Find The RightJob.
Were responsible for Land Transaction Tax and Landfill Disposals Tax. Our work raises revenue to support public services, like the NHS and schools, in communities across Wales. But thats not all, we're also involved with and support future tax design for Wales.
Join a place with purpose
Youll join a team of 100+ talented people from across 14 different professions. Our culture is best described as innovative, collaborative and kind. By working together, well deliver a fair tax system for Wales.
Our people
Youll be working with people from a wide range of backgrounds and experience. From Operations, Policy, Digital and Data, HR, Communications to Finance theres a place for you in our friendly team.
Youll be our greatest asset
Youll be joining an inclusive organisation and be part of a team where you can thrive, be rewarded and heard.
Were recognised as one of the top organisations for people engagement in the Civil Service People Survey. Inclusion and fairness are one of our strongest areas, as well as pay and benefits our People Survey results say it all!
Were also recognised for being innovative and a digital, cloud-based organisation that supports hybrid and flexible working enabling a great work-life balance.
More about working for us, our roles and our Corporate Plan 2025 - 2028 .
The Cybersecurity Analyst Vulnerabilities Manager is a key member of the WRAs IT Operations & Security team, responsible for the operational security of our cloud‑first digital estate. While this role covers a wide range of cyber responsibilitiesincluding monitoring, incident support, secure configuration, governance input and SOC coordinationit includes lead responsibility for vulnerabilities management, reflecting the WRAs identified security priority area.
As we continue to grow our IT Security team were looking to streamline our vulnerabilities management and curate our threat intelligence sources. If youre up for a challenge helping us improve our security posture and keep our systems secure then please do apply!
"Its a great time to join the WRA, and the Digital team in particular as we look to grow our portfolio of digital Services and produce an Easy, Fair and Sustainable tax system fit for the future.
John Vinall, Head of IT Operations and Security
You will work closely with senior stakeholders, engineers developers, suppliers and the outsourced SOC to detect, assess and remediate threats, ensuring the organisation maintains a secure and resilient environment.
1. Vulnerability & Threat Management (Lead Area)
2. Security Monitoring & Incident Response
3. Secure Configuration & Operational Security
4. Governance, Risk & Compliance Support
5. Stakeholder Engagement & Advisory Duties
6. Continuous Improvement & Team Development
Candidate Information Session
If this seems like a role youd be interested in, join us for our virtual Candidate Information Sessions. Youll meet the Line Manager, get an overview of the role as well a feeling for what its like to work at the WRA. Well also talk through our benefits and provide helpful tips for your application with us. Please register for one of the sessions below:
Register here: 1 July 2026 12.30-13.00pm https://uwchddadansoddwrseiberddiogelwchseniorcybersecurityanalyst1230.eventbrite.co.uk
Register here: 1 July 2026 4.00-4.30pm https://UwchDdadansoddwrSeiberddiogelwchSeniorCyberSecurityAnalyst4pm.eventbrite.co.uk
We recommend you review the job description (or candidate pack) under the 'attachments' section before completing your application
What we offer
Well always be clear about how we assess your application, at each stage of the process. This will usually include:
Were proud to be a Disability Confident Leader so well ask you if you need any adjustments at each stage of the recruitment process. So that we can support you in a way that works for you, well offer a pre-interview accessibility chat to anyone that declares a disability or needs any adjustments. This will take place with someone who is independent of the recruitment process and you wont be placed at any disadvantage as a result of needing adjustments.
A reserve list may be held for this role for applicants that have scored above the appointable threshold at interview. This means that if a similar vacancy becomes available in the next 12 months we may contact you to offer you the role.
We recommend you review the job description (or candidate pack) under the 'attachments' section before completing your application.
Criteria
Assessed in personal statement and CV
Assessed during interview or assessment
Making Effective Decisions
Use evidence and knowledge to support accurate, expert decisions and advice. Carefully consider alternative options, implications and risks of decisions.
Yes
Yes
Managing a Quality Service
Deliver customer and user service objectives with professional excellence, expertise and efficiency, taking account of diverse customer needs. Establish ways to find and respond to feedback about the services provided.
No
Yes
Communicating and Influencing
Communicate purpose and direction with clarity, integrity and enthusiasm. Respect the needs, responses and opinions of others.
Yes
No
Criteria
Assessed in personal statement and CV
Assessed during interview or assessment
Analytical
You seek and analyse information to inform your decisions, based on the best available evidence.
No
Yes
Problem Solver
You take a positive approach to tackling problems and find ways to identify suitable solutions.
No
Yes
Criteria
Assessed in personal statement and CV
Assessed during interview or assessment
Proven experience as a cyber security analyst (or equivalent role) in an enterprise environment.
Yes
No
Practical experience in vulnerability management, including assessing, triaging and prioritising vulnerabilities across varied technology stacks.
No
Yes
Criteria
Assessed in personal statement and CV
Assessed during interview or assessment
Hands‑on experience with security tools such as Microsoft Defender for Cloud, Defender for Endpoint, Secure Score, Sentinel, or equivalent platforms.
Yes
No
Knowledge of Cyber Essentials Plus, IASME, CAF, NIST CSF, ISO 27001/27005 or similar frameworks.
No
Yes
Qualifications
Criteria
Assessed in personal statement and CV
Assessed during interview or assessment
Relevant degree or equivalent experience.
Yes
No
Security certifications (e.g. CISMP, Security+, Azure security certs, ISO 27001 quals) or equivalent experience.
Yes
No
This job is broadly open to the following groups:
Similar jobs
Lloyds Banking Group
Leeds, United Kingdom
12 days ago
Deliveroo
London, United Kingdom
12 days ago
Checkout.com
London, United Kingdom
12 days ago
Natures Way Foods Ltd
Chichester, United Kingdom
12 days ago
NRG
Bolton upon Dearne, United Kingdom
13 days ago
Kainos
United Kingdom
13 days ago
Securitas
Basildon, United Kingdom
15 days ago
© 2026 Qureos. All rights reserved.