IT Cloud & Applications Security Analyst

📍 Job Overview

• Job Title: IT Cloud & Applications Security Analyst
• Company: UK Atomic Energy Authority
• Location: Culham, Oxfordshire, United Kingdom
• Job Type: Hybrid (On-site 2-3 days a week)
• Category: Cybersecurity & Information Security
• Date Posted: 2025-06-25
• Experience Level: Mid-Level (2-5 years)

🚀 Role Summary

• Secure and protect hybrid cloud infrastructure, identity services, and SaaS applications for a world-leading fusion energy research organization.
• Collaborate with engineering and security teams to ensure application-level security and compliance with various frameworks.
• Gain valuable experience in cloud security, identity access management, and modern authentication protocols.

📝 Enhancement Note: This role offers an exciting opportunity to contribute to a critical national infrastructure while working on cutting-edge technologies in a hybrid cloud environment.

💻 Primary Responsibilities

• Cloud & Application Security: Monitor and respond to security events affecting cloud platforms and applications, manage posture and compliance monitoring tools, and support DevSecOps practices.
• Identity & Access Management (IAM): Design and implement IAM and Privileged Access Management (PAM) policies across Microsoft Entra ID and M365.
• Security Assurance: Contribute to audits and assessments aligned with ISO 27001, Cyber Assessment Framework (CAF), and Secure by Design principles.
• Collaboration & Communication: Work closely with various teams to ensure security is embedded across the enterprise stack and provide input on best practices for cloud security and access management.

📝 Enhancement Note: This role requires strong analytical and investigative skills to identify risk patterns and remediation actions, as well as excellent documentation and communication skills to support audits and security reviews.

🎓 Skills & Qualifications

Education: A Higher National Diploma (HND) in Information Security, Computer Science, or a related STEM field is required. A degree is preferred.

Experience:

• Demonstrable hands-on experience with Microsoft Entra ID (Azure AD), Conditional Access, and Identity Protection.
• Experience administering Microsoft 365 security controls, including Defender for Office 365, Purview, and Intune.
• Working knowledge of security and compliance frameworks such as CAF, ISO 27001, NIST CSF, and GDPR.
• Experience managing technical controls in cloud-native platforms (Azure, AWS, or GCP).
• Familiarity with SaaS security, user lifecycle management, and enterprise access models.

Required Skills:

• Analytical and investigative skills
• Strong documentation and communication skills
• Ability to obtain SC-level national security clearance

Preferred Skills:

• Certifications such as AZ-500, SC-300, or equivalent
• Experience with Power Platform, Dataverse, and automation tooling
• Exposure to DevSecOps practices, CI/CD security, and secure SDLC
• Familiarity with ITSM workflows and change control procedures

📝 Enhancement Note: While not explicitly stated, having experience with Azure and other cloud platforms is highly desirable for this role.

📊 Web Portfolio & Project Requirements

• Security Portfolio: Prepare case studies demonstrating your experience in cloud security, identity access management, and security assurance.
• Technical Documentation: Document your approach to security incident response, risk management, and compliance with relevant frameworks.
• Certifications: Highlight any relevant certifications, such as AZ-500 or SC-300, to showcase your expertise in cloud security.

📝 Enhancement Note: As this role involves working with sensitive information and national security, it's crucial to ensure that your portfolio and documentation adhere to strict security protocols and best practices.

💵 Compensation & Benefits

Salary Range: The salary for this role is £42,858 per year. This is in line with the UK government's pay scales for IT roles at this level.

Benefits:

• Outstanding defined benefit pension scheme
• Corporate bonus scheme up to 7%
• Relocation allowance (if eligible)
• Flexible working options, including family-friendly policies
• Employee Assistance Programme and trained Mental Health First Aiders
• Generous annual leave allowance starting with 25 days, plus 3 days Christmas closure and 2.5 privilege days, in addition to UK bank holidays
• Wide range of career development opportunities
• Vibrant culture committed to equality and being fully inclusive

Working Hours: The role requires on-site working for 2-3 days a week, with flexible working options available for the remaining days.

📝 Enhancement Note: The salary range provided is based on UK government pay scales for IT roles at this level. However, the actual salary may vary depending on factors such as experience and qualifications.

🎯 Team & Company Context

🏢 Company Culture

Industry: The UK Atomic Energy Authority (UKAEA) is a world leader in developing nuclear fusion as a clean and limitless energy source, contributing to a sustainable future.

Company Size: UKAEA is a large organization with a significant presence in the UK's energy sector, employing around 1,500 people.

Founded: UKAEA was established in 1954 and has since played a crucial role in the development of nuclear fusion research and technology.

Team Structure:

• The Information & Cyber Security Group is responsible for ensuring the security and resilience of UKAEA's digital infrastructure.
• The team works closely with engineering, operations, and other security teams to protect UKAEA's hybrid cloud environment and applications.
• The role reports directly to the Information & Cyber Security Manager.

Development Methodology:

• UKAEA follows best practices in cloud security, identity access management, and secure software development.
• The organization is committed to continuous improvement and encourages professional development and training opportunities.

Company Website: UK Atomic Energy Authority

📝 Enhancement Note: UKAEA's commitment to innovation, collaboration, and continuous improvement makes it an attractive place to work for cybersecurity professionals looking to develop their skills in a challenging and impactful environment.

📈 Career & Growth Analysis

Web Technology Career Level: This role is suitable for a mid-level cybersecurity professional with 2-5 years of experience in cloud security, identity access management, and security assurance.

Reporting Structure: The role reports directly to the Information & Cyber Security Manager and works closely with various teams, including engineering, operations, and other security teams.

Technical Impact: The role has a significant impact on UKAEA's ability to protect its hybrid cloud infrastructure, identity services, and SaaS applications, ensuring the security and resilience of its digital operations.

Growth Opportunities:

• Technical Specialization: Deepen your expertise in cloud security, identity access management, or security assurance by taking on more complex projects and challenges.
• Team Leadership: Demonstrate strong leadership skills and take on mentoring responsibilities within the team.
• Architecture & Strategy: Contribute to the development of UKAEA's cybersecurity architecture and strategy, working closely with senior leadership.

📝 Enhancement Note: UKAEA's commitment to professional development and growth opportunities makes it an attractive place to work for cybersecurity professionals looking to advance their careers in a supportive and challenging environment.

🌐 Work Environment

Office Type: UKAEA's Culham site offers a modern and collaborative work environment, with state-of-the-art facilities and a strong focus on innovation and collaboration.

Office Location(s): Culham, Oxfordshire, United Kingdom

Workspace Context:

• The Information & Cyber Security Group is responsible for ensuring the security and resilience of UKAEA's digital infrastructure.
• The team works closely with engineering, operations, and other security teams to protect UKAEA's hybrid cloud environment and applications.
• The role requires on-site working for 2-3 days a week, with flexible working options available for the remaining days.

Work Schedule: The role requires on-site working for 2-3 days a week, with flexible working options available for the remaining days. The working hours are typically Monday to Friday, 9:00 AM to 5:00 PM, with a 1-hour lunch break.

📝 Enhancement Note: UKAEA's commitment to flexible working and work-life balance makes it an attractive place to work for cybersecurity professionals looking for a supportive and family-friendly work environment.

📄 Application & Technical Interview Process

Interview Process:

1. Technical Screening: A telephone or video call to discuss your experience and qualifications, focusing on your knowledge of cloud security, identity access management, and security assurance.
2. On-site Interview: A visit to UKAEA's Culham site to meet the team, discuss the role in more detail, and complete a technical assessment or case study.
3. Final Interview: A meeting with the Information & Cyber Security Manager and other senior stakeholders to discuss your fit for the role and UKAEA's culture.

Portfolio Review Tips:

• Highlight your experience in cloud security, identity access management, and security assurance, using case studies and technical documentation to demonstrate your expertise.
• Showcase your ability to work collaboratively with various teams to ensure security is embedded across the enterprise stack.
• Emphasize your understanding of security frameworks and best practices, and your ability to contribute to audits and assessments.

Technical Challenge Preparation:

• Brush up on your knowledge of Microsoft Entra ID, Microsoft 365 security controls, and modern authentication protocols.
• Familiarize yourself with security frameworks such as CAF, ISO 27001, NIST CSF, and GDPR.
• Prepare for scenario-based questions that test your analytical and investigative skills, as well as your ability to identify risk patterns and remediation actions.

ATS Keywords: [See the comprehensive list of web development and server administration-relevant keywords for resume optimization, organized by category: programming languages, web frameworks, server technologies, databases, tools, methodologies, soft skills, industry terms]

📝 Enhancement Note: UKAEA's commitment to a thorough and comprehensive interview process ensures that candidates have the opportunity to demonstrate their skills and experience in a supportive and challenging environment.

🛠 Technology Stack & Web Infrastructure

Cloud Platforms:

• Microsoft Azure (preferred)
• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)

Identity & Access Management:

• Microsoft Entra ID (Azure AD)
• Conditional Access
• Identity Protection
• Privileged Access Management (PAM)

Microsoft 365 Security Controls:

• Defender for Office 365
• Purview
• Intune

Security Frameworks & Standards:

• Cyber Assessment Framework (CAF)
• ISO 27001
• NIST Cybersecurity Framework (CSF)
• GDPR

Monitoring & Logging Tools:

• Azure Sentinel
• Azure Defender
• Microsoft 365 Defender

📝 Enhancement Note: UKAEA's commitment to using best-in-class cloud security tools and frameworks ensures that candidates have the opportunity to work with cutting-edge technologies in a challenging and impactful environment.

👥 Team Culture & Values

UKAEA Values:

• Innovative: UKAEA encourages creativity, curiosity, and continuous learning to drive innovation in nuclear fusion research and technology.
• Committed: UKAEA is dedicated to delivering on its mission to bring fusion electricity to the grid and supporting tomorrow's power stations.
• Trusted: UKAEA is committed to building trust with its stakeholders, including partners, customers, and the wider community.
• Collaborative: UKAEA fosters a culture of collaboration, working closely with industry, academia, and research organizations to advance the state of the art in nuclear fusion.

Collaboration Style:

• UKAEA encourages cross-functional collaboration between teams, with a strong focus on knowledge sharing, technical mentoring, and continuous learning.
• The Information & Cyber Security Group works closely with engineering, operations, and other security teams to ensure security is embedded across the enterprise stack.
• UKAEA is committed to providing a supportive and inclusive work environment, with a strong focus on diversity, equity, and inclusion.

📝 Enhancement Note: UKAEA's commitment to innovation, collaboration, and continuous learning makes it an attractive place to work for cybersecurity professionals looking to develop their skills in a supportive and challenging environment.

⚡ Challenges & Growth Opportunities

Technical Challenges:

• Cloud Security: Protect hybrid cloud infrastructure and SaaS applications from emerging threats and evolving attack vectors.
• Identity Access Management: Implement and manage IAM and PAM policies across Microsoft Entra ID and M365, ensuring the security and resilience of UKAEA's digital infrastructure.
• Security Assurance: Contribute to audits and assessments aligned with ISO 27001, CAF, and Secure by Design principles, ensuring UKAEA's compliance with relevant security standards and best practices.

Learning & Development Opportunities:

• Certification Programs: UKAEA supports professional development and growth opportunities, including certification programs such as AZ-500, SC-300, or equivalent.
• Conferences & Events: Attend industry conferences and events to stay up-to-date with the latest trends and best practices in cloud security, identity access management, and security assurance.
• Mentoring & Coaching: Benefit from UKAEA's mentoring and coaching programs to develop your skills and advance your career in a supportive and challenging environment.

📝 Enhancement Note: UKAEA's commitment to professional development and growth opportunities ensures that cybersecurity professionals have the opportunity to advance their careers in a supportive and challenging environment.

💡 Interview Preparation

Technical Questions:

• Cloud Security: Describe your experience with cloud security, focusing on your knowledge of Microsoft Azure, AWS, or GCP. Discuss your approach to protecting hybrid cloud infrastructure and Saa6 applications from emerging threats and evolving attack vectors.
• Identity Access Management: Explain your experience with identity access management, focusing on your knowledge of Microsoft Entra ID, Conditional Access, and Identity Protection. Discuss your approach to implementing and managing IAM and PAM policies across Microsoft Entra ID and M365.
• Security Assurance: Describe your experience with security assurance, focusing on your knowledge of security frameworks such as ISO 27001, CAF, and Secure by Design. Discuss your approach to contributing to audits and assessments, ensuring compliance with relevant security standards and best practices.

Company & Culture Questions:

• UKAEA's Mission: Explain your understanding of UKAEA's mission to bring fusion electricity to the grid and support tomorrow's power stations. Discuss how your role contributes to this mission and the impact you hope to make in your first year.
• Collaboration & Teamwork: Describe your experience working collaboratively with various teams to ensure security is embedded across the enterprise stack. Discuss your approach to knowledge sharing, technical mentoring, and continuous learning.
• Innovation & Adaptability: Explain your approach to innovation and adaptability in the face of emerging threats and evolving attack vectors. Discuss how you stay up-to-date with the latest trends and best practices in cloud security, identity access management, and security assurance.

Portfolio Presentation Strategy:

• Cloud Security: Highlight your experience with cloud security, focusing on your knowledge of Microsoft Azure, AWS, or GCP. Use case studies and technical documentation to demonstrate your approach to protecting hybrid cloud infrastructure and SaaS applications from emerging threats and evolving attack vectors.
• Identity Access Management: Showcase your experience with identity access management, focusing on your knowledge of Microsoft Entra ID, Conditional Access, and Identity Protection. Use case studies and technical documentation to demonstrate your approach to implementing and managing IAM and PAM policies across Microsoft Entra ID and M365.
• Security Assurance: Highlight your experience with security assurance, focusing on your knowledge of security frameworks such as ISO 27001, CAF, and Secure by Design. Use case studies and technical documentation to demonstrate your approach to contributing to audits and assessments, ensuring compliance with relevant security standards and best practices.

📝 Enhancement Note: UKAEA's commitment to a thorough and comprehensive interview process ensures that candidates have the opportunity to demonstrate their skills and experience in a supportive and challenging environment.

📌 Application Steps

To apply for this IT Cloud & Applications Security Analyst position:

1. Submit Your Application: Click the "Apply" button on the job listing to submit your application through SmartRecruiters.
2. Prepare Your Portfolio: Tailor your portfolio to highlight your experience in cloud security, identity access management, and security assurance. Use case studies and technical documentation to demonstrate your expertise and approach to protecting hybrid cloud infrastructure and SaaS applications.
3. Optimize Your Resume: Highlight your relevant skills and experience, focusing on your knowledge of Microsoft Entra ID, Microsoft 365 security controls, and modern authentication protocols. Include any relevant certifications, such as AZ-500 or SC-300.
4. Research UKAEA: Familiarize yourself with UKAEA's mission, values, and culture. Prepare for interview questions that focus on your understanding of UKAEA's role in the energy sector and your ability to contribute to its mission.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web development/server administration industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.