Cyber Security Operations Analyst

Department
Cyber Security
Location
Flexible
Salary
£51044 - £59435
Vacancy Type
Permanent
Hours
35
Closing Date
14/06/2026
Ref No
3551
Documents

If you require this advert in another format, please contact recruitment@sds.co.uk or call 0300 013 5119.  

About Us

The Cyber Security Team sits within Enterprise Information Services (EIS), part of the Enabling Services Directorate. We provide cyber security services to SDS and its shared service partners: Scottish Enterprise, Highlands and Islands Enterprise, and South of Scotland Enterprise, supporting around 3,800 users. The team is comprises of two core functions Security Operations and Security Operations Engineering who report to the Information Security Manager. This role sits within the SecOps engineering function, working hands-on with the Microsoft security tooling stack to protect our people, data, and services.

Be part of something bigger — build skills, change lives!

What You’ll Be Doing

This is a hands-on security engineering role. You’ll be responsible for configuring, optimising, and continuously improving our Microsoft security tooling stack including Sentinel, Defender Suite, , Entra ID, Intune, Purview, and Forcepoint to mature the cyber security posture across all four partner organisations.

You’ll engineer, review, and tune detection analytics rules in Sentinel, onboard new log sources, and develop automated security workflows using playbooks and Logic Apps. While our managed Security Operations Centre (SOC) provider supports the creation and tuning of analytics, you’ll provide the in-house technical capability to understand how detections work, validate and optimise them, and perform gap analysis so we have independent assurance that coverage is effective and efficient. You’ll assess detection coverage against frameworks like MITRE ATT&CK identify gaps, and build the content to close them.

You’ll own security-related changes through the Change Advisory Board (CAB) process, produce supporting technical documentation, and test and validate configurations to make sure they perform as intended. Working alongside our Security Operations Engineer, you’ll support security programme delivery aligned to tooling maturity and provide direct operational resilience to the security operations function. You’ll act as the primary technical interface with our managed SOC provider and Microsoft, challenging supplier performance and driving continuous service improvement.

You’ll also contribute to a security tooling roadmap, maintain an improvement backlog, and help maximise the return on our Microsoft E5 licence investment. Your work will directly strengthen our Cyber Essentials Plus accreditation and improve the security posture for thousands of users across Scotland.

What We’re Looking For

You’ll have solid experience in using Microsoft security and compliance technologies, including Sentinel, Defender Suite, Entra ID, Intune, and Purview. You’ll also understand how to implement security baselines aligned to Centre for Internet Security (CIS) benchmarks, which are industry best practice standards for securing IT systems.

You’ll be confident in raising and presenting technical changes at the Change Advisory Board (CAB), producing clear technical documentation, and troubleshooting when configurations do not perform as expected. You’ll know how to work with external suppliers and holding them to agreed standards and deliverables.

Experience in Sentinel automation, mapping detections to the MITRE ATT&CK framework, or improving an organisation’s Secure Score would be advantageous.

A degree-level qualification in cyber security or equivalent practical experience is essential. A recognised professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Microsoft Certified: Security Operations Analyst Associate (SC-200), or Microsoft 365 Security Administrator (MS-500) would be beneficial.

About SDS

Skills Development Scotland (SDS) is Scotland’s national skills agency, focused on driving productivity and inclusive economic growth by investing in skills and supporting people and businesses to reach their full potential. Through deep partnership working, expert insights and innovative solutions, SDS helps address Scotland’s skills and labour‑market challenges, ensuring employers can access the talent they need while individuals gain opportunities to develop and thrive. SDS is guided by strong organisational values, placing customers at the heart of everything it does and fostering a culture of collaboration, continuous improvement and respect.

Our Values

Our organisational values are created by our colleagues and are the compass that guide our behaviours and actions with our customers and each other.  We need our future colleagues to share these values and help us to continue to deliver our bold ambitions for the future;

  • We put the needs of our customers at the heart of all we do
  • We make use of our combined strengths and expertise to deliver the best outcomes
  • We demonstrate self-motivation, personal responsibility, and respect
  • We continually improve to achieve excellence

Why You’ll Love Working Here

SDS is an award-winning, equal opportunities and fair work employer where our culture is driven by our people. The values we share guide how we support our customers—the people of Scotland—and how we support one another. With progressive benefits, flexible ways of working, and a strong focus on wellbeing, engagement, and development, we’re proud to be a great place to work.

Click here to see the full range of our Benefits

Where You’ll be Working

This role can be located at any of our SDS locations, although occasional travel to Glasgow offices will be required. SDS are working to a hybrid working model, therefore the successful applicant is expected to work from both home and an SDS workplace on a regular basis. Happy to discuss this with candidates at Interview. 

How to Apply

The closing date to submit your application is Sunday 14th June 2026. Interviews are due to take place on 16th and 17th July 2026.

If this opportunity excites you and you would like to discuss the role in more detail to help you decide if it is right for you, please contact Donna McWilliam, Information Security Manager at donna.mcwilliam@sds.co.uk.

Using AI

AI can be a useful tool for drafting or polishing your application. Please remember to check that everything you submit is accurate and genuinely represents your skills, experience and voice. We value authenticity and want to hear your real story.

One Last (but very important) Thing

At SDS we are committed to equality, diversity and inclusion.  If you've got the right skills for the job, we want to hear from you. We encourage applications from the right candidates regardless of age, disability, gender identity, sexual orientation, religion, belief or race.  Therefore, while we want to know about your relevant skills and experience, please avoid disclosing any identifying characteristics.

To help you prepare and perform at your best, SDS shares interview questions with all candidates in advance. This removes unnecessary barriers, supports those who benefit from additional preparation time, and helps ensure a fair and transparent recruitment process. This approach is being trialled for 6 months from April 2026.

To find out more about working at SDS and our application process please visit us at https://www.skillsdevelopmentscotland.co.uk/work-with-us/

Internal applicants should discuss their application with their People Manager prior to applying for this post. 

 

Apply Now
Send to a friend