Senior CyberSecurity Analyst – Vulnerabilities Manager

Job summary

We’re responsible for Land Transaction Tax and Landfill Disposals Tax. Our work raises revenue to support public services, like the NHS and schools, in communities across Wales. But that’s not all, we're also involved with and support future tax design for Wales.

Join a place with purpose
You’ll join a team of 100+ talented people from across 14 different professions. Our culture is best described as innovative, collaborative and kind. By working together, we’ll deliver a fair tax system for Wales.

Our people
You’ll be working with people from a wide range of backgrounds and experience. From Operations, Policy, Digital and Data, HR, Communications to Finance – there’s a place for you in our friendly team.

You’ll be our greatest asset

You’ll be joining an inclusive organisation and be part of a team where you can thrive, be rewarded and heard.

We’re recognised as one of the top organisations for people engagement in the Civil Service People Survey. Inclusion and fairness are one of our strongest areas, as well as pay and benefits – our People Survey results say it all!

We’re also recognised for being innovative and a digital, ‘cloud-based’ organisation that supports hybrid and flexible working enabling a great work-life balance.

More about working for us, our roles and our Corporate Plan 2025 - 2028 .

Job description

The Cybersecurity Analyst – Vulnerabilities Manager is a key member of the WRA’s IT Operations & Security team, responsible for the operational security of our cloud‑first digital estate. While this role covers a wide range of cyber responsibilities—including monitoring, incident support, secure configuration, governance input and SOC coordination—it includes lead responsibility for vulnerabilities management, reflecting the WRA’s identified security priority area.

As we continue to grow our IT Security team we’re looking to streamline our vulnerabilities management and curate our threat intelligence sources. If you’re up for a challenge helping us improve our security posture and keep our systems secure then please do apply!

"It’s a great time to join the WRA, and the Digital team in particular as we look to grow our portfolio of digital Services and produce an Easy, Fair and Sustainable tax system fit for the future.”

John Vinall, Head of IT Operations and Security

Person specification

You will work closely with senior stakeholders, engineers developers, suppliers and the outsourced SOC to detect, assess and remediate threats, ensuring the organisation maintains a secure and resilient environment.

1. Vulnerability & Threat Management (Lead Area)

• Lead the vulnerability management lifecycle across cloud workloads, endpoints and applications.
• Coordinate and collate vulnerability scanning using relevant tools.
• Work with our outsourced SOC provider to expand authenticated scanning, attack surface discovery and threat‑led prioritisation.
• Analyse scan results, interpret and triage vulnerabilities and threat data, and use these to produce clear remediation guidance tailored to technical and non‑technical stakeholders.
• Horizon-scan for emerging risks and work to ensure WRA is positioned to identify and mitigate those threats.
• Maintain the WRA Vulnerability Management Policy and ensure it remains aligned with emerging risks, changes to compliance frameworks and regulatory changes.

2. Security Monitoring & Incident Response

• Support security operations by reviewing alerts, triaging security events and escalating incidents as required.
• Contribute to first‑line and second‑line incident investigation activities, coordinating with infrastructure engineers and suppliers.
• Curate the collection of threat intelligence sources, adding and removing them as necessary to ensure a wide and deep coverage, and integrate insights into monitoring and detection.

3. Secure Configuration & Operational Security

• Support secure configuration baselines for cloud services, endpoints and network infrastructure (e.g., CIS benchmarks).
• Monitor patch compliance and system hardening across devices, cloud resources and identity platforms.
• Work with IT Operations to ensure services remain secure, patched, resilient and compliant with organisational standards.

4. Governance, Risk & Compliance Support

• Contribute to cyber risk assessments, working with senior colleagues to identify threats, vulnerabilities and control gaps.
• Support audits and assessments aligned to Cyber Essentials Plus and IASME (and potentially other frameworks such as CAF and ISO 27001), including evidence preparation and remediation tracking.
• Provide reporting and metrics that inform the organisation’s cyber risk posture and resilience planning.

5. Stakeholder Engagement & Advisory Duties

• Work collaboratively with stakeholders to embed security considerations into day‑to‑day operations.
• Communicate complex security issues in accessible, practical language to non‑technical colleagues.
• Promote security awareness and contribute to upskilling activities within IT and the wider organisation.

6. Continuous Improvement & Team Development

• Contribute to improving cybersecurity processes, tooling and automation opportunities.
• Participate in knowledge‑sharing activities, retrospectives and capability development across the Digital team.
• Help shape the evolving operating model for cybersecurity as the WRA expands its digital footprint.

Candidate Information Session

If this seems like a role you’d be interested in, join us for our virtual Candidate Information Sessions. You’ll meet the Line Manager, get an overview of the role as well a feeling for what it’s like to work at the WRA. We’ll also talk through our benefits and provide helpful tips for your application with us. Please register for one of the sessions below:

Register here: 1 July 2026 – 12.30-13.00pm https://uwchddadansoddwrseiberddiogelwchseniorcybersecurityanalyst1230.eventbrite.co.uk

Register here: 1 July 2026 – 4.00-4.30pm https://UwchDdadansoddwrSeiberddiogelwchSeniorCyberSecurityAnalyst4pm.eventbrite.co.uk

We recommend you review the job description (or candidate pack) under the 'attachments' section before completing your application

Qualifications

Relevant degree or equivalent experience.

Security certifications (e.g. CISMP, Security+, Azure security certs, ISO 27001 quals) or equivalent experience.

Languages

We’ve undertaken an objective assessment of the Welsh language skills needed to undertake the duties of this role. For this role:

Welsh language skills - Welsh skills are not essential. This means that you do not need Welsh language skills to undertake this role and these skills won’t be assessed during the recruitment process. However, we actively encourage all staff to learn, or improve their Welsh language skills and offer a range of opportunities to suit everyone.

Benefits

Alongside your salary of £47,675, Welsh Revenue Authority contributes £13,811 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides (opens in a new window).

What we offer

• 31 days annual leave + Bank holidays, and 2 Privilege days
• Flexible and hybrid working
• Generous employer pension schemes with a contribution of upto 28.97%
• Tusker car scheme
• Vivup Cycle2Work and advances of salary for season Travel Tickets
• Lifestyle Benefits offering discounts on shopping, restaurants and entertainment
• Wellbeing hour each week
• Access to subsidised sports groups
• Generous family-friendly leave policies
• Free Welsh language courses and time off to learn
• Access to a range of staff diversity networks
• Free counselling and support service via our Vivup Employee Assistance Programme and Your Care Health platform
• A thriving culture that’s described as innovative, collaborative and kind.

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

We’ll always be clear about how we assess your application, at each stage of the process. This will usually include:

• Assessment of your Application Form and CV against the relevant Success Criteria
• A panel interview (if you’re successful at the initial sift stage) Interviews will take place in person.
• If any additional assessments are needed for this role, such as a test or presentation at interview, we’ll let you know in advance.
• Should a large number of applications be received, an initial sift will be conducted using the lead behaviour, Making Effective Decisions

We’re proud to be a Disability Confident Leader so we’ll ask you if you need any adjustments at each stage of the recruitment process. So that we can support you in a way that works for you, we’ll offer a pre-interview accessibility chat to anyone that declares a disability or needs any adjustments. This will take place with someone who is independent of the recruitment process and you won’t be placed at any disadvantage as a result of needing adjustments.

A reserve list may be held for this role for applicants that have scored above the appointable threshold at interview. This means that if a similar vacancy becomes available in the next 12 months we may contact you to offer you the role.

We recommend you review the job description (or candidate pack) under the 'attachments' section before completing your application.

Success criteria

Behaviours

Criteria

Assessed in personal statement and CV

Assessed during interview or assessment

Making Effective Decisions

Use evidence and knowledge to support accurate, expert decisions and advice. Carefully consider alternative options, implications and risks of decisions.

Yes

Yes

Managing a Quality Service

Deliver customer and user service objectives with professional excellence, expertise and efficiency, taking account of diverse customer needs. Establish ways to find and respond to feedback about the services provided.

No

Yes

Communicating and Influencing

Communicate purpose and direction with clarity, integrity and enthusiasm. Respect the needs, responses and opinions of others.

Yes

No

Strengths

Criteria

Assessed in personal statement and CV

Assessed during interview or assessment

Analytical

You seek and analyse information to inform your decisions, based on the best available evidence.

No

Yes

Problem Solver

You take a positive approach to tackling problems and find ways to identify suitable solutions.

No

Yes

Experience

Criteria

Assessed in personal statement and CV

Assessed during interview or assessment

Proven experience as a cyber security analyst (or equivalent role) in an enterprise environment.

Yes

No

Practical experience in vulnerability management, including assessing, triaging and prioritising vulnerabilities across varied technology stacks.

No

Yes

Technical knowledge

Criteria

Assessed in personal statement and CV

Assessed during interview or assessment

Hands‑on experience with security tools such as Microsoft Defender for Cloud, Defender for Endpoint, Secure Score, Sentinel, or equivalent platforms.

Yes

No

Knowledge of Cyber Essentials Plus, IASME, CAF, NIST CSF, ISO 27001/27005 or similar frameworks.

No

Yes

Qualifications

Criteria

Assessed in personal statement and CV

Assessed during interview or assessment

Relevant degree or equivalent experience.

Yes

No

Security certifications (e.g. CISMP, Security+, Azure security certs, ISO 27001 quals) or equivalent experience.

Yes

No

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : Luke Cox, Yolk Recruitment
• Email : luke.cox@yolkrecruitment.com
• Telephone : 07458 160 673

Recruitment team

• Email : luke.cox@yolkrecruitment.com

Further information

The law requires that selection for appointment to the Civil Service is on merit on the basis of fair and open competition. See the Civil Service Commission's recruitment principles where this is set out.
If you feel your application has not been treated in line with the recruitment principles, and you wish to complain, you should contact the Head of HR.
Email: hr@wra.gov.wales
If you’re not satisfied with our response, you can contact the Civil Service Commission.

Attachments

Job description Senior CyberSecurity Analyst – Vulnerabilities Manager (FINAL) Opens in new window (pdf, 331kB)Disgrifiad swydd - Uwch Ddadansoddwr Seiberddiogelwch - Rheolwr Gwendidau - FINAL Opens in new window (pdf, 300kB)