Job Description

Details

-----------


###

Reference number

413873
###

Salary

57,701 - 71,942
GBP
###

Job grade

Grade 7
C1###

Contract type

Permanent###

Business area

SSS - Chief Digital Office###

Type of role

Other###

Working pattern

Full-time###

Number of jobs available

1

Contents

------------

Location About the job Benefits Things you need to know Apply and further information

Location

------------


Dundee, Glasgow

About the job

-----------------

###

Job summary

Are you ready to lead the way in securing cloud environments for a vital public service? We are looking for a highly skilled Principal Cloud Security Engineer to join the Digital Risk & Security branch of our Chief Digital Office. In this pivotal role, your expertise will be instrumental in protecting Social Security Scotland's critical information systems, supporting our commitment to safeguarding public data and digital services.



As a key technical leader, you will drive the adoption and evolution of DevSecOps practices across a complex multi-cloud environment. Collaborating closely with cloud engineers, developers, and architects, you will lead the design and integration of security tooling into our cloud environments, ensuring security is embedded at every stage of our organisation. Your role will be pivotal in implementing secure-by-design cloud architectures, delivering scalable, automated solutions that align with industry best practices and support our wider digital transformation goals.



This is a highly technical role requiring a deep understanding of cloud infrastructure and advanced security expertise. You will play a critical part in articulating security postures, managing technical risks, and implementing controls to mitigate potential threats. While this role does not involve direct security operations or governance, your developer experience and stakeholder management skills will be vital. You will collaborate across teams, influence senior management, and drive forward innovative security solutions that balance security needs with operational agility.



A Principal Cloud Security Engineer designs, builds, manages and supports the security controls within our infrastructure services that underpin all internal user services and services to the public.



The Principal Cloud Security Engineer manages third party provision of cloud security services and the provision of expertise to develop secure architectural solutions for our cloud infrastructure services, throughout the service product life cycle, security engineering teams in building, managing, supporting and maintaining solutions according to departmental policy (if taking a managerial path).

DDaT Pay Supplement

This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a 5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.

###

Job description

Lead the design, implementation, and support of cloud infrastructure solutions with embedded security controls, utilising industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. Lead cross-functional teams in applying modern development and security standards to support complex projects, ensuring security by design. Proactively identify vulnerabilities and potential issues in cloud environments, initiating preventative measures and continuous security improvements. Collaborate with Architects, Developers, and DevOps teams to embed security into the end-to-end development pipeline, promoting DevSecOps best practices. Establish and maintain security frameworks and procedures across the service life-cycle, ensuring compliance with standards such as ISO27001 and government policies. Diagnose and troubleshoot security and infrastructure issues across diverse systems, including compute, storage, networking, and software. Cultivate strong stakeholder relationships, serving as the primary point of contact for cyber security matters, and securing buy-in for security initiatives. Advise on emerging security threats and future technology trends, supporting strategic planning and security posture enhancement. Lead system and acceptance testing strategies, ensuring security controls are validated and operational risks are effectively managed. Lead the development of security awareness and training programmes to promote a strong security culture within technical teams. ###

Person specification

Essential Experience

Proven hands-on experience designing and implementing secure cloud infrastructure solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security by design. Extensive experience engaging with senior stakeholders to communicate technical security solutions, secure buy-in for security controls, and lead cross-team efforts to embed security best practices into enterprise cloud environments.

Behaviours

Seeing the big picture (Level 4) Changing and improving (Level 4)

You can find out more about Success Profiles Behaviours here: Success Profiles - Civil Service Behaviours (publishing.service.gov.uk)

Technical/Professional Skills:

This role is aligned to Infrastructure engineer - Government Digital and Data Profession Capability Framework within the Digital, Data and Technology Profession.


These skills will be tested during the Technical Assessment if you are successful at sift stage. They will be not be assessed at application stage. Please review the following to understand the skill expectations: Government Digital and Data Profession Capability Framework

Benefits

------------


Annual Leave - You will receive 25 days annual leave on joining us. This will increase to 30 days after four full years of service. You will also have 11.5 public and privilege days of leave every year. We also offer Flexi-time. Any extra hours you've worked can be taken as leave when suitable.




A Civil Service Pension - This job comes with a Civil Service pension. New joiners to the Civil Service will join a career average pension scheme as standard. Read more here - www.civilservicepensionscheme.org.uk.




Healthy work life balance - We can offer the possibility of full-time, part-time, term-time, and job shares. We also encourage flexible working.




Discounts - You can enjoy a vast range of retail, travel and lifestyle discounts through our benefit scheme.




Personal support for you - Our Employee Assistance Programme gives you confidential, independent information and guidance 24/7.




Volunteering special leave - Up to six days paid special leave a year for volunteering. We support our staff to help causes important to them.




Great locations - Our bright and modern offices in the heart of Dundee and Glasgow have been designed with staff in mind. Both locations are ideal for public transport.

Things you need to know

---------------------------

###

Selection process details

Expected Timeline (subject to change):

Sift - w/c 21st July 2025

Interview - w/c 6th August 2025

Location - In Person in either Dundee or Glasgow



To apply, please submit an application form by clicking on the 'Apply at Advertisers Site' button.



Feedback will only be provided if you attend an interview or assessment.###

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .



See our vetting charter .
People working with government assets must complete baseline personnel security standard (opens in new window) checks.###

Nationality requirements

This job is broadly open to the following groups:


UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements
###

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.



We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles .
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.###

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy .

Apply and further information

---------------------------------


This vacancy is part of the Great Place to Work for Veterans initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.###

Contact point for applicants

####

Job contact :

Name : Resourcing Team Email : recruitment@socialsecurity.gov.scot
####

Recruitment team

Email : recruitment@socialsecurity.gov.scot ###

Further information

https://www.socialsecurity.gov.scot/jobs/how-to-make-a-great-application