Senior Cyber Security Engineer
Social Security Scotland is seeking a Senior Cyber Security Engineer to help secure the cloud platforms that deliver vital public services. This is a key role in a cloud‑first organisation, working to ensure solutions are secure by design, resilient, and compliant.
The Senior Cyber Security Engineer leads the design, implementation, and assurance of cyber security controls across cloud platforms, applications, and infrastructure. You will translate security policy and risk into practical cloud security solutions, working closely with Architecture, Cloud Engineering, DevOps, and Product teams.
Acting as a technical authority, you will provide hands‑on expertise, assurance, and risk‑based guidance, embedding security throughout the delivery lifecycle.
Responsibilities
- Build, develop, and configure tooling and processes to be secure, supporting pre‑commit, Continuous Integration, Continuous Deployment, and production.
- Have experience of operating systems, networking, PKI and cloud security tools.
- Build secure configuration management using Infrastructure as Code.
Main Duties
- Design and deliver secure cloud architectures across IaaS, PaaS, and SaaS environments.
- Lead the implementation of cyber security standards and controls across cloud platforms.
- Provide senior cyber security consultancy, including cloud risk assessments, threat modelling, architecture reviews, audits, and contribution to cyber strategy.
- Work closely with Architecture teams to shape secure target architectures and ensure security requirements are reflected in technical designs.
- Lead and enhance cloud security operations, including identity and access management, vulnerability management, logging, monitoring, and incident response.
- Design and implement automated security controls and assurance, including policy as code, secure configuration baselines, and continuous compliance.
- Translate security requirements into engineering level guidance, supporting developers and engineers to remediate issues and adopt secure coding and deployment practices.
- Engage with internal and external stakeholders, providing security assurance, clear risk articulation, and support for change associated with security improvements.
- Act as a technical mentor, championing cloud security best practice and supporting the development of engineers and security practitioners.
- Design, review, and implement secure cloud infrastructure using IaC tooling such as Terraform and CloudFormation.
Success Profiles
This role uses an assessment framework called "Success Profiles" which tests essential elements and behaviours.
Essential Experience
- Experience implementing cloud native security controls such as IAM, encryption, key management, logging, and monitoring.
- Experience embedding security across the full delivery lifecycle, from early design through to live operations.
- Experience creating or implementing automated security controls and assurance (e.g., policy as code, configuration compliance, or security monitoring rules using IaC tooling).
Behaviours
- Leadership – Level 3
Technical / Professional Skills
These skills will be tested during the technical assessment if the candidate is successful at the sift stage.
Equality and Diversity
Social Security Scotland is committed to equality and inclusion, and we will consider any reasonable adjustments required throughout the recruitment process.
Working Pattern
Standard hours are 35 hours per week with flexible working options, including hybrid working with a minimum of two days per week in an assigned Glasgow or Dundee office.
Security Checks
Successful candidates must complete Baseline Personnel Security Standard (BPSS) and National Security Vetting clearance before appointment.
Right to Work in the UK
Social Security Scotland is an approved sponsor under the UK Visa and Immigration Skilled Worker route.
Pay Supplement
This post is part of the Government Digital and Data (GDD) profession and attracts a £4,000 annual GDD pay supplement.
Further Information
The successful candidate is expected to remain in post for a minimum of three years unless promoted.
#J-18808-Ljbffr”, “datePosted”: “2026-05-17”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Social Security Scotland”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__434431597__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=12335” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “Glasgow” } } }Senior Cyber Security Engineer
Social Security Scotland is seeking a Senior Cyber Security Engineer to help secure the cloud platforms that deliver vital public services. This is a key role in a cloud‑first organisation, working to ensure solutions are secure by design, resilient, and compliant.
The Senior Cyber Security Engineer leads the design, implementation, and assurance of cyber security controls across cloud platforms, applications, and infrastructure. You will translate security policy and risk into practical cloud security solutions, working closely with Architecture, Cloud Engineering, DevOps, and Product teams.
Acting as a technical authority, you will provide hands‑on expertise, assurance, and risk‑based guidance, embedding security throughout the delivery lifecycle.
Responsibilities
- Build, develop, and configure tooling and processes to be secure, supporting pre‑commit, Continuous Integration, Continuous Deployment, and production.
- Have experience of operating systems, networking, PKI and cloud security tools.
- Build secure configuration management using Infrastructure as Code.
Main Duties
- Design and deliver secure cloud architectures across IaaS, PaaS, and SaaS environments.
- Lead the implementation of cyber security standards and controls across cloud platforms.
- Provide senior cyber security consultancy, including cloud risk assessments, threat modelling, architecture reviews, audits, and contribution to cyber strategy.
- Work closely with Architecture teams to shape secure target architectures and ensure security requirements are reflected in technical designs.
- Lead and enhance cloud security operations, including identity and access management, vulnerability management, logging, monitoring, and incident response.
- Design and implement automated security controls and assurance, including policy as code, secure configuration baselines, and continuous compliance.
- Translate security requirements into engineering level guidance, supporting developers and engineers to remediate issues and adopt secure coding and deployment practices.
- Engage with internal and external stakeholders, providing security assurance, clear risk articulation, and support for change associated with security improvements.
- Act as a technical mentor, championing cloud security best practice and supporting the development of engineers and security practitioners.
- Design, review, and implement secure cloud infrastructure using IaC tooling such as Terraform and CloudFormation.
Success Profiles
This role uses an assessment framework called “Success Profiles” which tests essential elements and behaviours.
Essential Experience
- Experience implementing cloud native security controls such as IAM, encryption, key management, logging, and monitoring.
- Experience embedding security across the full delivery lifecycle, from early design through to live operations.
- Experience creating or implementing automated security controls and assurance (e.g., policy as code, configuration compliance, or security monitoring rules using IaC tooling).
Behaviours
- Leadership – Level 3
Technical / Professional Skills
These skills will be tested during the technical assessment if the candidate is successful at the sift stage.
Equality and Diversity
Social Security Scotland is committed to equality and inclusion, and we will consider any reasonable adjustments required throughout the recruitment process.
Working Pattern
Standard hours are 35 hours per week with flexible working options, including hybrid working with a minimum of two days per week in an assigned Glasgow or Dundee office.
Security Checks
Successful candidates must complete Baseline Personnel Security Standard (BPSS) and National Security Vetting clearance before appointment.
Right to Work in the UK
Social Security Scotland is an approved sponsor under the UK Visa and Immigration Skilled Worker route.
Pay Supplement
This post is part of the Government Digital and Data (GDD) profession and attracts a £4,000 annual GDD pay supplement.
Further Information
The successful candidate is expected to remain in post for a minimum of three years unless promoted.
#J-18808-Ljbffr…