Senior Security Analyst

Discipline: IT

Sector: Central Government

Location: London / Bristol / Manchester / Glasgow / York / Birmingham / Norwich / Newcastle

Type: Permanent

Date posted: 18/11/2021

Start: ASAP

Duration: Permanent

Salary: £49,700 - £56,524 per annum


Are you ready to join a Government department undergoing an exciting and significant Digital Transformation? Cabinet Office are seeking the appointment of a permanent Senior Security Analyst to help support the ambition to make UK Government digital services the best in the world.

CDIO cyber security works in small multidisciplinary agile teams utilising modern, forward-thinking approaches. Some examples of our focus areas are threat-based security monitoring, tooling to reduce vulnerabilities in our services, internal penetration testing services, and providing the security expertise to identify opportunities for security improvements.

What you’ll do

The Cyber Defence team delivers cyber threat intelligence, threat detection, and incident response capabilities for the Cabinet Office and GDS, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you’ll take a leading role in building and delivering these core capabilities.

As a senior security analyst, you will:

  • develop and tune detection content, and lead threat hunts, to identify potentially malicious activity
  • investigate security alerts to understand the nature and extent of possible cyber incidents
  • perform in-depth forensic analysis of systems, files, network traffic and cloud environments
  • respond to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions
  • define requirements for improving and expanding our security tooling
  • Identify cyber threats and vulnerabilities and work with teams across the Cabinet Office to mitigate them
  • develop and update internal plans, playbooks and knowledge base articles
  • act as an escalation point for, and provide coaching and mentoring to, security analysts
  • be responsible for leadership and line management of security analysts

Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join.

Who you are

We’re interested in people who have:

  • significant experience investigating and responding to cyber incidents
  • in-depth understanding of security frameworks such as MITRE ATT&CK
  • experience managing and coordinating the response to cyber incidents
  • experience writing and tuning detection content in EDR and SIEM tools
  • experience with Splunk
  • experience delivering technical, operational and strategic cyber threat intelligence
  • well-developed analytical and problem solving skills
  • excellent verbal and written communication skills
  • experience working in an Agile environment
  • experience with cloud environments such as AWS


We’ll assess you against these behaviours during the selection process:

  • making effective decisions
  • delivering at pace
  • working together
  • managing a quality service

The process:

This is a rolling campaign. Sifting of CV’s and interviews will be held weekly. Please submit your CV immediately.

Applicants will be required to provide an up to date CV and supporting statement (up to 1,250 words) detailing how you meet the requirements and behaviours listed above. You will also provide a completed diversity form.

View the full job description here.

To apply, please email

Cabinet Office are an equal opportunity employer and value diversity in our organisation. You can find out more about our commitment to diversity and inclusion and read our equal opportunities statement on our Diversity and Inclusion page. CDIO is based in Bristol, London and Manchester, and you will be working with colleagues across all three sites. CDIO supports flexible working, including a balance between office and home-based working.

Security Clearance

Please note that this role requires SC clearance, which would normally require 5 years’ UK residency in the past 5 years. This is not an absolute requirement but supplementary checks may be required where individuals have not lived in the UK for the required period. This may mean that your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.

Register Interest

33 King Street, St. James’s,
London, SW1Y 6RJ

    Upload CV