Ofgem
Lead Cyber Security Analyst

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Lead Cyber Security Analyst
Lead Cyber Security Analyst – Job Description
Successful Locations
Successful candidates may be based in any of our office locations – Cardiff, Glasgow or London. We especially welcome applicants from Cardard and Glasgow.
Job Summary
Across government, cyber security is fundamental to protecting critical services, safeguarding sensitive data and maintaining public trust. As cyber threats continue to evolve in scale and sophistication, organisations must strengthen their ability to detect, analyse and respond to potential incidents in real time. Ofgem plays a vital role in the UK’s energy system, protecting consumers and enabling a more secure, fair and sustainable energy future, and effective cyber security operations are essential to ensuring resilience and continuity of services.
Ofgem is on a significant transformation journey. Within the Digital, Data and Security Services (DDSS) directorate, we are strengthening our cyber security capability to support a modern, digitally enabled organisation. This includes enhancing monitoring, threat intelligence and incident response processes to ensure that risks are identified early and managed effectively.
As a Lead Cyber Security Analyst, you will play a critical role in protecting Ofgem’s systems and services. You will lead the monitoring and analysis of security events, drive improvements to detection capabilities, and support the effective investigation and response to incidents. You will work across security operations, threat intelligence, and vulnerability management, ensuring that the organisation remains resilient against a dynamic threat landscape.
This is a technically demanding and high-impact role, requiring strong analytical capability, experience in security operations, and the ability to lead activity across complex environments. You will act as both a subject matter expert and a leader, supporting the development of capability and driving continuous improvement across cyber security operations.
Job Description
You will be responsible for:
-
Leading the monitoring and analysis of security events, ensuring threats are identified, investigated, and responded to effectively.
-
Managing the development and implementation of the monitoring roadmap, enhancing detection capabilities across the organisation.
-
Overseeing the triage and investigation of security alerts using SIEM and other monitoring tools, ensuring appropriate escalation and response.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
-
Leading the development of automated monitoring and detection processes, improving efficiency and accuracy of threat detection.
-
Managing vulnerability assessment and remediation activities, ensuring risks are prioritised and addressed using a risk-based approach.
-
Leveraging threat intelligence to inform security operations, identify risks, and enhance preventative controls.
-
Leading incident response activities, including investigation, containment, and recovery, and contributing to continuous improvement through lessons learned.
-
Providing expert advice to stakeholders on security risks, mitigations, and best practice.
-
Supporting resilience through preparedness exercises, red teaming, and continuous capability development.
-
Producing reporting and insight on security posture, risks, and trends for senior stakeholders.
Experience & Requirements
Strongly Preferred
-
Experience working within a Security Operations environment.
-
Strong experience in incident detection, analysis, and response across complex systems.
-
Expertise in intrusion detection, threat intelligence, and vulnerability management.
-
Experience working with security tools, including SIEM and monitoring platforms.
-
The ability to communicate complex security issues clearly to technical and non-technical stakeholders.
-
Relevant certifications such as SANS, GIAC or CISSP (or willingness to achieve).
-
Experience working in government or regulated environments, and familiarity with threat landscapes relevant to energy or critical infrastructure.
Person Specification
Essential Criteria
- Demonstrable experience in analysing incidents across a complex environment. (Lead Criteria)
- Experience in intrusion detection and analysis. (Lead Criteria)
- Experience in a Security Operations environment.
- Previous exposure to IT and network security, networking, and system, security, and network monitoring tools.
- Either holds, or can achieve, SC clearance.
- SANS or GIAC Security Operations Modules or CISSP.
Desirable Criteria
- Sound awareness of the threat environment faced by government, regulatory departments, and the energy industry.
- Experience with M365 and Azure-related Security tooling.
Technical Skills & Behaviours
During the selection process, your skills and behaviours will be assessed:


Get help with your application
Your very own career expert that helps elevate your application to the next level.
- Changing and Improving.
- Making Effective Decisions.
- Delivering at Pace.
You will also be asked to prepare a presentation. Full details of the presentation will be included in the invitation to interview.
Benefits & Rewards
Alongside your salary of £49,452, OFGEM contributes £14,326 towards you being a member of the Civil Service Defined Benefit Pension scheme.
Ofgem offers a comprehensive benefits package:
- 30 days annual leave after 2 years service.
- Excellent training and development opportunities.
- Hybrid working (currently 1 day a week in-person, with potential to adjust).
- Flexible working hours and family-friendly policies.
- Clean, bright, centrally-located offices.
- Engaged networks and teams.
- Contribute to ambitious targets for establishing a Net Zero energy system by 2050.
Selection Process
Application Process
When you apply:
- Complete personal details, career history, and qualifications.
- Provide a 1250-word personal statement demonstrating how you meet essential and desirable criteria.
- Applications may be initially sifted based on lead criteria.
Security and Background Checks:
- Successful candidates must undergo a criminal record check.
- Must meet Security Check requirements (including the Baseline Personnel Security Standard for government assets).
Eligibility
Open to:
- All UK nationals.
- Republic of Ireland nationals.
- Certain Commonwealth, EU and Free Trade Agreement nationals.
- Turkish nationals with work rights in the Civil Service.
Policy Notifications
- Applications generated by AI or AI-assisted tools must be honest and sourced directly.
- Commitment to honesty, fairness, and adherence to the Civil Service Code.
- Conflicts of Interest policy applies.
Feedback
Feedback provided only after interviews or assessments.
Diversity and Inclusion
- Commitment to equal opportunities and disability support.
- Great Place to Work for Veterans initiative.
- Supports candidates with unspent convictions.
Contact
Job contact: Amber Shankland General recruitment enquiries: recruitment@ofgem.gov.uk
[Further job details on external policy links as provided in original.]
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills