IT Cloud & Applications Security Analyst

Job Description

This role is based at the following site;Culham, Oxfordshire.

This role requires employees tocomplete an online Baseline Personnel Security Standard (BPSS) / be eligible for SC Clearance (must have resided in the UK for the last 5 years), including The Disclosure & Barring Service (DBS) checks for criminal convictions.

The Role

Are you looking for an exciting opportunity to make a difference? 

Join us in shaping a secure digital future for sustainable fusion energy.

TheUK Atomic Energy Authority (UKAEA)is a world leader in developing nuclear fusion as a clean and limitless energy source. As part of our mission, we’re building a digitally mature and secure enterprise. This role offers you the opportunity to be at the heart of that transformation.

We’re looking for askilled and ambitious IT Cloud & Applications Security Analystto join ourInformation & Cyber Security Group. If you have experience securing cloud environments and business applications and want to help shape UKAEA’s cyber resilience across M365, Azure, and beyond—this is your next step.

What you’ll be doing:

You’ll play a key role in protecting our hybrid cloud infrastructure, identity services, and SaaS applications. Working closely with engineering and security teams, you will:

• Monitor and respond to security events affecting cloud platforms and applications
• Support the design and implementation of IAM and PAM policies across Entra ID and M365
• Manage posture and compliance monitoring tools (Defender, Intune, Sentinel)
• Support DevSecOps practices in collaboration with platform and application teams
• Help ensure application-level security is embedded across our enterprise stack
• Contribute to audits and assessments aligned to ISO 27001, CAF, and Secure by Design
• Provide input on best practices for cloud security and access management.

Qualifications

Essential

• Atleast a HND in Information Security, Computer Science, or a related STEM field, or equivalent experience. Degree Preferred
• Demonstrable hands-on experience with Microsoft Entra ID (Azure AD), Conditional Access, and Identity Protection.
• Experience administering Microsoft 365 security controls, including Defender for Office 365, Purview, and Intune.
• Understanding of modern authentication protocols (OAuth2.0, SAML, OpenID Connect).
• Familiarity with SaaS security, user lifecycle management, and enterprise access models.
• Working knowledge of security and compliance frameworks such as CAF, ISO 27001, NIST CSF, and GDPR.
• Analytical and investigative skills with the ability to identify risk patterns and remediation actions.
• Experience managing technical controls in cloud-native platforms (Azure, AWS, or GCP).
• Knowledge of Privileged Identity Management (PIM), Just-In-Time (JIT) access, or PAM solutions.
• Experience supporting regulatory audits or security assurance reviews.
• Strong documentation and communication skills to support audits and security reviews.
• Ability to obtain SC-level national security clearance

Desirable

• Certifications such as AZ-500, SC-300, or equivalent.
• Experience with Power Platform, Dataverse, and automation tooling.
• Exposure to DevSecOps practices, CI/CD security, and secure SDLC.
• Familiarity with ITSM workflows and change control procedures.

Additional Information

A full list of our benefits can be found herehttps://careers.ukaea.uk/life-at-ukaea/employee-benefits/

We welcome applications from under-represented groups, particularly individuals from black and other ethnic minority backgrounds, people with disabilities, and women. Our Executive team, supported by our 'Equality, Diversity and Inclusion' (EDI) Partner and Inclusion Ambassadors, actively promotes EDI and takes steps to increase diversity within our organization. We reinforce best practices in recruitment and selection and evaluate approaches to remove barriers to success.

Please note that vacancies are generally advertised for 4 weeks but may close earlier if we receive a large number of applications.