Cyber security: operations

Cyber Security Engineer

Role summary

The Cyber Security Engineer builds, develops, and configures tooling and processes to be secure. They build tooling to support pre-commit, Continuous Integration, Continuous Deployment through to production. They have experience of operating systems, Networking, PKI and Cloud Security tools. They build Secure Configuration Management using Infrastructure as Code

Role levels are:

• Cyber security engineer associate
• Cyber security engineer
• Cyber security engineer senior
• Cyber security engineer principal

Entry routes

Internal: Suitable for an individual from the Government Security Profession or Digital, Data and Technology Profession

External: Suitable for an individual who has worked in the private cyber security sector in a technical capacity

Skills required to be a cyber security engineer

• Cyber security operations. Cyber Security operations are the secure configuration and maintenance of information, controls and communications equipment in accordance with relevant security policies, standards and guidelines. This includes the configuration of information security devices (e.g. firewalls) and protective monitoring tools (e.g. Security Information and Event Management (SIEM)). Principles include implementing security policy (e.g. patching policies) and security operating procedures in respect of system and/or network management, maintaining security records and documentation in accordance with security operating procedures, and monitoring processes for violations of relevant security policies (e.g. acceptable use, security).
• Secure design. Secure design is the ability to apply Cyber Security functions or designs to reduce high-level to low-level service exploitation opportunities. Secure design includes designing countermeasures and mitigations against potential exploitations of service weaknesses for applications, systems, hardware and/or services.
• Secure development. Secure development allows for the implementation of secure systems, products and components, using appropriate methodologies and frameworks. It includes the development, creation, maintenance and coding of new (or modification of existing) computer applications, software or bespoke utility programs for business outcomes.
• Specific security technology and understanding. Knowledge of system architectures. Able to understand the risk impact of vulnerabilities on existing and future designs and systems, and identify how easy or difficult it will be to exploit these vulnerabilities.
• Understanding security implications of transformation. Able to work with business and technology stakeholders to understand the security implications of business change. Can interpret and apply an understanding of policy and process, business architecture and legal and political implications to assist in the development of technical solutions or controls.

Cyber security engineer associate

Typical role level expectations

• Support the identification, design and development of cyber security solutions across a wide variety of applications and infrastructure
• Support the implementation of cyber security policy and standards
• Provide support for cyber security consultancy services (from risk assessments and audits to strategy development) across a variety of technology projects
• Engage with the Technology Architecture team and support the design of technology solutions and architecture for a variety of projects and programmes

Skills needed for this role

• Cyber security operations (Relevant skill level: awareness). At this level you:
  • Recognise the need for information systems and services to be operated and monitored securely and can list some of the main policies and practices involved in achieving this
  • Can explain the main principles of secure configuration of role specific security components and devices, including firewalls and protective monitoring tools (e.g. SIEM)
• Secure design (Relevant skill level: awareness). At this level you:
  • Understand a number of secure design principles, frameworks and standards for designing a digital service
  • Support the definition of secure design requirements based on business drivers and attributes
  • Are aware of several methods of design such as agile delivery
  • Are familiar with hardware and software languages that can be used on a digital service
  • Are aware of security audit frameworks for digital services
• Secure development (Relevant skill level: working). At this level you:
  • Develop services by writing programming and scripting language
  • Take a lead in conducting software debugging and guides developers/engineers to resolve issues
  • Create and deliver automated assurance against Technical Security guidance and configurations
  • Implement business logic and technical solutions to design out fraud and error
  • Build and implement security audit points in digital services
  • Drive secure coding practices and champions them in the engineering community
• Specific security technology and understanding (Relevant skill level: working). At this level you:
  • Have knowledge of system architectures.
  • Are able to understand and articulate the impact of vulnerabilities on existing and future designs and systems, and is able to articulate a response.
  • Have broad knowledge of a range of systems but may specialise in one.
• Understanding security implications of transformation (Relevant skill level: working). At this level you:
  • Can interpret and apply understanding of policy and process, business architecture, and legal and political implications in order to assist the development of technical solutions or controls.

Cyber security engineer

Typical role level expectations

• Identify, design and develop cyber security solutions across a wide variety of applications and infrastructure
• Support implementation of cyber security policy and standards
• Provide cyber security consultancy services (from risk assessments and audits to strategy development) across a variety of technology projects
• Engage with the Technology Architecture team and support the design of technology solutions and architecture for a variety of projects and programmes

Skills needed for this role

• Cyber security operations (Relevant skill level: working). At this level you:
  • Demonstrate experience applying the principles of secure configuration of role-specific security components and devices in a training or academic environment, for example through participation in syndicate exercises, undertaking practical exercises, and/or passing a test or examination
  • Support the overall aims of a Cyber Security operations-related team, e.g. a monitoring team
  • Apply routine security procedures appropriate to the role, such as patching, managing access rights, malware, protection or vulnerability testing under direction/supervision
  • Develop and test rules for detecting violations of security operating procedures under supervision
• Secure design (Relevant skill level: practitioner). At this level you:
  • Lead and create documentation of a digital service and subsequent revisions, inserting comments in the coded instructions so it can be understood by others, including engineers
  • Lead the preparation of detailed workflow and diagrams that describe input, output and logical operation of a digital service
  • Produce low-level design and develops processes for maintaining the security of a service through its full life cycle
  • Lead and translate security requirements into application design elements including documenting specific security criteria
  • Create audit points in the software development life cycle process by designing audit compliance
• Secure development (Relevant skill level: working). At this level you:
  • Develop services by writing programming and scripting language
  • Take a lead in conducting software debugging and guides developers/engineers to resolve issues
  • Create and deliver automated assurance against Technical Security guidance and configurations
  • Implement business logic and technical solutions to design out fraud and error
  • Build and implement security audit points in digital services
  • Drive secure coding practices and champions them in the engineering community
• Specific security technology and understanding (Relevant skill level: working). At this level you:
  • Have knowledge of system architectures.
  • Are able to understand and articulate the impact of vulnerabilities on existing and future designs and systems, and is able to articulate a response.
  • Have broad knowledge of a range of systems but may specialise in one.
• Understanding security implications of transformation (Relevant skill level: working). At this level you:
  • Can interpret and apply understanding of policy and process, business architecture, and legal and political implications in order to assist the development of technical solutions or controls.

Cyber security engineer senior

Typical role level expectations

• Identify, design and develop cyber security solutions across a wide variety of applications and infrastructure
• Lead the implementation of cyber security policy and standards
• Provide senior cyber security consultancy services (from risk assessments and audits to strategy development) across a variety of technology projects
• Engage with the Technology Architecture team and support the design of technology solutions and architecture for a variety of projects and programmes
• Engage with a broad range of internal and external stakeholders, providing cyber security assurance and managing the change process for the implementation of cyber security strategy, standards and solutions.

Skills needed for this role

• Cyber security operations (Relevant skill level: practitioner). At this level you:
  • Develop security operating procedures for use across multiple information systems or maintains compliance with them
  • Apply routine security procedures appropriate to the role, such as patching, managing access rights, malware protection or vulnerability testing with autonomy
  • Develop and tests rules for detecting violations of security operating procedures with autonomy
  • Lead small teams managing Cyber Security operations within an organisation
• Secure design (Relevant skill level: expert). At this level you:
  • Champion secure design principles, frameworks and standards for a digital service or programme
  • Sponsor and directs design of detailed low-level workflows, diagrams that describe input, output and logical operation of a digital service. Designs and develops the processes of a digital service through its full life cycle
• • Lead and translate security requirements into application design elements including documenting specific security criteria
  • Design advanced audit points into digital services
• Secure development (Relevant skill level: practitioner). At this level you:
  • Develop services by writing programming and scripting language
  • Lead software debugging and guides developers/engineers to resolve issues
  • Create and delivers automated assurance against Technical Security guidance and configurations
  • Implement business logic and technical solutions to design out fraud and error
  • Build and implement security audit points in digital services
  • Drive secure coding practices and champions them, including in the engineering community
• Specific security technology and understanding (Relevant skill level: practitioner). At this level you:
  • Have developed knowledge of system architectures.
  • Are able to understand and articulate the impact of vulnerabilities on existing and future designs and systems, and is able to provide insight into how these can be exploited.
  • Have developed knowledge of a range of systems and may specialise in a number of specific systems.

​​​​​​​Cyber security engineer principal

Typical role level expectations

• Lead teams of Cyber Security Engineers and cyber engineering functions
• Identify, design and develop cyber security solutions across a wide variety of applications and infrastructure
• Responsible for the implementation of cyber security policy and standards
• Provide oversight of cyber security consultancy services across a variety of technology projects
• Responsible for managing relationships with the Technology Architecture team and support the design of technology solutions and architecture for a variety of projects and programmes
• Representing Scottish Government with a broad range of internal and external stakeholders, providing cyber security assurance and managing the change process for the implementation of cyber security strategy, standards and solutions.

Skills needed for this role

• Cyber security operations (Relevant skill level: expert). At this level you:
  • Lead teams managing Cyber Security operations within an organisation
  • Identify the need for, and implement, new security operating procedures and practices to meet changing requirements
  • Are a subject matter expert in developing and operationalising techniques for Cyber Security operations, e.g. detecting anomalous activity, automating orchestration and configuration of IT
• Secure design (Relevant skill level: expert). At this level you:
  • Champion secure design principles, frameworks and standards for a digital service or programme
  • Sponsor and directs design of detailed low-level workflows, diagrams that describe input, output and logical operation of a digital service. Designs and

develops the processes of a digital service through its full life cycle

• • Lead and translate security requirements into application design elements including documenting specific security criteria
  • Design advanced audit points into digital services
• Secure development (Relevant skill level: expert). At this level you:
  • Lead the implementation of secure development principles, software and hardware debugging. Guides developers/engineers
  • Develop services by writing advanced programming and scripting language
  • Create and deliver automated assurance against Technical Security guidance and configurations
  • Implement security remediation and performs root cause analysis
  • Lead the development of advanced security audit points in digital services
  • Drive secure coding practices and champions them, including in the engineering community
• Specific security technology and understanding (Relevant skill level: expert). At this level you:
  • Have strong knowledge of system architectures.
  • Are able to understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities.
  • Are acknowledged as an expert by peers in the broader security industry.