Vacancy -- Cyber Security Analyst

Recruitment Principles

The Welsh Government's recruitment processes are underpinned by the principle of selection for appointment on merit on the basis of fair and open competition as outlined in the Civil Service Commission’s Recruitment Principles.

Vacancy Details

Permanent Secretary's Group
DDaT - IT Services
HEO - £30,600 - £37,410
Up to £34,490
Full time (applications are welcome from people who work part time, as part of a job share or who work full time)
Pan Wales
'Pan Wales' means that the location in which the vacancy can be based is flexible, subject to the needs of the business. Please note it may not always be possible to accommodate a preference for a specific office location, but requests will be taken into consideration.
w/c 25th October

Purpose of Post:

The Welsh Government has made significant improvements to its IT technology over the last few years and is considered to be one of the leading UK public sector organisations in terms of Digital and IT capability.  WG has recently completed a number of IT projects such as the move to Exchange 365, the transition away from the Government Secure Intranet (GSI) email, the rollout of new laptops to all WG staff (enabling flexible working) and the completion of a major application migration to Microsoft Azure.  This has been captured in a GDS case study on best practice examples of Cloud migration (see

Cyber Security is an exciting, evolving profession within IT and is growing four times faster than any other sector.  Cyber Security professionals are vital to help develop new ways to combat cyber threats and are the main line of defense against spamming, phishing, malware, viruses and other information security threats.  As cyber-attacks have increased, so has the demand for professionals who are trained to stop such attacks.

The IT Services Division is therefore delighted to be growing the Cyber Security presence within Welsh Government and as such is looking for a Cyber Security Analyst to join the expanding team. This is an exciting opportunity for a highly organised, motivated individual who will be primarily responsible for undertaking technical proactive monitoring, security change control, vulnerability scanning and similar functions as well as implementing proportionate risk management strategies to assess and document the threat to IT systems and networks.

Key tasks:

As Cyber Security Analyst, you will:

·         In Real Time, analyse alerts from intrusion detection and other security systems (SIEM, IDS, NIDS, AV, EPS, Firewalls etc.) and respond or escalate in a timely, appropriate and proportionate manner.

·         Conduct analysis of logs from a wide range of infrastructure, and applications to monitor trends.

·         Perform risk assessments and develop recommendations to optimise existing technology to improve the cyber defences.

·         Investigate / escalate security incidents as appropriate ensuring clear communication is issued in a timely manner to the key stakeholders and the Incident Response Team.

·         Remain up to date and informed with regards to IT threats and compromises, assess the threat, and develop a suitable counter measure or recommendation based on findings.

·         Work on a rotational basis, partaking in daily checks which cover security alerts and checks of manufacturer’s websites for vulnerabilities in core infrastructure hardware, software and firmware.

·         Use Media Intelligence to detect up and coming threats of interest, and respond to urgent emails from WG security and key stakeholders.

·         Contribute and assist in the development of operational processes to support the vulnerability management capability.

·         Assist in the management of security incidents as appropriate.

·         Conduct cyber security investigations.

·         Maintain policies and other security documentation.

·         Chair / attend meetings and provide cyber security expertise.

·         Undertake any other requirements as directed by the Senior Cyber Security Analyst.

Development opportunities:

The Cyber Security Analyst role is part of the Digital Data and Technology (DDaT) Profession in Welsh Government (WG).  This is a growing profession within Welsh Government and you will have the opportunity to be part of the community and to develop the role of that community within WG. 

The post offers significant opportunities to work with stakeholders and security experts within and outside of WG.  The global cyber threat continues to evolve at a rapid pace so continuous learning and development will be key to ensuring that the cyber team continue to protect and defend WG IT systems effectively.

Closing Date:

01/10/2021, 23:55

Disability Confident

Welsh Government accepts the social definition of disability, in which it is recognised that barriers in society act to disable people who have impairments or health conditions or who use British Sign Language. We are committed to removing barriers so that all (or potential new staff) can perform at their best. The Equality Act 2010 uses the medical definition of disability (“a physical or mental impairment which has a substantial and long-term impact on a person’s ability to carry out normal day to day activities”).

We guarantee to interview anyone who is disabled whose application meets the minimum criteria for the post. By ‘minimum criteria’ we mean that you must provide us with evidence in your application which demonstrates that you generally meet the level of competence for the role and any qualifications, skills or experience defined as essential. We are committed to the employment and career development of disabled people.

If you have an impairment or health condition, or use British Sign Language and need to discuss reasonable adjustments for any part of this recruitment process, or wish to discuss how we will support you if you were to be successful, please email as soon as possible and a member of the team will contact you to discuss your requirements and any questions you may have.

A Great Place to Work for Veterans

This vacancy is part of the Great Place to Work for Veterans initiative.

Welsh Language Requirements

The Welsh Government is a bilingual organisation and Welsh language skills are considered an asset to the organisation. We encourage and support staff to learn, develop and use their Welsh language skills in the workplace. 

The following list of language requirements represents an objective assessment by the line manager on behalf of the Welsh Government of the Welsh language skills required to undertake the duties of this particular post.

Not necessary to undertake the duties of this post

Social Partnership

In Welsh Government, the relationship between the employer and trade unions is based on social partnership. We believe our goals can best be achieved by management and trade unions working together.

Our 3 recognised trade unions are:
•         PCS
•         Prospect
•         FDA

This relationship is underpinned by a partnership agreement. This sets out how our unions work with Welsh Government on issues such as:
•         pay
•         terms and conditions
•         policies and procedures
•         organisational change.

Our Welsh Government trade union colleagues work together to give their members a real say in the workplace. They make sure that the interests of their members are promoted and protected. They also help reduce inequalities and improve terms and conditions.

The Welsh Government has an excellent track record of working in partnership with its trade unions. We encourage staff to get involved. We support you to join a recognised trade union, to ensure your voice is heard in the workplace. and to learn more about trade unions and partnership working.

Competencies / Job Specific Criteria

The following job specifics skills are also ESSENTIAL for this role.  Please ensure you attach a CV which demonstrates your ability in relation to these skills.

  • In order for applicants to be considered for this role, they must hold or be working towards an industry recognised Cyber specific certification such as SSCP (Systems Security Certified Practitioner). If you are working towards certification please ensure your CV evidences which certification(s) you are working to attain and the training provider of any formal course(s) you have completed or have booked.
  • Experience of security mechanisms and/or a background in system administration.
  • Knowledge and understanding of security concepts and controls, standards and best practice.
  • Knowledge and understanding of Microsoft operating systems and hardening approaches and good working knowledge of Microsoft office tools and applications.

Assessment Process

Throughout the entire assessment process, candidates will be assessed against Behaviours from the Civil Service Success Profile and the Digital Data and Technology (DDaT) capability framework. Please ignore any references you might see relating to competencies within our application system. You can find out more about Success Profiles and the DDaT Capability Framework here: Success Profiles, DDaT Capability Framework.

Leadership, Seeing the Big Picture, Communicating & Influencing, Developing Self and Others, Analysis and Specific Security Technology & Understanding.

Your application will be assessed in three stages:

1) Sift Stage

As part of your application you will be asked to upload a copy of your CV. This should be no more than 2 sides of A4. Anything above 2 sides of A4 will be discounted and will not be considered as part of the sift. Please remove from your CV your name and address to support us in undertaking a “name free” sift.

  • An initial sift will be carried out against your CV and the first essential job specific skill – evidence of holding/working towards certification in Cyber.
  • The remaining three job specific skills will be evaluated against CVs that have passed the initial sift.

2) Technical Exercise Stage

Candidates who have passed the sift stage will be invited to participate in a Technical Exercise (remote video session with Technical Panel).

3) Interview Stage

Candidates who have passed the Technical Exercise will be invited to participate in an Interview (remote video session with Interview Panel).

Further information about stages 2 and 3 will be provided following the sift stage.

Other Information

Philip Anderton - 03000 625643

How to apply

All applications for this vacancy should be made online via the Welsh Government's online application system.  If you have an impairment which would prevent you from applying on-line, please e-mail to request an application pack in an alternative format, or to request a reasonable adjustment related to an impairment in order to submit your application.

To apply, you'll need to have an account on our online application system.  Click the 'Apply' button below, and you'll be asked to 'Log in' if you already have an account, or 'Register' if you don't yet have an account.  Registration takes just a few minutes to complete.  You'll need an e-mail address to be able to register.  Once you've registered for an account and logged in, you'll be taken to the online application form, which you'll need to fully complete and submit before the deadline on the closing date.  

If you’d like to apply for this vacancy in Welsh, please use the ‘Newid Iaith / Change Language’ link at the top of this page, to take you to the Welsh version of this advert, from which you can apply in Welsh.

For further information regarding the Welsh Government recruitment process, please see the Recruitment Guidance for External Candidates (link).

When evidencing your suitability for the post, it is recommended that you refer to the Civil Service Competency Framework (link)

This vacancy is closed to applications.