Security Analyst

As a Senior Security Analyst, you will play a central role in strengthening Surrey County Council's cyber resilience. Your day-to-day work will include proactive security monitoring across our hybrid cloud and on premises environment, triaging and investigating alerts, and supporting coordinated incident response activities. You will operate our vulnerability management processes, translate threat intelligence into actionable defences, and contribute to the improvement of detection content and security controls. You will also work closely with IT colleagues and suppliers to address risks, gather evidence for audits, and prepare clear reporting on security posture and emerging trends.

This role does not include direct line management responsibilities, but you will regularly provide specialist guidance, coaching, and support to colleagues across IT&D and partner teams.

Over the next 12 to 18 months, you will contribute to several high impact initiatives including:

• Establishing a more mature, risk based vulnerability management lifecycle and reducing exposure windows across critical systems
• Enhancing incident response readiness through improved playbooks, scenario testing, and lessons learned processes
• Uplifting monitoring coverage and the effectiveness of SIEM/EDR/NDR tooling, including tuning and detection improvements
• Strengthening supplier assurance processes, especially for cloud and SaaS services
• Supporting the development of updated cyber security policies, standards and operating procedures

This is a pivotal role for a motivated cyber professional who wants to make a measurable difference. You will directly influence Surrey County Council's operational security posture and help reduce risk across services that support residents, communities, and frontline operations. Your insights and expertise will shape decision making, improve control maturity, and contribute to a safer, more resilient public service environment.

• Strong experience in cyber security operations, including alert triage, investigation, and incident response
• Demonstrable capability in vulnerability management and translating technical risk into meaningful actions
• Ability to analyse complex information and present clear, concise reports and recommendations
• Proven ability to work collaboratively with technical and non technical stakeholders
• Commitment to continuous professional development and staying current with emerging threats
• High-level proficiency with security tooling (SIEM, EDR, cloud security tools) and modern IT environments
• Alignment with our values of accountability, teamwork, and inclusive service delivery

This role has a starting salary of £53,713 per annum, for working 36 hours per week., * 26 days' holiday, rising to 28 days after 2 years' service and 31 days after 5 years' service (prorated for part time staff)

• Option to buy up to 10 days of additional annual leave
• A generous local government salary related pension
• Up to 5 days of carer's leave and 2 paid volunteering days per year
• Paternity, adoption and dependents leave
• An Employee Assistance Programme (EAP) to support health and wellbeing
• Learning and development hub where you can access a wealth of resources
• Wellbeing and lifestyle discounts including gym, travel, and shopping
• A chance to make a real difference to the lives of our residents., 1. Give an example of how you have helped build a positive security culture across teams.

2. Describe a time when you led or contributed to triage, investigation, or response during a cyber security incident. What actions did you take, and what was the outcome?
3. Give an example of when you identified a significant technical vulnerability or risk. How did you communicate it to stakeholders, and what actions were taken as a result?
4. Tell us about a situation where you analysed complex security information or data and produced a report or recommendation. How did you ensure your findings were clear, concise, and actionable?