Cyber Security Analyst -Registers of Scotland-SEO
Government Digital & Data -
Cyber Security Analyst
Registers of Scotland
Apply before 11:55 pm on Sunday 21st July 2024
Details
Reference number
360978
Salary
£46,224 - £54,423
A Civil Service Pension with an average employer contribution of 27%
Job grade
Senior Executive Officer
Contract type
Permanent
Business area
RoS - Corporate - Digital
Type of role
Information Technology
Working pattern
Full-time
Number of jobs available
1
Contents
Location
We offer a hybrid working model that provides flexibility to our colleagues in terms of how they work, as long as it meets the needs of both the individual and the organisation. Whilst some opt to do the majority of their work from home, others opt to blend home and office working to suit their specific needs. Your contractual base will be either Meadowbank House, Edinburgh EH8 7AU or St Vincent Plaza, Glasgow G2 5LD. You may be required to visit one of these locations when it is deemed necessary, however this is role dependant.
About the job
Job summary
Cyber Security Analyst
Grade: Cyber Security Analyst (Senior)
Salary: 46,224-54,423
Benefits: Flexible working arrangements, employer pension contributions of circa 29%, generous annual/parental and special leave policies, plus extensive personal wellbeing benefits. Please see full reward package at end of job description for more information.
Duration: Permanent
Location: We offer a hybrid working model that provides flexibility to our colleagues in terms of how they work, as long as it meets the needs of both the individual and the organisation. Whilst some opt to do the majority of their work from home, others opt to blend home and office working to suit their specific needs. Your contractual base will be either Meadowbank House, Edinburgh EH8 7AU or St Vincent Plaza, Glasgow G2 5LD. You may be required to visit one of these locations when it is deemed necessary, however this is role dependant.
Department: Cyber Security
Directorate: Digital, Data and Technology
Role Reports to: IT Enablement Manager and Cyber Security Technical Product Manager
Number of Vacancies: Depending on business needs we may have more than 1 vacancy. If that is the case, offers will be made in strict merit order.
Closing date: Sunday 21st July 2024, 23:59pm
Registers of Scotland (RoS) manages 21 land, property and other legal registers which are a critical asset for the Scottish economy. We aim to provide the best public service for Scotland and are on a mission to make some of the oldest public land registers in the world into some of the most modern. We are committed to providing the best service to our customers through the creation of award-winning digital services, supported by the latest in cloud and AI technology.
When working at RoS we support our colleagues by offering a range of modern work policies and workspaces, as well as encouraging an inclusive, diverse, and equitable work environment. We are proud to promote our We Invest in People Gold Award, Investors in Young People Silver Award and We Invest in Wellbeing Gold Award, alongside our zero gender pay gap and the fact we are a disability confident employer.To get a taste of what we do, our facilities and our hybrid working approach please see the following link for a short video;
Job description
About this Role:
We are seeking an experienced Cyber Security Analyst (Senior) to join our team at RoS. This role is pivotal in ensuring our organisation remains secure as we strive to become a trusted digital registration and information business.
As a senior Cyber Security Analyst, you will excel in identifying and investigating security incidents using industry-leading tools. You will work within our cyber security team, which includes specialist areas such as security operations (your primary focus), security engineering, and digital identity.
You will demonstrate technical expertise in investigating and resolving security events/incidents and will mentor and share knowledge with junior security analysts.
You will have experience of working as part of a team, with a commitment to continuous learning and process improvement, and will be comfortable troubleshooting complex technical issues, providing support to security, IT operations, and development teams as required. You will be aware of agile and product-led processes which can be used to help deliver comprehensive security solutions for the organisation.
You must be adept at communicating with both technical staff in the Digital, Data, and Technology Directorate, and non-technical colleagues across the business, particularly when managing incidents and explaining security control requirements.
Main duties:
Your main duties will include:
- Detection, triage, and response to a wide range of security incidents using a range of tools.
- Development and tuning of our security tools to improve both the accuracy and speed of detection.
- Assisting the wider Security Operations team with Incident investigation and resolution.
- Using security tools to perform threat hunts based on Indicators of Compromise and Threat Intelligence provided by cyber partners in government and industry.
- Identifying and applying efficiencies in security processes using automation
- Responding to cyber security related queries from the wider information technology community and providing expert advice and guidance.
- Evaluating and recommending improvements to the existing security services, keeping abreast of industry standard processes and emerging technologies.
- Creating and maintaining documentation, including standard operating procedures, and configuration guides for solutions you are involved in.
- Responding to security related queries from the wider information technology community and providing expert advice and guidance.
- Helping to develop our Cyber Security Analysts through knowledge share and mentoring.
Person specification
Essential criteria - Your Skills and Attributes for Success
Technical/Experience
-
Demonstrable experience of detecting, triaging, and responding to security events using relevant tools, as well as maintaining and updating tooling to include new security rules and/or tune out false positives. - Experience in using ITSM tools to manage security incidents and security task management.
- Ability to explain the purpose of, and provides advice and guidance on, the application and operation of technical security controls.
- Understanding and experience in technologies such as:
- Next-Generation firewalls (NGFW) – Creation and ongoing management of security rules
- Extended Detection and Response (XDR) – deployment, configuration, and ongoing management of endpoint protection tooling
- Security Orchestration, Automation and Response (XSOAR) – development and use of automated playbooks to assist with investigations and incident data enrichment.
- Web Application Firewalls (WAF) – Configuration and management of rules to protect web applications from threats and vulnerabilities.
- Network Access Control (NAC) – Implementation and administration of policies to control network access and ensure compliance
- Cloud Security Posture Management (CSPM) - Monitoring and managing cloud environments to ensure security compliance and mitigate risks.
- Vulnerability Assessment tools - Deployment and execution of scans and agents to identify, evaluate, and remediate security vulnerabilities across systems.
Desirable/ Non-essential Criteria
Recognised security certifications and/or qualifications are desirable to evidence your commitment to continuous learning and show your technical security acumen.
Competencies or Behaviours
Analysis and making effective decisions.
- Makes decisions when they are needed, even if they prove difficult or unpopular.
- Identifies a broad range of relevant and credible information sources; Recognises when it is necessary to collect new data from internal and external sources.
- Recognises patterns and trends in a wide range of evidence/ data and draws key conclusions, outlining costs, benefits, risks and potential responses.
- Ensures all government and public data and information is treated with care in accordance with security policies and protocols.