Cyber Security Specialist

Position Overview:

We are seeking an experienced Cyber Security Analyst to join our cyber security team. The ideal candidate will have a minimum of 5 years cyber security experience and 3+ years in cloud security and/or application security. The candidate will be able to demonstrate a proven track record of protecting enterprise environments against evolving cyber threats. This role requires a technically proficient lead analyst who can lead security initiatives and ensure our cloud and application infrastructure maintains the highest security standards, whilst maintaining business partnerships across the group.

Key Responsibilities:

• Monitor and analyze security events across cloud and on-premises environments using SIEM and security analytics tools
• Conduct thorough investigations of security incidents and provide detailed incident reports
• Develop and maintain incident response playbooks and procedures
• Experience with threat intelligence platforms and threat hunting
• Experience with security orchestration, automation and response (SOAR) platforms
• Understanding of data protection and encryption technologies
• Experience in regulated industries (financial services, healthcare, energy)
• Background in offensive security or penetration testing
• Design, implement, and maintain security controls across cloud platforms (AWS, Azure, GCP)
• Conduct cloud security assessments and architecture reviews
• Ensure compliance with cloud security best practices and frameworks (CIS Benchmarks, CSA CCM, NIST)
• Manage cloud-native security tools including CSPM, CWPP, and cloud WAF solutions
• Implement and maintain identity and access management (IAM) policies and controls
• Lead cyber security programs and coordinate remediation efforts
• Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps)
• Stay current with emerging threats, vulnerabilities, and security technologies
• Contribute to security awareness training and documentation
• Facilitate Supplier Management and security input into bids
• Support compliance initiatives (SOC 2, ISO 27001, PCI-DSS, GDPR, etc.)
• Develop and enforce security policies, standards, and procedures
• Conduct security audits and risk assessments
• Maintain security documentation and metrics reporting

Required Qualifications:

• Minimum of 5 years cyber security experience
• 3+ years of hands-on experience with cloud security (AWS, Azure, or GCP)
• Proven experience leading security incidents and coordinating response efforts
• Experience with security frameworks such as NIST CSF, MITRE ATT&CK, or Zero Trust architecture

Technical Skills:

• Strong expertise in cloud security services and tools (AWS & Azure)
• Experience working with SIEM platforms (Splunk, Sentinel)
• Understanding of network security, firewalls, IDS/IPS, and VPN technologies
• Familiarity with security testing tools (vulnerability scanners, SAST/DAST, penetration testing tools)
• Experience with endpoint detection and response (EDR) solutions

Certifications (one or more preferred):

• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• AWS Certified Security - Specialty
• Microsoft Certified: Azure Security Engineer Associate

Soft Skills:

• Strong analytical and problem-solving abilities
• Excellent written and verbal communication skills
• Ability to explain complex security concepts to technical and non-technical audiences
• Leadership capabilities and experience mentoring team members
• Strong attention to detail and ability to work under pressure
• Collaborative mindset with cross-functional teams
• Business Partnering experience

Education:

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)

Working Conditions:

• Some flexibility for remote work – 2 days minimum in office (Edinburgh preferred)

#LI-DB1