Cyber Security Specialist

Cyber Security Specialist - Inside IR35 - Public Sector - Edinburgh (Hybrid)

Day Rate - Market Rates

Duration - 12 months

Harvey Nash's Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.

Key Responsibilities

• Be aware of the current cyber threat landscape and industry best practices and standards.
• Support initial scoping and risk assessment of a change project.
• Interpret security best practice and accreditation requirements to determine security requirements
• Adapt existing cyber security standards and controls to fit specific change projects
• Carry out threat modelling and risk assessments
• Review high- and low-level designs drafted by solution architects.
• Maintain a security design assessment for new services
• Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
• Plan and co-ordinate independent pen testing
• Provide recommendations for stage gating and go live decisions
• Own completion and accuracy of all security related product delivery evidence
• Provide recommendations for SecOps processes and automation for new systems

Technical scope

• Security products (email filtering, AV, firewalls, WAFs, MS Defender)
• Security Testing (SAST, DAST)
• Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
• Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
• Application platforms (MS Dynamics, Power Platform)
• Cloud platforms (Azure)

Skills Required

• Security and Risk assessment
• In depth understanding of and experience with enterprise scale digital service provision
• Demonstrable recent record making security contribution during the development of a new digital service
• Ability to work well in an agile project team with internal colleagues and suppliers
• Ability to self-start, accept ownership and see through security aspects of project start to finish
• Ability to share knowledge and experience with colleagues and effectively hand over to SecOps

Desirable Skills

• Experience with MS Dynamics, Power Platform and Azure
• Experience managing independent testing (scope, pre-test config, triage findings)
• Experience with MCSE Certified or equivalent experience
• ITIL certification

Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.

To
From
Record Yes No

Always use these settings