Wood Mackenzie
Cyber Security Specialist

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Wood Mackenzie is the global leader in analytics, insights, and proprietary data across the entire energy and natural resources landscape.
For over 50 years our work has guided the decisions of the world’s most influential energy producers, utilities companies, financial institutions, and governments.
Now, with the world’s energy system more complex and interconnected than ever before, sector-specific views are no longer enough. That’s why we’ve redefined what’s possible with Intelligence Connected.
By fusing our unparalleled proprietary data with the sharpest analytical minds, all supercharged by Synoptic AI, we deliver a clear, interconnected view of the entire value chain. Our trusted team of 2,700 experts across 30 countries breaks siloes and connects industries, markets, and regions across the globe.
This empowers our customers to identify risk sooner, spot opportunities faster, and recalibrate strategy with confidence – whether planning days, weeks, months, or decades ahead.
Wood Mackenzie
Intelligence Connected
WoodMac.com
Wood Mackenzie Brand Video
Wood Mackenzie Values
- Inclusive – we succeed together
- Trusting – we choose to trust each other
- Customer committed – we put customers at the heart of our decisions
- Future Focused – we accelerate change
- Curious – we turn knowledge into action
Position Overview
We are seeking an experienced Cyber Security Analyst to join our cyber security team. The ideal candidate will have a minimum of 5 years cyber security experience and 3+ years in cloud security and/or application security. The candidate will be able to demonstrate a proven track record of protecting enterprise environments against evolving cyber threats. This role requires a technically proficient lead analyst who can lead security initiatives and ensure our cloud and application infrastructure maintains the highest security standards, whilst maintaining business partnerships across the group.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Responsibilities
- Monitor and analyze security events across cloud and on-premises environments using SIEM and security analytics tools
- Conduct thorough investigations of security incidents and provide detailed incident reports
- Develop and maintain incident response playbooks and procedures
- Experience with threat intelligence platforms and threat hunting
- Experience with security orchestration, automation, and response (SOAR) platforms
- Understanding of data protection and encryption technologies
- Experience in regulated industries (financial services, healthcare, energy)
- Background in offensive security or penetration testing
- Design, implement, and maintain security controls across cloud platforms (AWS, Azure, GCP)
- Conduct cloud security assessments and architecture reviews
- Ensure compliance with cloud security best practices and frameworks (CIS Benchmarks, CSA CCM, NIST)
- Manage cloud-native security tools including CSPM, CWPP, and cloud WAF solutions
- Implement and maintain identity and access management (IAM) policies and controls
- Lead cyber security programs and coordinate remediation efforts
- Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps)
- Stay current with emerging threats, vulnerabilities, and security technologies
- Contribute to security awareness training and documentation
- Facilitate Supplier Management and security input into bids
- Support compliance initiatives (SOC 2, ISO 27001, PCI-DSS, GDPR, etc.)
- Develop and enforce security policies, standards, and procedures
- Conduct security audits and risk assessments
- Maintain security documentation and metrics reporting
Required Qualifications
- Minimum of 5 years cyber security experience
- 3+ years of hands-on experience with cloud security (AWS, Azure, or GCP)
- Proven experience leading security incidents and coordinating response efforts
- Experience with security frameworks such as NIST CSF, MITRE ATT&CK, or Zero Trust architecture


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Technical Skills
- Strong expertise in cloud security services and tools (AWS & Azure)
- Experience working with SIEM platforms (Splunk, Sentinel)
- Understanding of network security, firewalls, IDS/IPS, and VPN technologies
- Familiarity with security testing tools (vulnerability scanners, SAST/DAST, penetration testing tools)
- Experience with endpoint detection and response (EDR) solutions
Certifications (One or More Preferred)
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Professional)
- AWS Certified Security - Specialty
- Microsoft Certified: Azure Security Engineer Associate
Soft Skills
- Strong analytical and problem-solving abilities
- Excellent written and verbal communication skills
- Ability to explain complex security concepts to technical and non-technical audiences
- Leadership capabilities and experience mentoring team members
- Strong attention to detail and ability to work under pressure
- Collaborative mindset with cross-functional teams
- Business Partnering experience
Education
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
Working Conditions
- Some flexibility for remote work – 2 days minimum in office (Edinburgh preferred)
Equal Opportunities
We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex (including pregnancy, sexual orientation, and gender identity), national origin, disability, or protected veteran status. You can find out more about your rights under the law at www.eeoc.gov
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills