigation & Response (Expert)

• Information Risk Assessment & Management (Practitioner)

• Penetration Testing (Practitioner)

• Specific Security Technology & Understanding (Practitioner) These skills are assessed by technical assessment, designed to represent the role. Candidates reaching this stage will receive a Technical Assessment Candidate Pack which outlines the specific skills to be assessed, plus the method of assessment. You can find out more about the skills required here: Cyber security: operations - gov.scot

Alongside your salary of £45,894, Scottish Government contributes £13,295 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

• Learning and development tailored to your role
• An environment with flexible working options
• A culture encouraging inclusion and diversity
• A Civil Service pension with an employer contribution of 28.97%, This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills. Please apply using link provided - Feedback will only be provided if you attend an interview or assessment.

Security Successful candidates must undergo a criminal record check. People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window)

Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.